[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: reconsidering default exit policy



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 16 Mar 2005 13:47:10 +0100, Thomas Sjögren
<thomas@xxxxxxxxxxxxxxxxxxxx> wrote:
> #ExitPolicy reject *:80 # deny http, otherwise use the default
> policy  

That doesn't convey the *risk* involved in to the person running the
node.

Ignoring the theoretical complaints to your ISP that can come from
opening any port for exit...

Currently, there are (to my knowledge) four services that, due to
proxy abuse, use IPs to blacklist access:

* SMTP (blocked by default policy)
* Usenet (blocked by default policy)
* Web content systems (bulletin boards, wikis, blog comments, etc)
* IRC

Not warning a user in (metaphorical) BIG FLASHING LETTERS that
running as a tor Exit node in its default setting can cause them to
get blocked from the last two is, IMO, a colossal mistake that will
cause disgruntlement towards the Tor project.

If people understand the risk, they can feel free to take it to
further the goals of the project.  But asking people to take this
risk without warning is, in my opinion, a foolish and selfish thing
to do.

DMCA Safe Harbor rules may reduce the risk of getting kicked off your
ISP, but the fact that my Mac at home is in the Wikipedia block list
is not something I'm too happy about.

Rod.

- -- 
:: Rod Begbie :: http://groovymother.com/ ::

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQjibzTf2HVyMgMNfEQKmHgCdFNZxmVHZ4/wZsIvPgefVa4rurOoAoJAB
nqgaJxk+bYBAiUXjNGfR9CHB
=Yu4I
-----END PGP SIGNATURE-----