does anyone here have experience hosting a Signal proxy and/or a Tor relay? there’s a blog post on signal.org asking for folks to help, and i can but i don’t know enough about network security to feel safe/confident doing some of this stuff. same with Tor - i’ve always wanted to host an exit relay (and in fact have this whole long theory about how every public library in the US should host an exit relay, but that’s for another post someday maybe).
do any of you have experience with doing this? what kind of best practices would you recommend? any good resources on protecting your network that you might point me to? i will be getting my Net+ cert within the next year but for now i am starting from “enthusiastic beginner” and want to be helpful, but careful.
tor exit node is not a popular customer, it will be source of lot of illegal activity and complains and unless you have REALLY good relationship with your provider, he will sooner or later decide it is not worth the headache and show you the door.
100x this. 10+ years ago while working in IT at a university I experimented with running a Tor exit node briefly. It only took about a day for the IT security team to ask me about it and requested it be shut down due to all the malicious traffic.
Hosting a signal proxy is probably not a big deal if you don’t plan to ever travel to countries that have blocked Signal, but I would strongly advise against hosting a Tor exit node as a private individual. Tor is used for criminal activities all the time, and unless you have plausible deniability as an organization (and a good lawyer), it will be blamed on you personally.
maybe i can incorporate a 501c(3) and run it as an NGO, ha! but, seriously, fair point. i have heard both horror stories (SWAT teams bursting in in the middle of the night, etc) and bore-er stories (ran an exit node for 3 years, nothing ever happened). i guess i’m worried, and that worry maybe implies that i should not do it just yet. Signal proxy might be the way to go.
I’ve skimmed over the blog post briefly - the post itself has nothing, but the link in it to the git repo has a (what appears to me) very straightforward set of instructions.
Text is difficult, I don’t mean to be an ass; I don’t want to spell it out for anyone, either. Part of magic dies that way :)
Let me know if there’s any step you need a hand with.
yes, the instructions are definitely doable - i am just wondering if there are recommended home network hardening steps that one might recommend. honestly, my worry is probably more related to the Tor exit relay. i really want to do one, but i also do not want legal trouble. maybe i’ll start with a bridge, sigh. but thank you! no worry about tone, text is tough.
You don’t have to be an exit node to help; Have a look at setting up a Tor Snowflake proxy. I haven’t looked at Signal proxy, but I’ll check out that blog post.
Signal Proxy is fine, and it’s helpful for people who live in countries that block Signal. I ran it during Iran revolution. It’s only a nginx forward proxy.
Tor exit relay is a big no-no since you may expose yourself to illegal content. But you can run a relay without it being an exit node.
If only the Signal Foundation made it as easy to set up a Signal server and connect Signal clients to it.
As someone who’s had the FBI serve a subpoena their information regarding activity on a non-exit TOR relay, there’s no way on this planet I’d ever run an exit node, unless I were independently wealthy and could afford a lawyer to deal with the fallout.
I got lucky that the request went to my employer, who knew who I was (obviously) and that I wasn’t doing stupid shit, and it never went further than that, but good lord do I never, ever, want to be of interest to the FBI again, even though literally nothing meaningful happened other than me shitting myself for a few months.