[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #4923 [Tor Directory Authority]: badexiting (or rejecting) relays from certain bad countries by default
#4923: badexiting (or rejecting) relays from certain bad countries by default
-------------------------------------+--------------------------------------
Reporter: arma | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: unspecified
Component: Tor Directory Authority | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------------------+--------------------------------------
Comment(by arma):
Ok. Now that I am less ill, let me try to organize my thoughts here. There
are three angles to look at here.
A) We could badexit relays in certain countries that censor the Internet
"more than usual", so a Tor user doesn't end up failing to reach bbc just
because she pops out of Vietnam. This idea is flawed because it assumes
there is one "real" Internet yet in reality basically every place censors
in one way or another. Just as we don't try to fight Google's geolocation
to decide what language you get, we shouldn't badexit all of Australia
just because they don't want me to learn about abortions.
B) We could badexit relays in certain countries that we know are logging
citizens' traffic "more than usual". The original motivation here was
Syria, since we see they have logs of what their citizens do online, and
they secure them poorly. But as of 2009 Sweden has logs of their cross-
border traffic via their FRA law. And I can't even enumerate the list of
European countries that have deployed traffic header data retention -- and
no doubt many of them secure their data sets poorly too.
C) We could outright reject relays from countries where a) we have no
useful relays and b) we have lots of users and some of them seem to be
unwisely clicking 'share'. Syria and Iran are the big examples here. A
major downside to preemptively rejecting these relays is that we'd be
turning down the possibility of having a good relay in these countries if
one should appear. Another major downside is that we're taking the
decision away from the people -- in plenty of other situations we say "I
assume you know more about what's going on your country than we do." A
more minor downside is that we wouldn't be able to track popularity as
easily. A major upside is that these users wouldn't be unknowingly putting
themselves in a list. Another major upside is that we'd stop freaking out
users ("omg there's a relay in Syria it must be run by the government").
I think "A" and "B" are unwinnable, but I would be interested to see
somebody try the "it's a question of degrees" argument.
I think there's a strong argument for trying to do "C" in Vidalia instead,
by looking at the IP address Tor thinks it's using and having another "are
you sure?" layer to becoming a relay. Though that said, if we wanted to do
it in Vidalia maybe we should have thought of that before giving everybody
the software.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4923#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs