-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 21/07/2014 6:21 AM, Thomas White wrote:
Also note, botnets in this sense are not the topic. The proposal is an easy mechanism to censor hidden services and let it not be portrayed as anything other than that. ...
So to state clearly:
Should Tor Project develop a system to filter hidden services?
The simple fact of the matter is this: However good and pure our intentions may be ("We'll only block malware and child porn!"), a system would have to be developed to allow us to block arbitrary services. Something I have noticed which trips up most people is their inability to see beyond themselves. YOU may have only the best intentions. YOU may never countenance blocking inconvenient truths on Twitter / Slashdot / news-feed-of-the-day. But once a system is created that can block arbitrary services, it's only a matter of time before somebody with intentions less pure than your own decide to start blocking other things. Maybe somebody with an upright moral standing decides it would be better to block everything PG-13 and up. Maybe somebody decides their government is taking too much flack on an issue, and tries to "help out" by filtering some news sites they feel are particularly biased. Maybe I decide that tabloid magazines are total trash, and nobody should be allowed to give them business so they'll just die off in the end. Why would we want to replace a system of government censorship with censorship-by-the-masses? I thought we wanted to decide for ourselves--what we read, to whom we listen, what we do, and with whom we associate. (Never mind the legal fact that, if we CAN filter / exert legitimate control over the traffic flowing over the network, somebody will figure out a way to MAKE us do so--and it may not be what we personally agree should be blocked.) Insofar as botnets create an infrastructure problem with Tor (ie. the HSDir mobbing issue), that's something that we can work on addressing. Maybe a more load-tolerant design or what-have-you. Filtering things is not the answer. (I should add as a final note: filtering ports is not the same as filtering sites or traffic. I don't care what traffic passes over port 80, nor should I. But traffic on port 25 gets me marked as a spammer and shuts down my exit nodes, so I can't have that. Anybody who wants to change that traffic to tunnel over port 80 or 22 or whatever is free to do so, and I do not and should not know about it. If I can find a provider within my budget range who allows full exits and lets me handle all the abuse issues myself, I dare say I'll allow all ports through that exit.) -Lance -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJTzSLQXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFOTU0QzY1NzkzNzU1NkQ0RTgwNzA3REY0 MEE2MDZBN0U4MDYwNUU3AAoJEECmBqfoBgXn1yAP/1WkRN8/AQCw1CQeyjla95gM 8XArNV08OuKIBcvds/SHAH17ZSyo/d84WITw95583+PPjbH8jwTFsv0ja2c7ydT8 vMcWUnio2rNnor1lVuQNcdwK8YrhjUecqeRA6LZ9EKgIhmHzIj/yDSvCJcSkcccp 8VNOx9y6dTPHD6srDi7RaFBX6VBDSOFpvmqNWgdAy8xpBQLpalM39zkYCTDRJo8r lYj7/Tey+xukBn0LOggs7IkQkaDRAkDh5k4HGH+z8ZIanSnNun0N7qtN+oBuIz/h vpNpHw9ECSPRzSOWKuAHqYPf2mUPf7FEXKSFvHixdtjtzDgfdVH9yalSFv1ckQtD fkNtd5qKwdB6AGk6pL32QFhld8OsWGqY05ekHpa8BnItKwR1dxy7pANf9T9jFkzK Y0QQxPdtZQLKFXGGmd4r0iFGKk4UXnH9+oF3T3uSUU0j++o0eubXpxwBPYgq0hST pvDY3OGd+ht/28ebZYQfCw5K+1SjZ2WISFur8BKe3ugobq0xpNProl128eIQMDjP X5jtCI6H2zOPEcc3DfnISP+v/3WXjfQDumJu4vfOnbOaooextfcxRI1Qxs4MXRWp EmEQlHFO0QM3zvR+4QNkglI4lSwtbGpD6nVmECFJoKxOObLGq9c5lDmYQYuYZMdU SGW3OOyENag1dnNzPBCu =/euC -----END PGP SIGNATURE-----