binding a socket for 220.127.116.11 to learn our interface address is freaking out users
People who use little snitch on OS X are being told that their Tor mysteriously sends udp packets to 18.104.22.168 on startup.
This is false -- no packets are sent. grep for 22.214.171.124 in src/common/address.c to learn what's going on.
But the number of reports from users is increasing. I imagine they think it looks like spyware behavior -- sekrit undocumented spyware behavior, too.
We should explore other ways to learn the user's interface address that don't trigger software like little snitch.