[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: New Tor distribution for testing: Tor Browser Bundle



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I have to disagree with setting any options by default like that. The
concept behind PortableTor as I wrote it was to let the end user have the
right to decide what to do.. don't force anything on them! I think this
concept should be relevant to all bundles.. don't force users to become
nodes, because you have those out there that possibly don't want to be,
plus in my opinion it hurts the usefulness of the package to have that
automatically on.

As someone mentioned earlier, a portable tor approach is useful for the
client, not necessarily the server end. You can cause a lot of server
identity problems if you log on as a tor server just to check your email
for 5 minutes.

Let the end user decide what they want their software to do.

On a more positive note, congrats on bringing up a new system :)

- --
Steve Morley
http://silivrenion.com
PGP Key 0x6F0A7BDE

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.7.1 (Build 1503) - not licensed for commercial use: www.pgp.com
Charset: utf-8

wsBVAwUBR6aWCAQuIIFvCnveAQhAaAf8DNTFYYkmdyAqMeammQ2+QFm6AWhy1Jj3
Gi7FKh/2lqKfKwDdr5mL6Vlhze7mvawPv7yYqi/z2hcGLjG8YYNqDg4gZcx85ncj
I6xEpnNQlTzp5LdG2sqfgADJsYMyoJ4RIg4JyrSqQ6f7R3NVZIYbyUu7KZi4zOqs
KCWXQUsGI8tkCpCBUxT6pLPeq/sqXMud4+QkMT7smkcSyF3tUX5ppptDeBe0SI1v
ZHREHzvIICUxM0eXXu2BBqkaG/Pn9t6diHy62TobWE+H+JgFUbUcLt8XNY4MmcjK
BWNCleLKicjawGz5UbXKmuRXYSJ0AbBPmXt7j95jE4WqQVvBxiRcTQ==
=p4vu
-----END PGP SIGNATURE-----


On Feb 3, 2008 9:34 PM, Steven J. Murdoch <tortalk+Steven.Murdoch@xxxxxxxxxxxx> wrote:
On Sun, Feb 03, 2008 at 10:19:54PM +0100, Michael Schmidt wrote:
> Steven, i suggest to make it hardcoded default and a Must, that each user,
> using this browser, is as well running an tor **exit** node,
> tit for tat. like emule partials: upload is a MUST.

I don't think this is likely in the near future. One of the important
target classes of users is people who are at risk of persecution by
their government and want to keep a low profile. Many of these users
are also not fully computer literate and there may not be fully
translated Tor documentation in their language.

The goals of the bundle include being easy to set up and to leave
limited traces (both are still being worked on). In this scenario, to
broadcast the fact that someone is using Tor is in my opinion an
unacceptable risk. There would need to be some way to protect these
users before mandatory server operation is the standard.