[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Suggestion: Many OR-ports would improve the network
On Fri, 15 Jun 2007, vikingserver@xxxxxxxxx wrote:
Decentralized popular P2P with a wide variety of ports and
"hubs/nodes/servers" are more successfull then Tor at helping persons in
oppressed countries.
Let me ask a different question[0] - how do you think that "decentralized
popular P2P" helps people in oppressed countries?
Tor has to become better in order to allow users in the whole world to
reach every website in the world. But perhaps the goals is just to allow
traffic in the western world from non restrictive networks?
I think you're mistaking my question here :) There needs to be a balance
between privacy and freedom of access; A piece of software that circumvents
any security checks that I've got in my environment is a great conduit
for incidents like the following[1]:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxo
nomyName=security&articleId=9024491
By Jaikumar Vijayan
June 12, 2007
Computerworld
A Pfizer Inc. employee who installed unauthorized file-sharing software
on a company laptop provided for use at her home has exposed the Social
Security numbers and other personal data belonging to about 17,000
current and former employees at the drug maker.
Of that group, about 15,700 individuals actually had their data accessed
and copied by an unknown number of persons on a peer-to-peer network,
the company said in letters sent to affected employees and to state
attorneys general alerting them of the breach.
I'd like to see some discussion around how privacy is preserved, and how
Tor continues to be a Good Thing (tm) for those of us that are in the
position of justifying why Tor should be allowed -for business reasons-,
rather than feel good reasons.
cheers!
[0] Yes, seriously - I don't know what your definition of "help" is...
[1] I'm aware that Tor isn't p2p file sharing software - but when Tor
takes on similar characteristics to p2p software, the results from the
point of view of many infosec folk aren't that different.
Cat Okita skrev:
On Thu, 14 Jun 2007, Nick Mathewson wrote:
On Sat, Jun 09, 2007 at 03:28:09PM +0200, vikingserver@xxxxxxxxx wrote:
Is there a plan for TOR servers to be able to announce several OR-ports
and DIR-ports?
There sorta is. It's been a "nice-to-have" for a while, and I think
it's a good idea. Somebody should specify and implement it. If
there's a decent spec and patch on an 0.2.0.x timeframe, I'd love to
check it in.
Here's what would need to be in the proposal:
- Some way to configure which address:port combinations to listen
on, and/or which to advertise.
I'd also like to see some discussion of the effect this is likely to have
in environments that need to ban or limit Tor. Speaking only for
myself, in an environment where I need to keep a lid on Tor usage,
having to chase port settings around makes it more likely that I'm
going to
move from limiting Tor to just plain banning it.
cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet. This is the defining metaphor of my life right now."
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet. This is the defining metaphor of my life right now."