commit 3f52b976a61e47ea8fe1403ff0b38723646ffa3b Author: Damian Johnson atagar@torproject.org Date: Wed Jun 29 20:13:06 2011 -0700
Adding exit notice to resources
The relay setup wizard will have an option for presenting an exit notice, so adding those resources. --- setup.py | 23 +++- src/resources/exitNotice/exit-noice.html | 143 ++++++++++++++++++++++ src/resources/exitNotice/how_tor_works_thumb.png | Bin 0 -> 8147 bytes 3 files changed, 163 insertions(+), 3 deletions(-)
diff --git a/setup.py b/setup.py index 1eec903..6e31f44 100644 --- a/setup.py +++ b/setup.py @@ -2,11 +2,28 @@ import os import sys import gzip -import glob import tempfile from src.version import VERSION from distutils.core import setup
+def getResources(dst, sourceDir): + """ + Provides a list of tuples of the form... + [(destination, (file1, file2...)), ...] + + for the given contents of the src directory (that's right, distutils isn't + smart enough to know how to copy directories). + """ + + results = [] + + for root, _, files in os.walk(os.path.join("src", sourceDir)): + if files: + fileListing = tuple([os.path.join(root, file) for file in files]) + results.append((os.path.join(dst, root[4:]), fileListing)) + + return results + # Use 'tor-arm' instead of 'arm' in the path for the sample armrc if we're # building for debian.
@@ -91,8 +108,8 @@ setup(name='arm', data_files=[("/usr/bin", ["arm"]), ("/usr/share/man/man1", [manFilename]), (docPath, ["armrc.sample"]), - ("/usr/share/arm", ["src/settings.cfg", "src/uninstall"]), - ("/usr/share/arm/resources", glob.glob("src/resources/*"))], + ("/usr/share/arm", ["src/settings.cfg", "src/uninstall"])] + + getResources("/usr/share/arm", "resources"), )
# Cleans up the temporary compressed man page. diff --git a/src/resources/exitNotice/exit-noice.html b/src/resources/exitNotice/exit-noice.html new file mode 100644 index 0000000..7475984 --- /dev/null +++ b/src/resources/exitNotice/exit-noice.html @@ -0,0 +1,143 @@ +<?xml version="1.0"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> +<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> +<title>This is a Tor Exit Router</title> + +<!-- + +This notice is intended to be placed on a virtual host for a domain that +your Tor exit node IP reverse resolves to so that people who may be about +to file an abuse complaint would check it first before bothering you or +your ISP. Ex: +http://tor-exit.yourdomain.org or http://tor-readme.yourdomain.org. + +This type of setup has proven very effective at reducing abuse complaints +for exit node operators. + +There are a few places in this document that you may want to customize. +They are marked with FIXME. + +Notice Source: +https://gitweb.torproject.org/tor.git/blob_plain/HEAD:/contrib/tor-exit-notice.html + +--> + +</head> +<body> + +<p style="text-align:center; font-size:xx-large; font-weight:bold">This is a +Tor Exit Router</p> + +<p> +Most likely you are accessing this website because you had some issue with +the traffic coming from this IP. This router is part of the <a +href="https://www.torproject.org/%22%3ETor Anonymity Network</a>, which is +dedicated to <a href="https://www.torproject.org/about/overview">providing +privacy</a> to people who need it most: average computer users. This +router IP should be generating no other traffic, unless it has been +compromised.</p> + + +<p style="text-align:center"> +<a href="https://www.torproject.org/about/overview"> +<img src="how_tor_works_thumb.png" alt="How Tor works" style="border-style:none"/> +</a></p> + +<p> +Tor sees use by <a href="https://www.torproject.org/about/torusers">many +important segments of the population</a>, including whistle blowers, +journalists, Chinese dissidents skirting the Great Firewall and oppressive +censorship, abuse victims, stalker targets, the US military, and law +enforcement, just to name a few. While Tor is not designed for malicious +computer users, it is true that they can use the network for malicious ends. +In reality however, the actual amount of <a +href="https://www.torproject.org/docs/faq-abuse%22%3Eabuse</a> is quite low. This +is largely because criminals and hackers have significantly better access to +privacy and anonymity than do the regular users whom they prey upon. Criminals +can and do <a +href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_tools.html..., +sell, and trade</a> far larger and <a +href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_distributi... +powerful networks</a> than Tor on a daily basis. Thus, in the mind of this +operator, the social need for easily accessible censorship-resistant private, +anonymous communication trumps the risk of unskilled bad actors, who are +almost always more easily uncovered by traditional police work than by +extensive monitoring and surveillance anyway.