[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Recent Abuse compalints...

On Wed, May 04, 2005 at 11:53:18AM -0400, Jonathan D. Proulx wrote:
> An idenity theft investigation by a North Carolina sheriff's office,
> who was more understanding than I really expected.

Right, law enforcement is surprisingly educated about this sort of
thing. I think it comes because nearly all of their leads are dead-ends
already, because bad people break into computers and relay through them.
So "I don't have any answers for you, I'd really like to help but I can't"
is something they're used to hearing.

> And a complaint from www.medzilla.com relateded to spam bots run amok
> on their site.  This has resulted in all TOR exit nodes being blocked
> at their firewall.  I don't know that they fully understand the way
> the system works and are probably blocking middle-man  nodes as well
> right now.
> I'll try and keep the conversation going and at least get them down to
> only blocking nodes that exit on port 80, would anyone from the devel
> team like me to forward their contact info to the fellow I'm talking
> with?

Right, he contacted me as well. I gave him the standard answer:

|I'm unhappy that some bad people are doing their activities over Tor,
|but it seems hard to imagine that taking Tor away from these people will
|keep them from doing their bad things. People who are willing to break
|laws have so many options (open proxies, vulnerable Win32 machines, etc)
|available to them. :(
|See http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ#Abuse for a few
|more details along these lines.

I pointed him to http://tor.eff.org/cvs/tor/contrib/exitlist for a sample
script to help him enumerate all the Tor servers that allow exiting to
his IP addresses and ports; hopefully he will be pleased that we can
help him in that regard. I'm talking to him now to try to explain that
Tor can't actually identify-and-keep-out-all-bad-guys, and so if he
wants captchas, accounts, etc, he is going to need to add them on his
end rather than having them be part of the Internet transport mechanisms.
We'll see how it goes. :)