[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: AN idea of non-public exit-nodes

On Wed, Nov 25, 2009 at 02:51:57AM +0300, James Brown wrote:
> In the context of the above information concerning the ban of Tor's
> nodes by the LJ (and in other such cases) I have an idea to provide in
> the Tor net for non-public exit-notes.

You might find this faq entry useful:

See especially point #1: "even if we didn't tell clients about the list of
relays directly, somebody could still make a lot of connections through
Tor to a test site and build a list of the addresses they see."

I guess we could perhaps add support for configuring your own secret
exit node that your buddy runs for you. But at that point the anonymity
that Tor can provide in that situation gets pretty fuzzy.

> This solution will be very, very useful for residents of the countries
> under tyrannical and fascist regimes like Russia and such others.
> P.S. It is very important for residents of such countries because only
> such measures can support liberty of speach and privacy for their. I
> want all you to know that after many proceedingses against bloggers and
> other Internet users in Russian ended  conditional sentences the Putin's
>  gestapo was arrest a young girl in Moscow for her writing on Internets
> forums etc. on September, 2009.
> I think that it is not a last arrest of bloggers in Russia.

Indeed. The case of livejournal and Russia is particularly sad here --
lj is where a lot of Russian activists hang out, yet it's also owned and
monitored by (simplifying a little) the Russian authorities. And nobody
in the activist community can get enough momentum to convince people to
move somewhere that is less monitored. Very well done.

For the rest of you following this whole 'livejournal and Russia'
topic, I find Evgeny Morozov's writings to be useful here. See e.g.
Not a new story, alas.

I think one useful approach here is to help livejournal understand that
they need to stop blocking all users who want privacy. Here are some
talking points there:

- Blocking Tor users entirely is over-broad. Even if they have no
  internal mechanism for handling accountability and authentication,
  they can still target only the behaviors that they can't get under
  control. I presume they're blocking it because some small number of
  people are crawling certain resources on livejournal. So they should
  narrow their blocking to just those resources. As a parallel example
  here, Slashdot prevents posts from Tor exit IP addresses, but they
  don't just cut all connections.

- They probably don't have any idea how many 'normal' Tor users they
  have. If the only time you notice Tor is when somebody's being a
  jerk, it's easy to fall into the trap of thinking that Tor only has a
  few users, most of whom are jerks. But the fact is that hundreds of
  thousands of people use Tor daily. Blocking all of them is going to
  impact many more people than you think. (How many of these users use
  LJ daily? I don't know, but if they've set things up to filter based
  on IP address, they could also set things up to count instead.)

- I talked to the chief security officer of Facebook a few months back.
  They used to regard Tor as something that could hurt their business
  model. Then the June election thing happened in Iran, and facebook.com
  was blocked in Iran, and suddenly around 10000 facebook users in
  Iran were connecting via Tor daily. Now Facebook has a very different
  perspective on privacy tools like Tor. Their story is similar in China.

Alas, livejournal's hand here might be forced by their new owners. In
that case, the only answer I can think of is for everybody in the affected
countries to jump ship.


To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/