[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Tapping/logging for research [was: media]



On Fri, Oct 3, 2014 at 9:18 AM, Lunar <lunar@xxxxxxxxxxxxxx> wrote:
> Derric Atzrott:
>> There are some strong ethical questions in logging all traffic from a
>> relay, but I can't see any other way to get this sort of data.
>
> The answer to the ethical question is simple: this is plain wrong. You
> don't spy on people.

There's a difference between various depths of research you might
conduct and present:
- This week saw b-traffic in n-sessions to google, facebook, tor2web.
- This week there were 25000 unencrypted POP3 sessions, 20 http, 50 ssh, etc.
- This week there were 25000 unencrypted POP3 sessions to yahoo.
- 10000 from user 0000001@yahoo, 10000 from 0000002, 5000 from 0000003.
- 10000 from USER bob@yahoo, 10000 from mary, 5000 from john.
- Hey look, mary's cheating on bob with john.

At conduction, the last three could be a problem for you and users.
At presentation, only the last two.
The sites and ISP already know exit the hits came from so that's
of no issue to users.

There's a spectrum, so you can't just throw out blanket ethic/legal
over all exit research work.

https://www.youtube.com/results?search_query=netflow+analysis
http://www.alexa.com/topsites
http://www.clamav.net/
https://www.bro.org/

Reminds me, I need to buy more splitters...

> But there's also a legal aspect to it: in many jurisdictions, as soon as
> you start looking at the traffic, you become liable for it.

Looking agnostic is one thing, probably more likely to burn your
eyes out than get legal'd for it. Talking/using [with intent] is another
thing. And of course filtering causes problems when filters fail,
endorsement is pointed at you, you look stupid, or promulgate
police states.

http://www.netnanny.com/
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk