[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?

On Mon, Feb 14, 2011 at 4:32 PM, John Case <case@xxxxxxxxxxxxxxxx> wrote:
> Hello Julie,
> On Mon, 14 Feb 2011, Julie C wrote:
>> I suppose the anarchist genes in me are not strong enough. I have to agree
>> with Mike Perry's arguments, given his credibility, and his clearer
>> perspective than most of the rest of us. If this BadExit policy is being
>> made up ad-hoc, that's fine by me. If the offending Tor node operators
>> want
>> to stand up and defend themselves, or their choices, that's fine too.
> Great. ÂWhat's the "acceptable" companion port to 119 ? ÂHow about 6667 ?
> Since these ports, like 25, have no "standard" companion (like 80/443
> typically does) what collection of encrypted ports need to be maintained to
> balance out running 199/6667 ?
> Come on people - I thought there would be quick answers to all of this...
> RE: clearer perspective - it's easy to have a clear perspective when you
> discount all possible use cases that "aren't what I do".

Here's an argument tip: When you think you've spotted some enormous
hole in the other side's argument, there is at least a small chance
that you're actually instead spotted a hole in your understanding of
their position. You should probably take a moment to reflect and make
sure you're confident that you know where the error is before hitting
send.  I refrained from answering this the first time you asked it
because I thought if I gave you more time you might realize that it
wasn't really a useful question.

No one has suggested every unencrypted port must be matched.  There
are some very clear matches which do exist (e.g. HTTP/HTTPS) and for
those matches action can be taken.  Nothing requires anything to be
done about all the other cases where such nice and popular parallels
are not obvious or where the protocols are unpopular enough to begin
with.  HTTP is an overwhelming popular port, and there really isn't
anything wrong with special casing _just_ that, if thats all that it
ever came to.

Your examples aren't the best though, SSL SMTP is on 465â and it's
probably common enough that a similar rule could be enforced if anyone
cared. IRC ports aren't all that consistent even without the
introduction of security, so there isn't much that can be said there.

> and people that need this are in literally life or death (or at least free or jail) situations

Then they need to not run an exit. If running an exit is probably
going to get you killed or put in jail you should not be running one.
If you're right and the decision to allow wacko exit policies
discourages people with their life on the line from running exits,
then I could imagine no better policy.
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/