[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
On 10/05/2016 01:27 AM, teor wrote:
>
>> On 5 Oct 2016, at 18:10, <oconor@xxxxxxxx> <oconor@xxxxxxxx>
>> wrote:
>>
>> We're back to IPS, which can drop the specific malicious traffic.
>> I've been speaking with the lawyer few minutes ago. He told me
>> that there is a pressure to put all the responsibility for the
>> traffic to the ISPs. Well ... what are the ISPs most probably
>> going to do ... ? They can ban all tor exit nodes, or they will
>> force the owners to clear the traffic.
>>
>> When you're worried about being accused, why you don't use fake
>> information during registration and payments with bitcoins? Then
>> you can also filter the traffic by IPS ... and everybory will be
>> happy.
>
> There are a few things wrong with your suggested solution: * it's
> really, really hard to stay anonymous on the Internet as an
> individual, and impossible for many corporations (it's hard to be
> transparent about how you spend money as a charity, and be
> anonymous at the same time),
Truth.
> * if all Tor Exit Nodes are anonymous, ISPs may block them more,
> not less,
Yes. But at least there's less risk to exit operators.
> * filtering will likely get your Exit marked as a BadExit,
Yes, I get that. What happens if it's the hosting provider or their
ISP that does the filtering? With end-to-end encryption, of course,
it's less effective. But there are some pretty decent protocol detectors.
> * IPS aren't perfect - they let some unwanted traffic through, and
> block other traffic that is totally ok.
That is an issue. But there are many exits, so eventually users should
find one that works well enough for their purposes.
> Tim
>
>>
>> What should a tor exit op do? Ban the user? exits get the traffic
>> from middle nodes and we cant tell (by design) who anyone is. We
>> can block ips but that is not really helping with bots who tries
>> to find vulnerabilities and scan large blocks.
>>
>> markus
>>
>> Sent from my iPad
>>
>> On 4 Oct 2016, at 23:55, <oconor@xxxxxxxx> <oconor@xxxxxxxx>
>> wrote:
>>
>> If I understand that well ... if tor operator is avare, that his
>> tor node is used for illegal activity (when their ISP told them
>> about that) and he's not going to do anything abou that, he wont
>> be guity by complicity?
>>
>>
>> On 04.10.16 22:37, oconor@xxxxxxxx wrote:
>>
>>> Tor and IPS has both it's own nature and you shouldn't be
>>> punished, if your intension was just to filter the bad
>>> traffic.
>>
>> And who is to decide what constitutes "bad traffic"? I am not a
>> lawyer, but in Germany one of the cornerstones of not being held
>> responsible for traffic passing through a Tor node is § 8 of the
>> Telemediengesetz: http://www.gesetze-im-internet.de/tmg/__8.html
>> -- sometimes referred to colloquially as the "provider
>> privilege".
>>
>> One only is free of responsibility if one neither initiates a
>> transfer, nor selects the transfer's destination, nor selects or
>> modifies the transmitted data. That's what "passing through"
>> means.
>>
>> According to two lawyers I spoke to, exit policies might already
>> be borderline breaking these rules for exit nodes, but the
>> technical basis at least guarantees that traffic will never reach
>> an exit node that does not let it pass. Now think of a firewall
>> that interferes with transfers once the data has already reached
>> the exit node. Wouldn't you agree that this means
>> selecting/modifiying the transmitted data?
>>
>> That's just one national law that I am aware of, I imagine other
>> countries have similar regulations in place. Any internet
>> service provider interfering with net neutrality risks lawsuits,
>> because it is not an ISP's prerogative to decide what traffic is
>> "good" or "bad".
>>
>> -Ralph _______________________________________________ tor-relays
>> mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>> = _______________________________________________ tor-relays
>> mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>> _______________________________________________ tor-relays
>> mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>> _______________________________________________ tor-relays
>> mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
> T
>
> -- Tim Wilson-Brown (teor)
>
> teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C
> BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject
> dot org
>
>
>
>
>
>
>
>
>
> _______________________________________________ tor-relays mailing
> list tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays