[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Banned from Slashdot

On Mon, May 30, 2005 at 02:55:56PM -0400, Jamie McCarthy wrote:
> goodell@xxxxxxxxxxxxxxxxxxxxxxxxxx (Geoffrey Goodell) writes:
> > On Mon, May 30, 2005 at 01:06:10PM -0400, Jamie McCarthy wrote:
> > > Tor's banned from posting to Slashdot, at least posting
> > > anonymously, because of extended abuse.  We hope we don't have
> > > to ban _reading_ from Tor, but that depends on the level of
> > > abuse we see.   If anyone has an alternative, please let me
> > > know.

Hi Jamie,

I'm out of the country now so not so good connectivity, but I have a
couple of questions for you before we try to figure out how to resolve

1) Can you give us a better indication of the abuse you're talking about?
Is it people posting garbage comments and it's hard to filter them all
out? Is it people accessing your site a lot and you don't want to serve
that many web pages? Etc.

1') Note that we have something like 50,000 concurrent users now. Are you
sure that what you're seeing is not just a whole lot of users? Recall
that you just had a slashdot article about Tor, so we've presumably
added the sort of users recently who read slashdot rss fanatically.

2) What do you do about the fact that people can read, and post, via the
more than a million open proxies out there? Do you just not see this in
practice so far so it's not so big a problem for you? Or have you given
up on that but you're still hopeful to deal with Tor?

3) Do you see any obnoxious posts (or massive rss fetching) from,
e.g. AOL? Tor is not unique in the property of aggregating a lot of users
behind a few IP addresses. Have you had to deal with that yet? How do
you respond?

> I think it would indeed be possible for an exit node to do that.
> If you mean that Tor was not designed to do that as a matter of
> policy, then I guess I'm suggesting the policy could be changed.  If
> there's some technical reason, then I apologize for my ignorance (and
> please explain!).

This is tricky to do from a technical standpoint, a) because we need to
teach Tor about protocols and how to reach into the application-layer
stream, and b) because Tor clients would need to predict what the
application was going to do before it does it, in order to pick an exit
node that will allow the operation. We'd like to consider implementing
something like this down the road but it seems hard to get right without
adding a lot of complexity (which is bad for security systems).

The above paragraph is a quote from
also check out
We're working with wikipedia now to ultimately have them tag
posts as being from Tor users, which I suppose will help them filter.
(Wikipedia also already has problems with AOL users, so we're also
going to try to help them improve their authentication model enough
that they don't need to permanently block AOL periodically.)

The Freenode IRC network already does this tagging:
and this measure has made them happy with the number of contributing
Tor users compared to the abuse potential.

> Obviously someone recognized that Tor could be used to abuse SMTP
> resources and configured the default exit node policy to block
> sending mail.  That doesn't mean Tor's designers are opposed to
> anonymity in email, it just means blocking that kind of attack makes
> sense.

Actually, we refuse port 25 by default just for image. When people ask
"what about spam?", the real answer is that spammers are doing *great*
already, they absolutely don't need Tor and it would be a hassle for
them to set things up and use it, compared to what they already have.

But you're right, it's a far easier answer to just say "Tor can't
do that."

>  Well, HTTP is the new SMTP, in that it can be abused in
> similar ways.  Different OSI layer, same problem.

Right, you're correct that more and more protocols are being
transported over port 80 these days. Indeed, people who block certain
ports *encourage* this behavior -- check out how Kazaa hunts around for
ports it can use, or how people behind corporate firewalls tend to tunnel
everything out. Heck, Tor itself is showing that making decisions based
on IPs and ports is not so useful as it once appeared.

But Tor ought to remain protocol-neutral for the technical reasons I
describe above; and it's also handy for legal/liability questions.

>  but in any case, this would still
> put a large burden on webmasters to protect their sites.  There are
> many thousands of people on the web administering hundreds of
> different software packages that all allow user posting in some
> way.  Should programmers write and distribute hundreds of different
> ways to limit or block Tor exit nodes from posting?

Programmers *already* need to build in protections from people who use
open proxies, who use DHCP accounts, who come in over AOL. Tor is not
introducing any new problems here. The software packages that let you
sort and filter posts, do collaborative filtering, tag certain incoming
posts as suspicious and needing human approval, etc, are going to be
more effective in the face of these various attacks.

>  Or does it
> make more sense for Tor's designers to recognize that, like SMTP,
> HTTP can be used to spam, and implement a default exit node policy
> that makes it as easy as possible for all those administrators to
> limit damage?

I think we're likely to produce a complex (and thus insecure) system if
we go down this path -- remember that what you're describing is just a
first step in the arms race, and that plenty of other systems out there
work fine for abuse and wouldn't have these measures. So having us add
this is not going to solve your problem.

> By the way, would anyone be interested in rewriting section 7.3.3 of
> the FAQ to be a little less confrontational?  I think Tor's
> designers and many website maintainers (me in particular) are on the
> same side, not "adversaries" as someone else on this list described.
> I'm not claiming anyone's an "evil hacker," I don't have anything
> against privacy, and I don't need to be persuaded to allow Anonymous
> Cowards to post to Slashdot!  :)

Right; it's a user-editable wiki-faq. Please change it to be more
polite. :)
( You will need to login to edit the faq, due to wiki-spam
issues; you might find a suitable user/pass at the top of
http://wiki.noreply.org/noreply/TheOnionRouter/ )