[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Making TOR exit-node IP address configurable

On 3/9/11 11:58 PM, Gregory Maxwell wrote:
> Tor has currently has no facility for those users who are happy to
> have random third parties screw with their traffic to opt-into it, or
> those who would want to avoid it to opt out.  This means that anything
> you to the traffic will have random inexplicable effects on tor users.
>  Even if such a facility existed its use would likely reduce the
> anonymity provided by ... partitioning the userbase (is there an echo
> in here?)
Hey, i know that this is an unpopular topic and not very well
politically accepted one but still it seems that there is a growing
interest on it.
I feel like i need it and a lot of other persons would benefit from
making such kind of analysis. :-)

> The tor system does have a facility for dealing with thisâ flagging
> the trouble nodes so that no one will use the exit at all.  If you are
> lucky this is all that will be done to your node(s).

Again, that's true only if you are damaging user's traffic and so your
"filtering" doesn't break in any case:
a) don't break user traffic
b) don't break exit scanner traffic
c) break "just some kind" of more noisy and malicious/aggressive traffic

It's a matter of how things are done and with which compromise between
the user's freedom, the tor anti-censorship goal along with the need for
the TOR community running TOR exit nodes to reduce the risks and
increasing the amount of ISPs that would allow running a TOR Exit.

> If you are unlucky tor users who have been harmed by your tampering
> with their traffic may begin legal action against you, and/or people
> harmed by traffic exiting your node may argue that your traffic
> tampering has deprived you of any applicable legal protections as a
> neutral service provider...

Let's make an example:
If i am an ISPs doing server hosting, like demonstrated by several
server disconnection due to portcan, i have some sensor to detect "very
common and very aggressive attack activity" even if i am a neutral
service provider.

My goal is to detect serious anomaly conditions that are putting "my
infrastructure" at risk (like for example heavy portscan getting out
from my infrastructure).

So, as an ISPs, to protect my other users in being a "neutral service
provider" i will try to act to prevent heavy portscan/attacks from
disrupting my credibility respect to the environment.

That means that even being a "neutral service provider" to protect
"other users" and provide the "service continuity" you would be doing
"only good" to detect and filter "heavy, clear and malicious attacks".

That would not break any non-clearly-malicious TOR user's activity and
would not break any exit scanner.

Look at this in such kind of prospective, with the good everyone without
a taliban's approachs :-)


tor-talk mailing list