On Tue, 27 Nov 2012 01:58:40 +0000 (UTC) Sven Olaf Kamphuis sven@cb3rob.net wrote:
[Utopian fantasy]
Meanwhile, back in the Real World, ancient protocols like SMTP dominate the Internet (oh look, you used it to post to this list) and people do what they have to in order to keep their services running. Perhaps you've never worked on a project large enough that network ops and development are handled by separate teams, but in such an environment a sysadmin who allowed the servers to fall over because they believed it was dev's responsibility would quickly find herself out of a job.
Tor won't benefit from that person's career suicide. Whereas giving admins the power to implement an easy kill switch (by blocking the exits when they need to) makes Tor a much less attractive prospect for those who would abuse the network. If you can run your attack over Tor, knowing you can be blocked easily, or over some botnet, which would you choose? This means more bandwidth for the rest of us, and fewer abuse complaints for exit operators. I'd say that's a win.
Of course, some organisations (I'm looking at Wikipedia) have a problem with Tor that is due to policy, not technology. Is their policy right? Of course not - the impressive level of vandalism that happens anyway proves that (although CluebotNG has an equally impressive catch rate, it has to be said). But unless you're the one paying for and running the infrastructure of that free-as-in-beer service, what right do you have to say “let them all go to hell”? Do you say the same about people who run relays whose exit policies don't allow your traffic? Do you curse at your neighbour whose unencrypted wireless network doesn't allow connections to your favourite porn site? Seriously, get some perspective.
Nobody's going to listen if you're rude to/about them. They're more likely to just dig in their heels and erect another barrier. People do what they feel they must to protect what they (are being paid to) care about. Being open about where the exits are is one way of saying “look, we're all friends”. Conversely, making a serious effort to circumvent their blocks by using unpublished exit addresses will simply create another game of Cat & Mouse, just like the one being played with bridge relays. Sites like Wikipedia, who have made at least some token efforts to come to a solution which works for Tor, will stop trying at all because it will no longer be possible to distinguish Tor exit traffic from other non-authenticated connections.
As you can see I've made the effort to write in real sentences, use capital letters and avoid “zomg”. I won't do so a second time, because if I haven't convinced you by now I'm not going to. By all means continue daydreaming, just remember that's what it is. If you want your utopia to eventually exist, you have to start with reality. You can't just will it into existence.
Julian