[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?

On Thu, 10 Feb 2011, Mike Perry wrote:

Exit policy is currently at the operator's pleasure, need and design.
If exit policy mandates will help solve some Tor scalability or
attack vector issues, in a substantive way, from an engineering
standpoint, fine. But please, don't claim it makes users any more
'safe' from sniffing.

I've already addressed the rest of your points.  For the record,
you're just strawmanning here. I never made the claim this was safer.

I cited several engineering reasosn why this type of exit policy
is a pain for us.

I think these reasons should be worked around or ignored.

I think you, and others on that side of this argument have a very, very myopic view of the constraints and non-technical decisions that go into running a particular node - exit or not.

Rich white people in the north can just trade some dollars for co-location, exercise their free speech, and argue back at the police, as their equals, when they come calling.

That's not the case for everyone - and even in those rich, white countries, there are political and economic ramifications for running a Tor node, exit or otherwise, that seem to have not occurred to you.

I've also made the claim that there is no rational reason to operate
an exit in this fashion, other than to log/monitor/censor traffic or
because of undesirable network conditions, and no one has disputed
that claim.

No, there is no _technical_ reason to operate an exit in this fashion. There is no reason, from a myopic, borderline autistic view of the externalities involved, to run an exit in this fashion.

However, I can think of many, many reasons to:

- run a node with no contact information
- run a node with an odd set of exits
- run a node with plain (unencrypted) exits
- run a node with odd (non standard port) exits

You have absolutely NO FUCKING IDEA what a node has been deployed for, who is using it, and how many layers of subterfuge are being employed between the external function and the true function underneath.

Further, the power of a platform such as ToR is in the arbitrary extension of the base set of capabilities, and many, many different models of subterfuge, trust, anonymity, etc., can then be built - at arbitrary levels of complexity - and you are chopping those off at the knees.
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/