[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Subject: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 22 Feb 2016 08:00:11 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 22 Feb 2016 03:00:45 -0500
In-reply-to: <047.b589d1c80a79d4dcd3294111da9cdbd1@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.b589d1c80a79d4dcd3294111da9cdbd1@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |
------------------------------------------+--------------------------

Comment (by marek):

 ioerror:

 > Why not just serve them an older cached copy?

 While we do provide a feature that caches old versions of sites (called
 Always Online), it is not enabled by default. And even if it was you can
 imagine site owners disabling that. Furthermore it is totally possible for
 the url to not be in cache. Fundamentally Always Online solves a different
 problem - serving content in event of origin being unavailable. This is
 different from protecting origin - you want to serve challenge to bots,
 not content.

 I'll add one more aspect here - in some large attacks we struggle to even
 serve captchas. The bots request them over and over again, which generates
 big traffic. Captcha page is optimised for size. We certainly don't want
 to serve larger sites to suspected-bad IP addresses in order to shield our
 servers as well.

 > Do you have any open data on this?

 No, but the bad IP reputation for TOR exits is not generated by rolling a
 dice.

 arthuredelstein:

 > On top of this, Google's reCAPTCHA is buggy and frequently impossible to
 solve.

 Maybe this is the problem. But here is a thing - reCaptcha gives different
 challenges to different IP addresses. Maybe the google IP reputation of
 TOR exits is _so_ bad that they really don't want this traffic.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
Next by Author: Re: [tor-bugs] #16825 [Tor]: client with explicit EntryNodes, no cached-* files never finds its entrynodes
Previous by thread: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
Next by thread: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
Index(es):
- Author
- Thread