[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] [tor-dev] Hidden service policies



Thomas White <thomaswhite@xxxxxxxxxx> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> > Sorry, wrong answer.  If you block connections from other relays, 
> > you break the tor network.  I don't recall offhand whether that
> > sort of breakage might earn your relay either an Invalid flag or
> > being simply dropped from the consensus.
>
> For a single relay to my knowledge, it shouldn't do. There are many
> reasons some relays can't connect to each other so it doesn't "break"
> Tor as an alternative route is simply found.
>
     Yes, tor, like many other Internet operations, has some ability to
route around breakage in its network.  However, each time it is necessary
to find a way around it, a cost to the network is incurred in the form
of wasted processing time over many pieces of equipment, wasted traffic,
and likely wasted end-user time.
>
> > Are you suggesting that the mobbing attacks on HSDIR relays are the
> > actions of botnets?  If so, then you are suggesting that the
> > problem of mobbing of HSDIR relays is probably insoluble because it
> > would not be the symptom of a bug in tor. :-(
>
> The question is botnet CnC's, the proposal has nothing to do with
> solving the botnet CnC problem and I am also stating Tor is not the
> one who needs to tackle them right at this moment, the budget and

     Agreed.

> resources are just not there. However creating a system where
> operators start blacklisting hidden services is extremely bad for
> anonymity both for the hidden service and the user.
>
     Also agreed.
     I was referring to the as yet unsolved problem of HSDIR mobbing,
which I have long thought was due to a bug somewhere in tor, just as
there used to be a problem with DirPort mobbing.  The DirPort mobbing
bug was eventually found and fixed a long time ago, but the HSDIR
mobbing still hasn't been.  But now you have given me the idea that
perhaps HSDIR mobbing is actually due to other software applying a
malicious attack upon tor relays that have the HSDIR flag.  IOW, I
wasn't arguing with you, just commenting about this other problem in
light of what you had written.

> To answer the rest of your question, I am not a developer. I am
> somebody who cares about anonymity and that is why I run the 2nd
> largest server cluster on the Tor network from my own pocket.
> Filtering or proposing to blacklist anything is not acceptable in my
> view. Whatever solutions individuals care to launch to protect their
> relay is their own responsibility, but actively developing something
> by the core developers to blacklist hidden service is a completely
> despicable idea. To elaborate only on the legal side of things, if I
> can easily block hidden services passing through my relays or if I am
> the RV point for one the government can then serve me a notice

     AFAICT, the introduction point and the rendez-vous point are about
the only places you might be able to block them, though by doing so, you
would again be introducing a form of breakage.  If your relay were at
any other points in the hidden service protocol, you wouldn't have any
way of distinguishing it from any other middle node along a tor circuit.
But I would need to reread the protocol specification in detail again
see whether you could actually deny service even at the invitation and
rendez-vous points.

> ordering me to block it, this I have already run through my solicitor
> and there no escaping that fact unfortunately.
>
> Also note, botnets in this sense are not the topic. The proposal is an
> easy mechanism to censor hidden services and let it not be portrayed
> as anything other than that. I can see why 90% of people opposed his
> "coin taint" idea and 75% wanted him to leave the bitcoin foundation.
> If Tor did introduce such measures, I would be swiftly leaving Tor's
> ranks and withdrawing all support (both all 25 relays/exits/guards,
> and financial) from it.
>
> So to state clearly:
>
> Should Tor Project develop a system to filter hidden services?
>
> I'll let people decide that for themselves. But my opinion, is that
> doing so defies the point of a hidden service and people who push for
> it should be ashamed of themselves.
>
     Also fully agreed.  To develop such a system would require weakening
or breaking the current level of protection offered to users, as well as
being a special gift to the NSA and its peers in other countries.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:   bennett at sdf.org   *or*   bennett at freeshell.org   *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays