As far as I can tell, this would work, and you could do it without any
changes to the Tor network. Just set up a hidden service where the
service is an open proxy.
It wouldn't be transparent to clients, however - they'd need to do some
proxychains-style juggling to connect to their local onion proxy, then
connect through that to your hidden service, then connect through that
to the internet. You could of course create a library to do the extra
work on the client side - but the point is, it wouldn't work for
unmodified clients.
But perhaps the bigger problem with hidden exit nodes is that when
someone does something illegal through your exit node and the police
come to your door, you can't point to the public list of exit nodes and
say "It wasn't me, I'm just an exit node". The best you can do is point
to the hidden exit nodes library and say "It might not have been me,
anyone could be an exit node".
Cheers,
Michael
On 25/02/16 22:06, blacklight . wrote:
> About the issue of exit nodes needing to know to which bridge they need
> to connect to, could we not make a system that similair to hidden
> services, so that the nodes can connect to them without knowing the
> actulle ip adress? If we could design an automatic system in which flash
> proxies could be configered like that, then it might work i think, what
> are your thoughts?
>
> Op 25 feb. 2016 22:37 schreef "Thom Wiggers" <torlists@xxxxxxxxxxxxxx
> <mailto:torlists@xxxxxxxxxxxxxx>>:
>>Â Â Âtor-dev@xxxxxxxxxxxxxxxxxxxx <mailto:tor-dev@xxxxxxxxxxxxxxxxxxxx>>
>Â Â ÂYou may be interested in the following from the FAQ:
>
>Â Â Âhttps://www.torproject.org/docs/faq.html.en#HideExits
>
>Â Â ÂYou should hide the list of Tor relays, so people can't block the exits.
>
>Â Â ÂThere are a few reasons we don't:
>
>Â Â Âa) We can't help but make the information available, since Tor
>Â Â Âclients need to use it to pick their paths. So if the "blockers"
>Â Â Âwant it, they can get it anyway. Further, even if we didn't tell
>Â Â Âclients about the list of relays directly, somebody could still make
>Â Â Âa lot of connections through Tor to a test site and build a list of
>Â Â Âthe addresses they see.
>Â Â Âb) If people want to block us, we believe that they should be
>Â Â Âallowed to do so. Obviously, we would prefer for everybody to allow
>Â Â ÂTor users to connect to them, but people have the right to decide
>Â Â Âwho their services should allow connections from, and if they want
>Â Â Âto block anonymous users, they can.
>Â Â Âc) Being blockable also has tactical advantages: it may be a
>Â Â Âpersuasive response to website maintainers who feel threatened by
>Â Â ÂTor. Giving them the option may inspire them to stop and think about
>Â Â Âwhether they really want to eliminate private access to their
>Â Â Âsystem, and if not, what other options they might have. The time
>Â Â Âthey might otherwise have spent blocking Tor, they may instead spend
>Â Â Ârethinking their overall approach to privacy and anonymity.
>
>Â Â ÂOn 25/02/16 20:04, blacklight . wrote:
>>Â Â Âhello there! i don't know if this mailing list works but i thought
>>Â Â Âof giving it a try.
>>
>>Â Â Âi was lately reading an article
>>Â Â Â(http://www.pcworld.com/article/3037180/security/tor-users-increasingly-treated-like-second-class-web-citizens.html)
>>Â Â Â and it was about tor users getting blocked from accessing alot of
>>Â Â Âwebsite. but after giving this some thought i think i came up with
>>Â Â Âa possible solution to the problem :there is a thing called
>>Â Â Âbridges, they are used to access the tor network without your isp
>>Â Â Âknowing that you use tor, but if you can use those proxies to
>>Â Â Âenter the network, it might also be possible to exit the network
>>Â Â Âwith them. But then we face a second challenge, the exit nodes
>>Â Â Âhave to be configured in such a way that it will relay traffic to
>>Â Â Âsuch a bridge, so the exit node owners also need to know the ip of
>>Â Â Âthe bridge. While this doesn't seem difficult to do, it can become
>>Â Â Âdifficult. You see if the bridges are published on a public
>>Â Â Âlist(like normal bridges are) then the blocking sites in question
>>Â Â Âwill be able to block those address too. While this also posses a
>>Â Â Âproblem, a possible solution could be found in something called
>>Â Â Âflashproxies, flashproxies are bridges with a really short life
>>Â Â Âspan, they are created and destroyed fairly swiftly, when this is
>>Â Â Âdone in a rapid pace, they become really hard to block because the
>>Â Â Âip changes all the time. So if the exit nodes can be configured to
>>Â Â Âmake use of such flash proxies, then the problem could be solved.
>>Â Â ÂI Must admit that not an expert on this or anything, and it needs
>>Â Â Âalot of more thought, but it could work.ï so i was wondering if
>>Â Â Âthere are any experts who could help me with thinking out this
>>Â Â Âsubject and maybe confirm if this idea could work.
>>
>>
>>Â Â Âgreetings, blacklight
>>
>>
>>Â Â Â_______________________________________________
>>Â Â Âtor-dev mailing list
>>Â Â Âhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
>
>Â Â Â_______________________________________________
>Â Â Âtor-dev mailing list
>Â Â Âtor-dev@xxxxxxxxxxxxxxxxxxxx <mailto:tor-dev@xxxxxxxxxxxxxxxxxxxx>
>Â Â Âhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
>
>
> _______________________________________________
> tor-dev mailing list
> tor-dev@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev