[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Torrents real-time and dynamic blocklist



Well, please read the study and comments from others before posting, some had the same "doubts" and "snake oil"/"paying" concerns (torrent-live is open source and you can build your blocklist free of charge), they are addressed there

Does it happen that exit nodes get notices? Yes

We are not talking about port 6881 or > 50000, we are talking about dynamically blocking TCP connections to bt dangerous spies

And no, the method can not be fooled/flooded like this

Le 13/10/2015 01:59, sh-expires-12-2015@xxxxxxxxxxxxxxxx a écrit :
On Fri, Oct 09, 2015 at 07:05:08PM +0200, Aymeric Vitte wrote:
Anyway I don't think that's really of the interest of this list except
that some exit nodes operators might envision to use something like the
dynamic blocklist, if some are often bothered by notices/letters we can
propose a trial to see if the list is adapted, which we think it is.
You are pretty right, your information isn't useful for anyone at all,
why would a operator of a exitnode allow a third party to control
his exit policy? Even partly, bad idea.

If and exit gets staturated by such traffic, it can reject
the default ports, like 6881 and the like, and Port-Ranges > 50.000,
that will provide much better results.

He could reject much more, without limiting usability of Tor.

If the few torrent-tracker operators would understand, that not
being able to scrape their trackers from a exit node is beneficary
for them too, we actually could achieve something here.

Anyway, given the distributed approach, protocols like BitTorrent, your
blacklist can only provide a false sense of security (the best case).
The problems, like being flooded by an adversary, I have addressed in
the previous posting. ;)

My coworkers and I call such services, either a racket or snakeoil.

The problem, of being held accountable for torrenting are much better
addressed by using a VPN. Since the law is different for most of
the pariticipants of this list, in some countries you can still download
without any problems, problematic is uploading (distributing) stuff
other than your own, or wich is covered by libre licenses.

If you, wrongly, got held accountable, ask the lawyer form rightscorp,
if their network services are secured against routing attacks, and how they
tend to proof that the origin is really you out of your network, that
hasn't such measures (like sourceroute verification).

If you still want to throw money, throw it either at your local tor-
organisation, the tor-project or the folks producing a libre torrentclient.

Sorry, for giving you the impression, that I may address you Ayms, I am
adressing all the other people, that may consider your approach of a
centralized entity (blacklist) for clients using protocols or networks
like BitTorrent or Tor, that are somehow distributed.

I don't see peersm adressing any r/l issues, that are adressed by other
approaches at all.

P.S: This list needs a policy for advertisng paid services, like
$1 per distributed message paybale to the torproject ;)

--
Peersm : http://www.peersm.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk