[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] clean up the "i want to ban tor" faq entry
Update of /home2/or/cvsroot/website/en
In directory moria:/home/arma/work/onion/cvs/website/en
Modified Files:
faq-abuse.wml
Log Message:
clean up the 'i want to ban tor' faq entry
Index: faq-abuse.wml
===================================================================
RCS file: /home2/or/cvsroot/website/en/faq-abuse.wml,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -p -d -r1.6 -r1.7
--- faq-abuse.wml 21 Feb 2006 05:42:06 -0000 1.6
+++ faq-abuse.wml 26 May 2006 16:46:51 -0000 1.7
@@ -239,18 +239,33 @@ them and explain about Tor and Tor's exi
<a id="Bans"></a>
<h3><a class="anchor" href="#Bans">I want to ban the Tor network from my service.</a></h3>
+<p>We're sorry to hear that. There are some situations where it makes
+sense to block anonymous users for an Internet service. But in many
+cases, there are easier solutions that can solve your problem while
+still allowing users to access your website securely.</p>
+
<p>First, ask yourself if there's a way to do application-level decisions
to separate the legitimate users from the jerks. For example, you might
have certain areas of the site, or certain privileges like posting,
-available only to people who are registered. You could set up this
-distinction only for certain IP addresses such as Tor exit nodes. This
-way you can have multi-tiered access and not have to ban everything. </p>
+available only to people who are registered. It's easy to build an
+up-to-date list of Tor IP addresses that allow connections to your
+service, so you could set up this distinction only for Tor users. This
+way you can have multi-tiered access and not have to ban every aspect
+of your service. </p>
-<p>Second, consider that thousands of people use Tor every day to protect
-against data-gathering corporations like Doubleclick while going about
-their normal activities. Others use Tor because it's their only
-way to get past the restrictive firewalls at their school or other
-organization. Some Tor users may be legitimately connecting
+<p>For example, the <a
+href="http://freenode.net/policy.shtml#tor">Freenode IRC network</a>
+had a problem with a coordinated group of abusers joining channels and
+subtly taking over the conversation; but when they labelled all users
+coming from Tor nodes as "anonymous users," removing the ability of the
+abusers to blend in, the abusers moved back to using their open proxies
+and bot networks. </p>
+
+<p>Second, consider that thousands of people use Tor every day simply for
+good data hygiene — for example, to protect against data-gathering
+advertising companies while going about their normal activities. Others
+use Tor because it's their only way to get past restrictive local
+firewalls. Some Tor users may be legitimately connecting
to your service right now to carry on normal activities. You need to
decide whether banning the Tor network is worth losing the contributions
of these users, as well as potential future legitimate users. </p>
@@ -259,10 +274,10 @@ of these users, as well as potential fut
services that aggregate many users behind a few IP addresses. Tor is
not so different from AOL in this respect.</p>
-<p>Lastly, please remember that Tor servers have individual exit
-policies. Many Tor servers do not allow exiting connections at
-all. Many of those that do allow some exit connections might already
-disallow connections to
+<p>Lastly, please remember that Tor servers have <a
+href="#ExitPolicies">individual exit policies</a>. Many Tor servers do
+not allow exiting connections at all. Many of those that do allow some
+exit connections might already disallow connections to
your service. When you go about banning nodes, you should parse the
exit policies and only block the ones that allow these connections;
and you should keep in mind that exit policies can change (as well as