[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Project Gutenberg

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Project Gutenberg
From: krishna e bera <keb@xxxxxxxxxxxxxx>
Date: Sat, 02 Nov 2013 12:26:22 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 02 Nov 2013 12:41:30 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cyblings.on.ca; s=google; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=f3DlLtoT9LCcmIguphtt0wAOcR09eWIkVJfAw31X8Kg=; b=GplZ1SGsMIKGUOLQZHkWt6L5p6PLyp/qjODWAyQJV/VEARcpUKuSAZKly8UU8aAcgS Zdl0iHIQt0KlJIbiCc8BjAnJMOays+znKJHVIiIdb4NCaJnpXK3jAyVLXM0iJFUY8fgk y9sFLLgMVZeVTZzugCGMbbyRGl5eNKZRa7er8=
In-reply-to: <5274A1C3.6030704@xxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <52712B90.7040909@xxxxxxx> <52715A9D.2000002@xxxxxxxxx> <527206E3.4040304@xxxxxxxxxxxx> <20131031140918.71dca4fd@xxxxxxxxxxxxxxx> <5274A1C3.6030704@xxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0

On 13-11-02 02:54 AM, DeveloperChris wrote:
> On 01/11/2013 12:39 AM, mick wrote:
>> On Thu, 31 Oct 2013 17:59:39 +1030
>> DeveloperChris <developerchris@xxxxxxxxxxxx> allegedly wrote:
>>
>>> Could exit nodes act as caches. I know that would introduce a number
>>> of issues including a compromised exit node revealing what was
>>> retrieved by that node (but not whom for) so if it was limited to a
>>> few popular 'safe' sites it could help alleviate those sites from
>>> some of the traffic burden.
>>>
>> I think that might cause a few problems. Firstly, the obvious one of
>> definitions. Define "safe". Who gets to decide whch sites are OK to
>> cache and whch aren't. Definitions will vary according to the user's
>> location and the regime under which s/he lives (or the location or
>> regime under which the owner/operator of the relay lives.
> 
> Yes precisely. So if you considered running a caching exit node it would
> only be sites that are safe for you the exit node operator to run
> 
> Obvious ones are non copyrighted and non copyrightable stuff like the
> Gutenberg project I think Wikipedia has a policy that is amenable and
> there would be thousands of others.

Tor Project goes to some lengths to make it clear that exit nodes
intentionally store no client data. If some were to start caching the
others would become more vulnerable to confiscation because they also
might be caching. It doesnt matter what sort of data is involved.


>> Thirdly, the simple act of serving a copy from cache, rather than
>> transparently passing the request out to the end server, means that
>> the relay by definition is now intercepting Tor traffic (even if
>> only to "help" the end user).
> 
> This is the main issue that I see. I agree with you here one hundred
> percent. but if we are to persuade sites like the gutenbergproject not
> to directly block tor exit nodes then I am not sure what else can be done?

Even when there is a cache, the browser (or caching proxy) still has to
hit the destination site to check if the data changed. Any site that
serves a lot of similar data should have its own optimization or caching
at the front end.

Exit nodes serve many sorts of clients, so any caches would be flushed
too often to be useful.  A given user's requests might also span more
than one cache because the exit node can change during browsing activity.

>> Fourthly, the end user might not /want/ Tor to "help" in this way
>> (I wouldn't). What guarantee do I have that the Tor relay is giving
>> me exactly what I wanted and not some "tampered" copy. How can I
>> really trust a supposedly anonymous network which I now know to be
>> looking into my requests with a view to giving me a "better" or
>> "faster" service.
> 
> Exit nodes by their nature must look at your request. Whats to stop an
> exit node modifying the response now?

They would get blacklisted.
https://trac.torproject.org/projects/tor/wiki/doc/badRelays

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- Re: [tor-talk] Project Gutenberg
  - From: DeveloperChris

Prev by Author: Re: [tor-talk] How secure is check.torproject.org?
Next by Author: Re: [tor-talk] More and more websites block Tor, which will eventually become useless!
Previous by thread: Re: [tor-talk] Project Gutenberg
Next by thread: Re: [tor-talk] Fwd: SecureDrop, new whistleblower submission system
Index(es):
- Author
- Thread