[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] ResearchEthics




On 9 Oct 2015, at 01:21, Aaron Johnson <aaron.m.johnson@xxxxxxxxxxxx> wrote:

Hello Rishab,

I've been meaning to respond to this for a while.

Thanks for your thoughts.

For what it's worth, I completely disagree that outright "banning" of certain data collection is the right answer here. There should be a standard "let's weigh the risks vs. the benefits and make a decision" for any/all cases. In most cases, there are ways to perform data collection over Tor (even trying to understand the makeup of hidden services) in a way that does not compromise privacy/security -- e.g., the harvest reports only the "class of the .onion site" and not the actual site itself. This answers the question the researcher is interested in, without compromising or revealing the .onion directly.

I do agree that all cases should be judged in terms of costs and benefits. The idea of that list is to provide specific activities for which the costs are judged not to outweigh the benefits. In this case, the activity is not âcollect information about the descriptors you see as an HSDir and then report aggregate statisticsâ; it is âcollect information about the descriptors you see as an HSDir and then connect to those onion addresses that you observe to try and do a Web crawl of them and scrape their contentâ. The latter is judged to be unacceptable because Tor wants to provide onion-service operators with the ability to run an onion service privately, and definitely without having to deal with crawlers or other snooping parties.

I also wonder about the risk presented by such a concentration of .onion site addresses (or .onion site requests, if the addresses are never recorded anywhere). If an adversary accesses the researcherâs list, or is observing the researcherâs connection, or is observing the .onion siteâs connection, how much does this increase the risk of discovering the site?

For example, if a siteâs threat mitigation involves it being accessed a certain (small) number of times, and then changing address, crawlers could represent an unacceptable burden on the siteâs operator and legitimate users.

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev