-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Paritesh Boyeyoko:
On Friday 01 Nov 2013 19:36:11 krishna e bera wrote:
On the other hand, i had a reduced exit policy and still got DMCA complaints just for the .torrent file being downloaded via HTTP through my exit.
Let me run a couple ideas past you:
- Configure Squid as a forward proxy with Squidguard and
configure Squidguard to reject any URL with "announce" in it. Use IPTables to transparently redirect anything destined for ports 80, 2710 and other well known tracker ports to Squid.
- Do not exit port 80. While security and anonymity are separate
things, they are tightly coupled, so why not exit only secure ports: HTTPS, POP3S, IMAPS etc.
Obviously some protocols use TLS on the same port as the clear traffic, but how detrimental do you think restricting to SSL/TLS enabled protocols (with a few exceptions) would be?
What if someone inside a totalitarian state is attempting to upload evidence of a massacre to a service which runs on port 80?
I'd love to get the bandwidth back from the 16 year olds downloading movies and terrible porn over Tor, too, but this won't fly, and y'all are gonna get flamed into cinders in about 5... 4... 3... for the types of reasons I just mentioned above.
Best, - -Gordon M.