[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Phish filters on exit nodes
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Phish filters on exit nodes
- From: "F. Fox" <kitsune.or@xxxxxxxxx>
- Date: Mon, 09 Jun 2008 18:53:01 -0700
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Mon, 09 Jun 2008 21:53:11 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type:content-transfer-encoding; bh=3v1sapofzKwZmAULkQSig69SNMYTpsGgqLM0CwdKO2U=; b=D7nU6q0Fs9pH/Lom9pb/aO5ky3OTGdZ9pnqKoi7xpDZ2qr7uCZOJbR2pjgjkfy8HTA 1okQ8NwCdJfB6Aw0QBDSxDm06HP6BlXehxiOIsdWRaZhDe7dSc6MiIEz6ljdVaV0ERcx 8fOuc4zpxVRWCu5ldh/vq74LGEJ380kzNYBRU=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; b=da8cXzPpqMbBrp6hBzTJ4JTlElu/vgNRveIycRQss1ackQWTcmdhtr/P/WBB2584OK JQOYCdz877bEDAwJZ+eyqws8KedSZiSF/d5aieS/CPbTr6qLhhPn4bs1pcihzw5Qj+dW t1yxWWXbrzoT16CfGjzOXxAag9Sy4+FhWxEjk=
- In-reply-to: <5d6c7a77513a8aa8d270bc033a3b6f58@xxxxxxxxxxxxxx>
- References: <5d6c7a77513a8aa8d270bc033a3b6f58@xxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Mozilla-Thunderbird 2.0.0.14 (X11/20080509)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Geoff Down wrote:
> Hi,
> I work in antiphishing, and use Tor to access some phish sites.
> Today I got an OpenDNS Phish Warning page instead of the phish I was
> trying to see. The site was visible with Tor switched off.
> Is there a policy regarding content filtering at exit nodes?
First of all, I think there's a good chance that this "filtering" is
accidental. The owner probably has their central resolver(s) or machines
resolving from OpenDNS - and I don't know exactly how they do things by
default.
As far as the larger issues: Technically - as Tor is (mainly)
decentralized - there's really no "policy" regarding what node operators
do with their nodes.
However, content filtering or the gathering of information* - for any
reason or in any form, even if the owner believes it to be for the good
of the users - tends to get a very cold reception. This is from both the
personal liberty and anti-government surveillance standpoints.
*: Sometimes it's necessary to collect information for debugging
purposes; however, best practice is to collect as little as possible,
and destroy it as quickly as possible. And of course, sharing is a no-no. :D
- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIVAwUBSE3efej8TXmm2ggwAQgXHhAAhe6I9rtqUa5OgCWVsKUhHTgbdk+ATWKI
CD7rYhbr6+HQWpcp/A+w0eqX3NnnWqtzx7s5dwEQbf6XZQmS2kddu9HScjmlYYkF
Hdvxr4sUfLtOtK7SYL2tLfrLNx+oZwHdRGdrAJ9+m9XjGswMnsMav6M24rcOvBPI
MpZu8fNSlQWhaEDKL3CiCAbaOMHBSs0VLWhEM1c2UYP8yUlfQrcs63NKM/MrAaJt
otJhU9necZuCWqad8ckM4iEh+NYKGzuiOSOZ6QyxaXhgFl0JTyh0dnZiuycbJhQH
h8+aFMIcrlsm4kYg1SpX67aPtzSahxYF/out5yyjIN/3Q0Uiue1iVRWwOd4T/Bui
NPc7qbdTJ9MyL8k56WhmQsGG6o98K5dVciJgWI4WyJZstKJpHlo1ft+lUjD5pG0F
Y9ls4z/eOXC4TC8vKBct8Yn0CN20oMb8B/uO+gm3zUtpepVZ01mCgTTqIwOZZ7vo
hT8SmE//Rmmexj3uYoorKP4eL/BoScYNOS7dlp0CIUblx+LxlMNcNqBbizrw4GOn
t6vTlASWGZBEuSN9k8NYlkgCw8n+MGY01r2ASBJOWuPOg3/kuGur+2s4mn7BemhU
vLJ24ebTd38JQHy8CU2BbOXCn2ut+u6ntC0iHcm+4tA4/M8t7/5hyRhZxc0KS8Tb
GC6thj3MqTA=
=p9hW
-----END PGP SIGNATURE-----