The developers of the anonymous network Tor have warned of a major site cleanup using outdated software, which is no longer supported. On October 8, around 800 obsolete nodes were crashed operating in relay mode (in total, the network Tor has more than 6,000 nodes of this type).
Blocking This was accomplished by putting the directory servers on a blacklist of problematic nodes. This is expected to exclude the network of nodes not updated later. While for the next stable version of Tor, which is scheduled for November, it will have an option that by default rejects connections to nodes that use versions of Tor whose maintenance has expired.
In the announcement they comment that:
These nodes run versions of Tor software dating back to the 0.2.4.x series, which was released on December 10, 2013. Other next-generation relays are running our latest code in night versions and alpha versions.
These relay versions represent approximately 5 years of Tor development. There are a total of 85 different versions of Tor, from alpha to stable, in use by relays today.
Maintaining these versions means that the Network Team intends to fix significant stability issues, security vulnerabilities, and portability regressions. We can also fix smaller bugs that significantly affect the user experience.
With this they inform us that such a change will allow the network to be improved in the future, as the support for the following versions is no longer automatically excluded from the network nodes that did not switch to the latest software in time.
For example, currently, even nodes with Tor 0.2.4.x, which was launched in 2013, are still on the Tor network, even though support for the 0.2.9 LTS branch is still ongoing.
Obsolete system operators were notified of the planned blockade in September via mailing lists and by sending individual alerts to the contact addresses specified in the ContactInfo field.
After the warning, the number of outdated nodes decreased from 1276 to about 800.
According to preliminary estimates, currently approximately 12% of the traffic passes through obsolete nodes, most of which are connected to the transit transmission; the share of out-of-date exit node traffic is only 1,68% (62 nodes).
Removal of outdated nodes from the network is predicted to slightly affect the size of the network and will lead to a slight sag in the charts reflecting the state of the anonymous network.
The presence in the network of nodes with outdated software adversely affects stability and creates additional risks of security breaches.
If the administrator does not monitor Tor updates, then they probably neglect the system update and other server applications, increasing the risk of taking control of the node as a result of targeted attacks.
We expect our next stable version of Tor (around November 2019) to contain a software change that will reject end-of-life relays by default. Until then, we will reject around 800 obsolete relays using your fingerprints.
Obsolete bridges will not yet be rejected; they will be rejected later in 2019, when we implement the Tor software change.
In addition, the presence of nodes with discontinued versions interferes with the correction of important errors, prevents the spread of new protocol features and reduces network efficiency.
For example, undeveloped nodes showing an HSv3 processor error cause increased delays during the passage of user traffic through them and increase the overall load on the network due to clients sending repeated requests after HSv3 connection processing failures.
Finally, if you want to know more about the statement by the people of Tor, you can do it at the following link.