Can someone else running a relay from their home connection confirm that they get an 'Access denied' error from http://www.nhs.uk? I've checked with someone using the same ISP in the flat above me and they seem able to access the site just fine, as can I via mobile internet so I'm down to suspecting that they are blocking all Tor relay IPs. This is the exact error I get: Access DeniedYou don't have permission to access "http://www.nhs.uk/" on this server.
Reference #18.1f7f1002.1397514736.1fe2170c The reference seems to change each time I visit. If this does turn out to be them blocking Tor - advice on how to approach contacting them to resolve this would be appreciated.
Thanks,
Chris
Chris Whittleston csw34@cam.ac.uk wrote:
Can someone else running a relay from their home connection confirm that they get an 'Access denied' error from http://www.nhs.uk? I've checked with someone using the same ISP in the flat above me and they seem able to access the site just fine, as can I via mobile internet so I'm down to suspecting that they are blocking all Tor relay IPs. This is the exact error I get: Access DeniedYou don't have permission to access "http://www.nhs.uk/" on this server.
Reference #18.1f7f1002.1397514736.1fe2170c The reference seems to change each time I visit. If this does turn out to be them blocking Tor - advice on how to approach contacting them to resolve this would be appreciated.
I closed the tab without noting the Reference #, so I can't comment, but yes, it did deny access. My relay is MYCROFTsOtherChild, and it and I are in Illinois.
Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at sdf.org *or* bennett at freeshell.org * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************
On 15 apr. 2014, at 00:50, Scott Bennett bennett@sdf.org wrote:
Chris Whittleston csw34@cam.ac.uk wrote:
Can someone else running a relay from their home connection confirm that they get an 'Access denied' error from http://www.nhs.uk? I've checked with someone using the same ISP in the flat above me and they seem able to access the site just fine, as can I via mobile internet so I'm down to suspecting that they are blocking all Tor relay IPs. This is the exact error I get: Access DeniedYou don't have permission to access "http://www.nhs.uk/" on this server.
Reference #18.1f7f1002.1397514736.1fe2170c The reference seems to change each time I visit. If this does turn out to be them blocking Tor - advice on how to approach contacting them to resolve this would be appreciated.
I closed the tab without noting the Reference #, so I can't comment,but yes, it did deny access. My relay is MYCROFTsOtherChild, and it and I are in Illinois.
Same situation here. I have an IP-adres with a non-exit relay, the IP seems blocked, from Amsterdam, NL. nhs.uk works fine from another IP that I have and from mobile.
Pepijn
Scott Bennett, Comm. ASMELG, CFIAG
- Internet: bennett at sdf.org *or* bennett at freeshell.org *
*--------------------------------------------------------------------*
- "A well regulated and disciplined militia, is at all times a good *
- objection to the introduction of that bane of all free governments *
- -- a standing army." *
- -- Gov. John Hancock, New York Journal, 28 January 1790 *
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Right - so this seems to confirm that they are indeed blocking Tor - and not just exits - I'm running a middle relay.
I've contacted them via a web form asking why they block all Tor relay IPs. Tips on what I should tell then if/when they get back to me tomorrow? Was currently planning on at least explaining the difference between middle and exit relays.
Chris
On 15 April 2014 00:50, Pepijn Le Heux pepijn@leheux.com wrote:
On 15 apr. 2014, at 00:50, Scott Bennett bennett@sdf.org wrote:
Chris Whittleston csw34@cam.ac.uk wrote:
Can someone else running a relay from their home connection confirm that they get an 'Access denied' error from http://www.nhs.uk? I've checked
with
someone using the same ISP in the flat above me and they seem able to access the site just fine, as can I via mobile internet so I'm down to suspecting that they are blocking all Tor relay IPs. This is the exact error I get: Access DeniedYou don't have permission to access "http://www.nhs.uk/"
on
this server.
Reference #18.1f7f1002.1397514736.1fe2170c The reference seems to change each time I visit. If this does turn out
to
be them blocking Tor - advice on how to approach contacting them to
resolve
this would be appreciated.
I closed the tab without noting the Reference #, so I can't comment,but yes, it did deny access. My relay is MYCROFTsOtherChild, and it and
I
are in Illinois.
Same situation here. I have an IP-adres with a non-exit relay, the IP seems blocked, from Amsterdam, NL. nhs.uk works fine from another IP that I have and from mobile.
Pepijn
Scott Bennett, Comm. ASMELG, CFIAG
- Internet: bennett at sdf.org *or* bennett at freeshell.org *
*--------------------------------------------------------------------*
- "A well regulated and disciplined militia, is at all times a good *
- objection to the introduction of that bane of all free governments *
- -- a standing army." *
- -- Gov. John Hancock, New York Journal, 28 January 1790 *
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Tue, Apr 15, 2014, at 01:03 AM, Chris Whittleston wrote:
Right - so this seems to confirm that they are indeed blocking Tor - and not just exits - I'm running a middle relay.
