[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Hidden service policies

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Hidden service policies
From: Mike Hearn <mike@xxxxxxxxxx>
Date: Mon, 21 Jul 2014 11:48:37 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 21 Jul 2014 05:48:49 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=W2mxnZaKp4rojXBtFo8581GMeVCRPs85kk/I+Bkup7A=; b=oAb+7b2ay+Tidtj6jF7gS4AalrEznhSD37abb4GIlpWKRElJqNKT9spz0kCzXQoCRF Ieejv7dNkAbr/1vbx8grpBlfaD6IK1kli85TigVbRpc0sV9QvHslkxmo83JpC745zDlK BZ+cE0r5x5rMKb7MzUTyaJzYZkXTqn53f5RwnmGRmOay7hJlBFPE8DC+U3aSPGiZmpYa gyHh9A0hCInxchl4wQQqUN55rx6cAXiK8VtlNnAaSVhZIpRhrN295w9AMc9+fT78HquX CyNNzkr+/E8WOcSb+j4+9Kd6FrJSOofMoxuKDAp4b95SXLUfzv0C0ZwUydHYrqpDOjO/ cerA==
In-reply-to: <CA+cU71kfSDj=o6Xtfk2rdx6vDDLNGvcND3Udr6BpVZQrqr9TaQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CANEZrP2jriLF-mXYTg=B5kjJ2_PPOzNOZVrnRXc_T1gH7pA1MQ@xxxxxxxxxxxxxx> <CA+cU71kfSDj=o6Xtfk2rdx6vDDLNGvcND3Udr6BpVZQrqr9TaQ@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

One of my first concerns would be that this would build in a very easy
way for a government (probably the US government) to compel Tor to add
in a line of code that says "If it's this hidden service key, block
access."

And people who run Tor could easily take it out again, what with it being open source and all.

Â

After all - it's a stretch to say "You must modify your software to
support blocking things"[0]

I don't believe it's a stretch. If I did, perhaps I wouldn't bring the topic up.

Judges and lawmakers care very little about the (in their eyes) minor distinction between "the code to do this wasn't written yet" and "the code to do this wasn't configured yet". For example, look at the EU right to be forgotten ruling. The fact that no infrastructure existed to sift through tens of thousands of vague requests for search results to be removed didn't faze the court one bit, nor did the massive size of the project that resulted. They simply interpreted the (vague, poor) law put in front of them.

Regardless, even if there is such a difference, jurisdiction would still have the same effect as today. If there's even one relay that supports introductions to a HS then the protocol would still technically work, but operators in regions where the government proved unfavourable would be protected and still able to operate.Â

Additionally, in the absence of government coercion, the Tor relay community would then be able to collectively decide if they really want to pay for the privilege of giving bandwidth to botnet and ransomware operators.

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Hidden service policies
  - From: Ted Smith

References:
- [tor-dev] Hidden service policies
  - From: Mike Hearn
- Re: [tor-dev] Hidden service policies
  - From: Tom Ritter

Prev by Author: Re: [tor-dev] Hidden service policies
Next by Author: Re: [tor-dev] [tor-relays] Hidden service policies
Previous by thread: Re: [tor-dev] Hidden service policies
Next by thread: Re: [tor-dev] Hidden service policies
Index(es):
- Author
- Thread