Avoid using OVH, Hetzner or Scaleway for your Tor relay
Published: 13th of June 2020
You as someone who may look at starting their own Tor relay will have noticed that some web hosts provide high bandwidth VPSs for very little money. Seeing this, you are thinking to yourself "fantastic, these offers will allow me to afford to provide more bandwidth to the Tor network".
This article will go over why you should not choose these hosting providers for your Tor relay and will provide tips on how to find alternative ones;
What is so bad with OVH, Hetzner or Scaleway?
When looking at reviews, you will often find these cheap hosts spoken about positively. The problem is that what is good for the average Joe, may not be good for a network whose goals it is to keep its users as anonymous as possible.
The problem is that these cheap prices have led to the mentioned web hosts becoming favoured by Tor relay operators. Having so many Tor relays on so-few networks has potential to cause a variety of problems for Tor users, including;
Vulnerability to Governmental Pressure
The most common countries for Tor relays are Germany and France. These two countries are known to work with each other on the EU level.
This is a massive problem because these two governments are very anti-anonymity with Germany raiding Tor relay operators [1,2] and France once wanted to ban Tor, in response to the 2015 Paris terrorist attacks even though the terrorists used un-encrypted SMS text messages to communicate.
With it being so well known that these governments hate Tor, how could you trust them not to pass a law limiting the usefulness or banning Tor outright?
Easier for spy agencies to spy on Tor users
Because of cost reasons, it is very common to use a VPS. The problem is that the web host has very easy access to a customer VPS from the node as even if you are using a KVM VPS with disk encryption, the host could just run an RAM dump and take your private keys.
When you have just a few hosts hosting much of the Tor network, spy agencies could just force the web hosts to provide access to the nodes, where they could just dump the keys and install a compromised Tor programme on your VPS.
That does not even go into how much easier having so few networks control so much of the Tor network makes it for spy agencies to do traffic correlation attack to deanonymise Tor users.
One network in particular would make easy pickings for spy agencies and that is OVH, who have many of both guards and exit nodes on their networks as well as numerous /16 IPV4 spaces. This increases the risk that someone enters and exits the Tor network through an OVH server.
Risk of providers banning Tor Relays, leading to an enormous loss of capacity
On the 29th July 2013, The CEO of OVH announced it would ban Tor nodes from its network. He cited the fact that OVH had to deal with many legal matters caused by nodes in relation to "pedo" cases.
Even though OVH would re-allow Tor, it shows that even the biggest could ban Tor at any time. If they decided again to ban Tor, then the network would lose its biggest exit node provider.