</p> + +<p> +In terms of applicable law, the best way to understand Tor is to consider it a +network of routers operating as common carriers, much like the Internet +backbone. However, unlike the Internet backbone routers, Tor routers +explicitly do not contain identifiable routing information about the source of +a packet, and no single Tor node can determine both the origin and destination +of a given transmission.</p> + +<p> +As such, there is little the operator of this router can do to help you track +the connection further. This router maintains no logs of any of the Tor +traffic, so there is little that can be done to trace either legitimate or +illegitimate traffic (or to filter one from the other). Attempts to +seize this router will accomplish nothing.</p> + +<!-- FIXME: US-Only section. Remove if you are a non-US operator --> + +<p> +Furthermore, this machine also serves as a carrier of email, which means that +its contents are further protected under the ECPA. <a +href="http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00002707----000-... +USC 2707</a> explicitly allows for civil remedies ($1000/account +<i><b>plus</b></i> legal fees) +in the event of a seizure executed without good faith or probable cause (it +should be clear at this point that traffic with this originating IP address +should not constitute probable cause to seize the machine). Similar +considerations exist for 1st amendment content on this machine.</p> + +<!-- FIXME: May or may not be US-only. Some non-US tor nodes have in + fact reported DMCA harassment... --> + +<p> +If you are a representative of a company who feels that this router is being +used to violate the DMCA, please be aware that this machine does not host or +contain any illegal content. Also be aware that network infrastructure +maintainers are not liable for the type of content that passes over their +equipment, in accordance with <a +href="http://www4.law.cornell.edu/uscode/html/uscode17/usc_sec_17_00000512----000-... +"safe harbor" provisions</a>. In other words, you will have just as much luck +sending a takedown notice to the Internet backbone providers. Please consult +<a href="https://www.torproject.org/eff/tor-dmca-response">EFF's prepared +response</a> for more information on this matter.</p> + +<p>For more information, please consult the following documentation:</p> + +<ol> +<li><a href="https://www.torproject.org/about/overview">Tor Overview</a></li> +<li><a href="https://www.torproject.org/docs/faq-abuse">Tor Abuse FAQ</a></li> +<li><a href="https://www.torproject.org/eff/tor-legal-faq">Tor Legal FAQ</a></li> +</ol> + +<p> +That being said, if you still have a complaint about the router, you may +email the <a href="mailto:FIXME_YOUR_EMAIL_ADDRESS">maintainer</a>. If +complaints are related to a particular service that is being abused, I will +consider removing that service from my exit policy, which would prevent my +router from allowing that traffic to exit through it. I can only do this on an +IP+destination port basis, however. Common P2P ports are +already blocked.</p> + +<p> +You also have the option of blocking this IP address and others on +the Tor network if you so desire. The Tor project provides a <a +href="https://check.torproject.org/cgi-bin/TorBulkExitList.py%22%3Eweb service</a> +to fetch a list of all IP addresses of Tor exit nodes that allow exiting to a +specified IP:port combination, and an official <a +href="https://www.torproject.org/tordnsel/dist/%22%3EDNSRBL</a> is also available to +determine if a given IP address is actually a Tor exit server. Please +be considerate +when using these options. It would be unfortunate to deny all Tor users access +to your site indefinitely simply because of a few bad apples.</p> + +</body> +</html> diff --git a/src/resources/exitNotice/how_tor_works_thumb.png b/src/resources/exitNotice/how_tor_works_thumb.png new file mode 100644 index 0000000..b9ffe0d Binary files /dev/null and b/src/resources/exitNotice/how_tor_works_thumb.png differ
tor-commits@lists.torproject.org