[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Reminder: don't run transparent proxies at exits
If you're caching exit traffic and a very naughty person uses your exit,
you've potentially cached "evidence" (to be seized). Also likely has
interesting legal questions, eg. 'if you're actually storing the
content, then do you "possess" it?' ymmv with jurisdiction and ianal.
eric gisse:
> Why? People say 'DO NOT MESS WITH TRAFFIC' but in the same breath they
> say 'BUT USE A CACHING DNS RESOLVER'.
>
> This is an internally inconsistent attitude, and is not consistent
> with how large scale operations function either. Tools like varnish,
> CDN's, memcache, dns caching, etc are all common - and best -
> practices.
>
> If there's a practical consideration I am missing, that's different.
>
>
>
> On Fri, Jan 9, 2015 at 6:29 PM, Nusenu
> <BM-2D8wMEVgGvY76je1WXNPfo8SrpZt5yGHES@xxxxxxxxxxxxx> wrote:
>> hi,
>>
>> eric gisse:
>>> I even threw on a squid proxy on regular http and that's caching
>>> something like 5-10% of all requests and overall http bandwidth.
>>
>> Are you saying you are routing exit traffic through a transparent squid
>> http proxy?
>>
>> If that is the case, please do not interfere with exit traffic in any way.
>>
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays