[tor-relays] Comcast blocks ALL traffic with tor relays

[xmrk2]

Hello,

It is a good sign that Comcast cares and wants to defend itself. Another positive is that you did not try things like "tor is only for criminals/terrorists".

As to the blog post you mention. (Note that to see the post one may need to delete the trailing full stop from the url, the correct url is https://corporate.comcast.com/comcast-voices/setting-the-record-straight-on-tor.) Your statements are very generic: now you talk about "not blocking tor", but tor is not just one webpage, one server, a monolithic entity. I would appreciate details: If your customer has "advanced security" activated, can he connect to any ORPort of any tor middle relay? Can he connect to other ports of any tor middle relay? What about exit relays? What about other direction - can tor relays and exits connect to Comcast customers who have "adv. security" activated? Does it depend on destination port? Sorry if I am a bit repetitive, but https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security mentions "Blocks remote access to smart devices from known dangerous sources.". What do you mean by dangerous sources, and does it include tor relays or exits?

And in the blog the word "block" is not even mentioned.

- "Comcast doesn’t monitor ..." - irrelevant to blocking

- "The anecdotal chat room evidence  ..." -- not even linked, I don't know what is this evidence, so cannot comment

- "We respect customer privacy and security and only investigate ..." - again irrelevant to blocking

- "We do not terminate customers for violating the Copyright Alert System..." - even more irrelevant, I never talked about terminating customers

I am quite sure that if I run a tor relay, after some time I stop being able to connect (using my fibre connection) to certain Comcast customer, I get a timeout, and at the same time I am able to reach this same customer by mobile connection And both fiber and mobile connections are provided to me by the same company. So who do you suggest is doing this blocking? My ISP? I don't know whether this customer has "Advanced security" turned on, I just assume he has. Do you want me to send you privately more details (my IP and this peer's IP)? Comunity: Is there some privacy problem if I provide this info? Comcast already sees my connection attempts, at most they can link my email with my IP address.

So you remind me of an old joke: who should I believe, you, or my eyes? Sorry, I choose my eyes. I am talking here about direction from my node to Comcast. It is still possible that you don't block connections from Comcast to relays, I have contradictory evidence about this point. So if your "not blocking tor" means "not preventing our customer from connecting to some tor relays", this could be true.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20230614/8f9a3594/attachment-0001.htm>