[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: New Tor distribution for testing: Tor Browser Bundle

Hash: SHA256

I have to disagree with setting any options by default like that. The
concept behind PortableTor as I wrote it was to let the end user have the
right to decide what to do.. don't force anything on them! I think this
concept should be relevant to all bundles.. don't force users to become
nodes, because you have those out there that possibly don't want to be,
plus in my opinion it hurts the usefulness of the package to have that
automatically on.

As someone mentioned earlier, a portable tor approach is useful for the
client, not necessarily the server end. You can cause a lot of server
identity problems if you log on as a tor server just to check your email
for 5 minutes.

Let the end user decide what they want their software to do.

On a more positive note, congrats on bringing up a new system :)

- --
Steve Morley
PGP Key 0x6F0A7BDE

Version: PGP Desktop 9.7.1 (Build 1503) - not licensed for commercial use: www.pgp.com
Charset: utf-8


On Feb 3, 2008 9:34 PM, Steven J. Murdoch <tortalk+Steven.Murdoch@xxxxxxxxxxxx> wrote:
On Sun, Feb 03, 2008 at 10:19:54PM +0100, Michael Schmidt wrote:
> Steven, i suggest to make it hardcoded default and a Must, that each user,
> using this browser, is as well running an tor **exit** node,
> tit for tat. like emule partials: upload is a MUST.

I don't think this is likely in the near future. One of the important
target classes of users is people who are at risk of persecution by
their government and want to keep a low profile. Many of these users
are also not fully computer literate and there may not be fully
translated Tor documentation in their language.

The goals of the bundle include being easy to set up and to leave
limited traces (both are still being worked on). In this scenario, to
broadcast the fact that someone is using Tor is in my opinion an
unacceptable risk. There would need to be some way to protect these
users before mandatory server operation is the standard.