[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?



On Sat, Jan 29, 2011 at 07:46:20PM +0100, Jan Weiher wrote:
> Hi,
> 
> while scrolling through the tor status page (torstatus.blutmagie.de), I
> stumpled upon the following node (the reason why it came to my eye was
> the long uptime):
> 
> gatereloaded 550C C972 4FA7 7C7F 9260 B939 89D2 2A70 654D 3B92
> 
> This node looks suspicious to me, because there is no contact info given
> and the exit policy allows only unencrypted traffic:
> 
> reject 0.0.0.0/8:*
> reject 169.254.0.0/16:*
> reject 127.0.0.0/8:*
> reject 192.168.0.0/16:*
> reject 10.0.0.0/8:*
> reject 172.16.0.0/12:*
> reject 194.154.227.109:*
> accept *:21
> accept *:80
> accept *:110
> accept *:143
> reject *:*
> 
> Am I missing something? I'm wondering why the status page lists this
> node as non-exit, because it clearly allows outgoing traffic on ports
> 21,80,110 and 143?
> I'm aware of the fact that it is not recommended to use tor without
> additional encryption, but some users do. And I dont see any reason for
> only allowing unencrypted traffic than snooping?
> Can anyone clearify this? If the admin of this node is on the list,
> would he please explain this situation?
> 
> best regards,
> Jan
> ***********************************************************************
> To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

I don't see why any of this really matters. Anyone running tor should have 
the good sense to realize that if you login to webmail.example.com over 
plaintext then the node operator could grab your details. It states this 
repeatedly on torproject IIRC. Furthermore anything really important like 
financial logins are typically done over SSL anyway. If some guy gets his 
facebook account hijacked because he didn't read the FAQ I don't see the 
issue. Just my measly two cents.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/