[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Thoughts on IRC.

Thus spake Jack Cummings (jack@xxxxxxxxxxxx):

> Upon furthur reflection, I think it may be better to set up an IRC
> server (perhaps linked to an IRC network) as a hidden service, instead
> of explicitly allowing IRC traffic via an exit policy. 
> The problems:

A couple more:

 -1) This really doesn't solve the problem from the IRC admin's
perspective. I'm assuming in this case you mean the hidden IRC server
would be linked into the EFnet network or something. In this case, the
other EFnet IRC ops having problems with network-wide abuse that's
eminating from the hidden server will have no choice but to unlink the
hidden service IRC server.

  0) It is a temporary solution. Even a single IRC service may have
problems with abuse. Obviously the attackers already know how to use
IRC through tor. As soon as either tsocks supports SOCKS 4A or the
addressmap feature exists, the barrier to entry is removed.

> 1) Someone needs to set up and advertise an IRC server as a hidden
> service. 
> 2) The TOR address of the IRC server needs to be published. 
> 3) To use this service, you need to figure out how to make an IRC client
> work through SOCKS. 

  4) It has dangerous consequences in that it sends the message that
it is OK to blacklist tor servers. An alternate solution must be
found sooner rather than later. 

You might claim that a stop gap solution might enable more time for a
proper IRC solution to be made while still allowing people to use tor
for IRC.

My feeling is, however, that if people are using tor to IRC, they're likely
not working on a solution to the tor/IRC problem :)

Mike Perry
Mad Computer Scientist
fscked.org evil labs