[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] CloudFlare



> My opinion is ... implement [local] policy ...

Of course... other than following the letter of law for its own
good, a service is free to do as it wishes. Some services choose
the nanny/block role. Others see value or less legal risk by taking
a hands off position.

> services who do not take bribes from Russian officials

I didn't know Russian officials handed out money to services.
Time to start some services in Russia :)

> anonymizing services ... do not monitor ... take no steps ...
> hacking, cracking, scraping, trolling, spamming...
> doesn't get pulled... Can you even imagine such a thing?!?!

Some of them even have that as their advertised featureset, as their
paid/unpaid contract with their users, all this fully within
applicable law.

And here we are alongside EFF and many others fighting for those
same services, open wifi and other's right to even exist.

Can anyone imagine a world where users are in control of their own
privacy and data, can speak freely, securely and directly amongst
themselves and can utilize services without undue regard to where
they are, who they are, or who came before?

> hosting to ... all sorts of other businesses that make a living
> ... seo, copyright, reputation, scraping

We're talking about end users using Tor to access services, not
warfare between businesses :)

> cancelled you for reasons ... tell you which policy you violated

We'd all say that 'for cause' behaviour may and probably should get
a user of a service cancelled according to the policy of the service.

This particular service had no published policy against using Tor
and no 'for cause' behavior existed. The test account just vanished
without telling. Admittedly I moved to other tasks and did not
bother inquiring.

> If this was a free ... service, it seems to me you have no recourse.
> On the other hand, you also haven't been injured. Just find another
> service.

I disagree with the notion that blocking causes no injury towards
users. The internet may be big, but there are very few truly large
social services on it. Whether we like or admit it or not, those
services are a part of society, even growing as society develops
to the point of being expected and necessary. When they block users
without individual cause, they deny them the right to participate
in that part of society. We may be reaching the point that if I
were a giant US based service and decided to block all of California
because there are some bad people there, I might well be facing a
civil lawsuit, and for good reason. I'd certainly be subject to bad
review, upstart competition and a fleeing userbase. Which might all
seem to nullify my action, but woes for the time lag needed for
that to happen with giant services. During that time, I've caused
injury to a whole swath of people.

> employer's [and ISP's and so forth] snooping

Some employers allow use of the net for non-work things. That doesn't
mean a user should trust them, their staff or their non snooping
policy, which if you read it is probably riddled with holes anyways.
Of course if the user doesn't want to invite trouble from their use
they should work within the rules provided to address their needs.

> Or maybe what they should do is block TOR entirely

With dating sites, or really, we can broaden this to include any
social service where humans interact and can potentially yield
the various misdeeds as found in society at large...

We all know there are hazards out there, both online and off...
financial, personal, physical, and so on. And some very serious
ones at that. We also now know as individuals a bit about how to
evaluate online risks. And as humans, we have always known pretty
well how to avoid at least physical risks in the real world.

Yes, it's perhaps a bit troubling that some services are very much
hands off. And equally troubling that others nanny/block behind the
scenes, and even avoid educating users about or mentioning risk...
perhaps partly in order to present a field of flowers to naieve
masses so they can market share and otherwise profit from them.
Which one is more wrong? Which service, no matter how well done,
truly matters after the jump to real world? Which one should the
user trust or question... the one that claims to protect them, or
the one that leaves that important business up to them?

Regardless of where a service falls on the policy continuum, it's
not good that some people use tools for bad things. Except for after
the fact, we don't have a good answer for that and never will. I
realize I may be eaten alive by some hungry lunatic today :) Yet I
won't vote for police protectors on every block or hire my own
security force. I balance and accept those risks as my better price
for freedom. Everything is a balancing act and the good has
historically far outweighed the bad. Therefore many of us try to
maintain user's freedom to manage their own affairs, have access
to services large and small (with HTTPS and Tor), and put up with
a little spam in our so found tiramisu :)


Perhaps a good example for those leaning on IP based blocking is
OnionLand's own Hidden Services. Excepting the illegal which clearnet
cannot permit, there are some otherwise legal and successful services
out there in the areas of social, finance, blog, data, hosting and
more. The only transport level blocks available are the equivalent
of user account keys, not IP blocks.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk