On Sun, Jun 08, 2008 at 07:10:46PM +0100, Geoff Down wrote: > Hi, > I work in antiphishing, and use Tor to access some phish sites. > Today I got an OpenDNS Phish Warning page instead of the phish I was > trying to see. The site was visible with Tor switched off. > Is there a policy regarding content filtering at exit nodes? > I recorded the 'Connections' data at the time, is there any point in > trying to work out the exit node involved and trying to contact them? It sounds to me that either the exit node or its provider has decided to be proactive about phishing by deploying filtering technology either at the edge or in the network, respectively. While it is great that they have decided to fight phishing, it is somewhat troubling that they would mess with network neutrality by providing filtered access (if it is the exit node, then to the Tor users, if it is the Internet access provider of the exit node, then to its customers). It might be interesting to coordinate with the exit node operator; some Tor routers have email addresses in their descriptors. See, e.g.: http://cassandra.eecs.harvard.edu/cgi-bin/exit.py and click on the nicknames of the nodes to see the descriptors. A more general solution would be to try to understand how the service offered by different exit nodes actually differs. This could potentially lead to a way in which Tor clients could make smarter choices about their exit nodes... or perhaps a way in which Tor directory authorities could tag them. Geoff
Attachment:
signature.asc
Description: Digital signature