(as opposed to the people that seem to think that Exits should actively combat abuse by having the capability for censorship).
Well, a large number of exit nodes already have the capability for a man-in-the-middle attack. This capability could very well be a default option.
b) In your magic world, how would accessing any site that uses
multiple hosts for content to work?
Yes, yes. It is you who is being imposed upon, not Cloudflare, not the businesses that serve content. In my magic world, people produce things for free!
This might seem patronizing, but you seem genuinely ignorant. Cloudflare runs a business. They also get paid for it. That business is to protect email addresses from scrapes, and so forth. If they tell their customers that malicious actors can do those things, but only through Tor, because Tor does good work, their customers will take their business elsewhere.
In a libertarian world, people can bar entry to their property from people who seem suspicious. You do not believe that Cloudflare should be allowed to bar entry out of some egocentric concern.
By any reasonable definition of ethics, one must find a middle ground, and essentially, Cloudflare has all the negotiating power, unless you plan on personally battering down the doors of Cloudflare.
A good step would be to ask Cloudflare for statistics on Tor misuse.
Perhaps a maximum of 63 domain names (forgot Cloudflare only has a dozen IPs) per Tor circuit could be done.
On Sun, 3 Apr 2016 00:37:45 -0700 Ryan Carboni ryacko@gmail.com wrote:> >
(as opposed to the people that seem to think that Exits should actively combat abuse by having the capability for censorship).
Well, a large number of exit nodes already have the capability for a man-in-the-middle attack. This capability could very well be a default option.
There's legal/ethical issues with that sort of thing. In the bright future (more modern versions of HTTP for example), encryption is going to be the default.
An anonymity system that mounts active-man-in-the-middle attacks against TLS (or QUIC's encryption) isn't anything I'll be working on.
b) In your magic world, how would accessing any site that uses
multiple hosts for content to work?
[snip] This might seem patronizing, but you seem genuinely ignorant.
No. I was wondering how a poorly thought out idea is supposed to not negatively impact anonymity given that bundling multiple endpoints over a single circuit is good for anonymity.
It was a genuine technical question.
[snip]
By any reasonable definition of ethics, one must find a middle ground, and essentially, Cloudflare has all the negotiating power, unless you plan on personally battering down the doors of Cloudflare.
Well, I did write an addon that just fetches content from archive.is whenever I get a Captcha. Does that count?
Perhaps a maximum of 63 domain names (forgot Cloudflare only has a dozen IPs) per Tor circuit could be done.
You have a definition of "a dozen" that doesn't match one that I'm familiar with (https://archive.is/eSl37).
Anyway, it's easy for clients to request multiple circuits. An anonymity system where the Exit possesses linkable client identifiers between circuits/sessions is also a poor anonymity system.
*plonk*
On Sun, Apr 3, 2016 at 4:04 PM, Yawning Angel yawning@schwanenlied.me wrote:
Well, I did write an addon that just fetches content from archive.is whenever I get a Captcha. Does that count?
That's cool Yawning. Got a link to that? I'd like to try it.
-V