<table cellspacing="0" cellpadding="0" border="0" ><tr><td valign="top" style="font: inherit;">Good overview Karsten, thanks.<br><br>Tor developers: I demand to ban all german tor server per /1/1/2009 from the tor network. Don' t trust the german regulators.<br><br>country.sh<br><br>#!/bin/sh<br><br><br># Set one or another, but not both, alphabetical order plz:<br>#COUNTRIES_TO_REJECT="CN|FR|GB|HK"; # Those countries will be rejected.<br>COUNTRIES_TO_ACCEPT="AR|US"; # All other countries will be rejected, those only will be accepted.<br><br># Where to find a routers list:<br>ROUTERS="http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?textonly=1";<br><br># Location of your torrc file:<br>TORRC=/etc/tor/torrc<br><br># Command to reload your torrc:<br>RELOAD="/etc/init.d/tor restart"<br><br><br>#### No need to modify nothing after this line ####<br><br>set -e<br><br>LOCRC=".tmp_torrc"<br>LOCROUT=".routers.txt"<br><br>test -z $TORRC && exit
0<br><br># create a backup of the torrc file<br>cp $TORRC ${LOCRC}.bak<br><br># Remove ExcludeNodes line from torrc<br>cat $TORRC | grep -vi Excludenodes > $LOCRC<br><br># Download routers list.<br>wget -O $LOCROUT $ROUTERS || exit 0<br><br># Write list of actual countries to a text file for reference<br>file=Countries.txt<br>echo -n "Countries " > $file<br>for i in `cat $LOCROUT | cut -f 1 -d " "| grep -v Tor | sort -u`; do<br> echo -n "$i " >> $file<br>done<br><br>file=$LOCRC<br>echo -n "ExcludeNodes " >> $file<br>if [ "$COUNTRIES_TO_ACCEPT" != "" ]; then<br> for i in `cat $LOCROUT | egrep -v "^($COUNTRIES_TO_ACCEPT)" | cut -f 2 \<br>-d " " | egrep -v "^(\[|Network)" | sed s/*//`; do<br> echo -n "$i, " >> $file<br> done<br>elif [ "$COUNTRIES_TO_REJECT" != "" ]; then<br> for i in `cat $LOCROUT | egrep
"^($COUNTRIES_TO_REJECT)" | cut -f 2 -d \<br>" " | egrep -v "^\[" | sed s/*//`; do<br> echo -n "$i, " >> $file<br> done<br>else exit 0<br>fi<br>echo finished >> $file<br><br>cp $LOCRC $TORRC<br><br># Have Tor to reload its config<br>$RELOAD<br><br>Regards<br>-dieter<br><br>--- On <b>Sat, 10/18/08, Karsten N. <i><tor-admin@privacyfoundation.de></i></b> wrote:<br><blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;">From: Karsten N. <tor-admin@privacyfoundation.de><br>Subject: German data rentention law<br>To: or-talk@freehaven.net<br>Date: Saturday, October 18, 2008, 1:49 AM<br><br><pre>Hi,<br><br>I. part: A short overview about the data rentention law in Germany.<br><br> 1: ISPs have to log the start and end of a user dial-in with<br> time stamp and IP address. They have not to log any content.<br><br> 2: Public provider
of electronic mail have to log all connections of<br> users with time stamp, IP address, login account and the email<br> addresses of sender and recipient for every mail (send and<br> receive).<br><br> 3: VoIP provider have to log all connections with timestamp,<br> IP address and phone number of caller and recipient.<br><br> 4: Fon and mobile fon provider have to log all connections and<br> tries with timestamp, phone number and location.<br><br> 5: Anon services have to log the rewrite of any information, which<br> will be logged by a third party. (Thats all, not very clear.)<br><br><br>At the moment, it seems not clear, how tor is affected by this law.<br>I read some papers from the gouverment: "An anon service (like tor or<br>JAP) has to log, because the law will be useless otherwise."<br><br>Some papers of non-gouverment organizations like ULD: "Tor and JAP are<br>not affected by the telecommunication law, because it is
not a<br>telecommunication service (in the case of law) and tor nodes have NOT<br>to log."<br><br>Together with the JonDos GmbH (JAP) the GPF try to get a legal<br>non-logging solution for tor, but the result is open and we are late.<br>(May be too late?)<br><br><br>II. part: suggestion of a technical solution<br><br>May be, tor can use geoip and divide the world in a logging area and a<br>non-logging area. If the target host is inside the logging area<br>(Germany), the exit node has to be outside. Otherwise a german node<br>can be an exit too.<br><br>In this case, we have two possibilities:<br><br> 1: the target host is outside the logging area -> no logging<br><br> 2: the target host is inside the logging area -> the exit is<br> outside and writes no logs -> an german entry or middle man<br> has to log nothing, because it routes to a not logging exit.<br><br>Because not all clients will update to a new version very quickly,<br>we
need a feature for german exit nodes to reject all routes from old<br>clients, when the node is the exit of the route.<br><br>Or, if it was more simple for the developer, a feature for exit nodes<br>to define a country (based on geoip) to reject all exit routes. If all<br>german relays used this feature, it may work.<br><br>Otherwise, all german nodes have to switch to middle man.<br><br>It is only one suggestion, not the really best solution.<br><br>Karsten N.<br><br></pre></blockquote></td></tr></table><br>__________________________________________________<br>Do You Yahoo!?<br>Tired of spam? Yahoo! Mail has the best spam protection around <br>http://mail.yahoo.com