[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
Reporter: ioerror | Owner: tbb-team
Type: enhancement | Status: new
Priority: High | Milestone:
Component: Tor Browser | Version:
Severity: Critical | Resolution:
Keywords: security, privacy, anonymity | Actual Points:
Parent ID: | Points:
Sponsor: |
------------------------------------------+--------------------------
Comment (by lhi):
Replying to [comment:23 jgrahamc]:
> Hello. I'm CloudFlare's CTO.
Hello. I'm yet another Tor user, victim of global mass surveillance and
distrustful of anyone I have no reason to trust, angry after being
repeatedly and systematically (ab)used as a CAPTCHA-solving bot by your
network.
>
> ''There are companies - such as CloudFlare - which are effectively now
Global Active Adversaries.''
>
> That's an inflammatory introduction. We are not adversarial to TOR as an
entity, we are trying to deal with abuse that uses the TOR network. It's
inevitable that a system providing anonymity gets abused (as well as
used). I'm old enough to remember the trials and tribulations of the Penet
remailer and spent a long time working in antispam.
That's rich. You fully understood the meaning. You misrepresent what is
being said, twisting the words around. The intended meaning is obviously
that Johnny Doe user of the Tor system (which after all is based on
distributing trust), or Tor itself, have no reason to trust the central
and tentacular entity CloudFlare, which makes it, effectively, an
adversary in security terms.
>
> Earlier @ioerror asked if there was open data on abuse from TOR exit
nodes. In 2014 I wrote a small program called "torhoney" that pulls the
list of exit nodes and matches it against data from Project Honeypot about
abuse. That code is here: https://github.com/jgrahamc/torhoney. You can
run it and see the mapping between an exit node and its Project Honeypot
score to get a sense for abuse from the exit nodes.
>
This is "open data" insofar as one uncritically trusts "project honeypot"
classification. sorry.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:70>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs