> - no IP logging > - no external resourcesYou shouldnt trust TPO on not doing that either (not because they do that but because there is no control on that from user side so you should assume the worst when it comes to security/privacy/anonymity).
And allowing JS in order to participate in the forum thats also an issue. (Good thing you can read the forum topics while JS disabled, But you cant login,type..etc)
At the end user need to trust an entity to make discourse functional, TPO or not doesnt matter. (I agree on seeing google or amazon or ..etc from shitty corporations thats the worst thing user want to see when using Tor or any other anonymity tools and should be prohibited)
nusenu:
Hi,the Torproject is about to launch the new Discourse based forum next week [1]https://forum.torproject.netWith this email I'd like to initiate a discussion on whether it is a good idea to externalizehosting of what might become a important platform for the tor community. I believe discourse is a great platform, butI was surprised to learn that the forum is _not_ self-hosted on torproject infrastructure. It is hosted by "Civilized Discourse Construction Kit, Inc." the company behind discourse.org. That means the torproject does not have full control over the infrastructure and its security and logging practices.Discourse's third party hosting also does not support onion services [2].The forum privacy policy mentions that IPs get logged and stored over an extensive amount of timehttps://forum.torproject.net/privacyAs Jérôme pointed out [5] the forum is also subject to discourse's privacy policy, so maybe it would be good to include a link to https://www.discourse.org/privacy on https://forum.torproject.net/privacy.Especially since this forum will be used for tor browser support it will also include people's IP addresseswhen they are unable to use tor browser to protect themselves.When you open https://forum.torproject.net in a browser it will fetch resources from multiple places:fonts.googleapis.com (Google) fonts.gstatic.com (Google) aws1.discourse-cdn.com avatars.discourse-cdn.com (proinity LLC, AS44239)forum.torprojec.net/torproject1.hosted-by-discourse.com (CNAME) Hurricane Electric LLCTo quote Gaba from the gitlab ticket [3]:If there is a risk on running this forum outside TPA infrastructure then we need to change this and host Discourse in TPA.(TPA is the torproject admin team https://gitlab.torproject.org/tpo/tpa/team)I agree with Gaba and I'm glad anarcat (torproject admin team) is not totally against self-hosting [4] even thoughdiscourse is docker based. Self-hosting would also allow for:- better domain: forum.torproject.org (the torproject.net domain is basically unknown and I guess many people will be confused. I agree with anarcat to use the .net domain when it is not run on TPA infrastructure)- no IP logging - no external resources- no troubles for tor browser users should discourse decide to enable CAPTCHA or use a CDN that enforces CAPTCHAs in the futureWhat is the main reasoning for using a 3rd party hosted Discourse instance instead of a self-hosted instance?(besides the obvious 'so we don't have to patch and maintain it ourselves') related gitlab ticket: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183https://gitlab.torproject.org/tpo/web/team/-/wikis/Plan-To-Launch-Tor's-Forumkind regards, nusenu[1] https://lists.torproject.org/pipermail/tor-community-team/2021-October/000423.html[2] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2740700 [3] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2749919 [4] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2750060 [5] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2751283
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk