[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?



On 01/02/2011 00:00, Mike Perry wrote:

>> I don't think you can make that assumption. Maybe they just didn't want
>> their email address to be public for spam bots to harvest. Maybe they're
>> just used to not publishing their email address unless they really have
>> to. Safest course of action: Figure out how to contact them, and ask them.
> 
> 3/5 of the nodes provide contact info. 2/5 are run by "Joe Blow", and
> the other is run by "nobody at example.com"
> 
> Just for grins, I did in fact send an email to Mr. Blow's gmail
> address. It of course bounced. Which means it is available on gmail if
> he wanted it, but he didn't even bother to create it. He's obviously
> real intent on being a member of the community.

If valid contact info is important/necessary, the Tor project should
enforce it, and perform periodic email address validation in order to
allow routers to be Exits. If it's not important/necessary than I see no
valid reason to complain about it not existing.

> But don't worry, at some point Mr. Blow et al will realize that their
> packet captures stopped grabbing passwords and are only seeing
> encrypted middle and guard node traffic. They'll probably show up
> then, proclaiming their innocence from the rooftops, demanding they be
> allowed to "help" the network.

The above may or may not be true. Would be nice to see some evidence. Or
at least some evidence of somebody trying to find the truth.

> But do feel free to spend your time going above and beyond, trying to
> track our 4 heroes down before then. I'm sure they're well worth your
> time and effort to outreach. Pick a nice Saturday afternoon and spend
> it calling ISPs and NOCs trying frantically to get in touch with our
> unjustly punished martyrs here... Heck, take a day off work!

Do you find that being condescending is a good way to get people to
agree with you? I tend to find it fosters disrespect.

>>> I think marking them as "bad"
>>> and waiting for the admin to show up is the easiest way to go. Lets call
>>> it a "cry"-test. Just wait until someone shows up and cries.
>>
>> It's the easiest, but the least efficient route. Somebody mentioned 6%
>> of Exit bandwidth. How much effort would be spent trying to increase the
>> capacity of the network by 6% via coding and/or publicity? Probably a
>> lot more effort than would be required to try and contact these Exit
>> owners and maybe retain the bandwidth.
>>
>> You make it sound as though running an Exit node is a privilege and that
>> people who run them somehow owe the Tor project? They're volunteering
>> bandwidth, for the benefit of the network. If you don't treat volunteers
>> well, they will go elsewhere, and the people who lose out are the people
>> who use the Tor network, not the people who previously ran Exit nodes.
>>
>> Exit bandwidth is a scarce and valuable resource, and should be treated
>> as such.
> 
> It's not true exit bandwidth here. It's janky bandwidth with lots of
> bad properties, such as the tendency to break mixed-mode websites as
> Curious Kid pointed out, and the load balancing issues I mentioned. We
> should do the same for all http-but-not-https exits for this reason.

If exiting port 80 but not port 443 causes problems for Tor, then Tor
should be updated so you can't offer one without the other. This is a
problem with Tor, not with Tor exit operators.

-- 
Mike Cardwell https://grepular.com/  https://twitter.com/mickeyc
Professional  http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu   0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F

Attachment: signature.asc
Description: OpenPGP digital signature