I've contacted them via a web form asking why they block all Tor relay IPs. Tips on what I should tell then if/when they get back to me tomorrow? Was currently planning on at least explaining the difference between middle and exit relays.
Chris
They are also blocking Hidemyass.com GD
Chris Whittleston wrote:
Can someone else running a relay from their home connection confirm that they get an 'Access denied' error from http://www.nhs.uk? I've checked with someone using the same ISP in the flat above me and they seem able to access the site just fine, as can I via mobile internet so I'm down to suspecting that they are blocking all Tor relay IPs. This is the exact error I get: Access DeniedYou don't have permission to access "http://www.nhs.uk/" on this server.
Reference #18.1f7f1002.1397514736.1fe2170c The reference seems to change each time I visit. If this does turn out to be them blocking Tor - advice on how to approach contacting them to resolve this would be appreciated.
Thanks,
Chris
I am running both my relay, OnionTorte, and a vanilla machine from a home connection. Both get denied access, and the Ref# changes w/ each visit.
HTH,
P
On Mon, 14 Apr 2014 23:37:35 +0100 Chris Whittleston csw34@cam.ac.uk allegedly wrote:
Can someone else running a relay from their home connection confirm that they get an 'Access denied' error from http://www.nhs.uk? I've checked with someone using the same ISP in the flat above me and they seem able to access the site just fine, as can I via mobile internet so I'm down to suspecting that they are blocking all Tor relay IPs. This is the exact error I get: Access DeniedYou don't have permission to access "http://www.nhs.uk/" on this server.
Reference #18.1f7f1002.1397514736.1fe2170c The reference seems to change each time I visit. If this does turn out to be them blocking Tor - advice on how to approach contacting them to resolve this would be appreciated.
Confirmed. My (non-exit) relay in Amsterdam is blocked. Another (non-tor) server in Amsterdam is not blocked, nor are my non-tor servers in the UK, SanFrancisco or NYC blocked.
As for getting this changed, that may be difficult. You could try contacting the site through the page at: http://www.nhs.uk/aboutNHSChoices/Pages/ContactUs.aspx and selecting the "I have experienced a problem accessing or using the website or some part of it" radio button and then commenting. You could contact the NHS at the (postal) address below. You could contact the DoH (Charles Massey) https://www.gov.uk/government/people/charlie-massey
As evidence in favour of Tor's value, you could point to the "who uses Tor" page at https://www.torproject.org/about/torusers.html.en. You could usefully explain the obvious value of anonymity in browsing health related sites.
And, since you appear to be in Cambridge, you could look for some support (and possible advice) from Ross Anderson (http://www.cl.cam.ac.uk/~rja14/). You can bet that Ross uses Tor, and he almost certainly has experience in dealing with awkward parts of HMG.
Best
Mick
------------------------------------- NHS address
NHS Connecting for Health Informatics Directorate Department of Health Princes Exchange Princes Square Leeds West Yorkshire LS1 4HY
---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------
Thanks for all that Mick - I have already contacted them via that form and received an initial response (pasted below) which isn't that encouraging. I suspect the biggest challenge with this is going to be getting access to the people who have influence or power to make a change. I've contacted Ross also so we'll see if he has any insight or advice.
Here is their reply:
------------------------------------------------------------- Dear Chris,
Thank you for contacting the NHS Choices Service desk
Unfortunately the issue you have raised seem to be to with your internet connection as you are running a Tor middle relay. We are unable aid you on this issue as no we have not has any reports of issue with connecting to the site. If we have blocked Tor, it will be due to security reasons.
Kind Regards,
Kalpesh
The NHS Choices Service Desk -------------------------------------------------------------
I think the next step will be to find out if they can direct me to the person who made the decision to block public Tor IPs in the first place, or the policy/IT team who implemented it. I'll update when I have more.
Chris
On 15 April 2014 14:46, mick mbm@rlogin.net wrote:
On Mon, 14 Apr 2014 23:37:35 +0100 Chris Whittleston csw34@cam.ac.uk allegedly wrote:
Can someone else running a relay from their home connection confirm that they get an 'Access denied' error from http://www.nhs.uk? I've checked with someone using the same ISP in the flat above me and they seem able to access the site just fine, as can I via mobile internet so I'm down to suspecting that they are blocking all Tor relay IPs. This is the exact error I get: Access DeniedYou don't have permission to access "http://www.nhs.uk/" on this server.
Reference #18.1f7f1002.1397514736.1fe2170c The reference seems to change each time I visit. If this does turn out to be them blocking Tor - advice on how to approach contacting them to resolve this would be appreciated.
Confirmed. My (non-exit) relay in Amsterdam is blocked. Another (non-tor) server in Amsterdam is not blocked, nor are my non-tor servers in the UK, SanFrancisco or NYC blocked.
As for getting this changed, that may be difficult. You could try contacting the site through the page at: http://www.nhs.uk/aboutNHSChoices/Pages/ContactUs.aspx and selecting the "I have experienced a problem accessing or using the website or some part of it" radio button and then commenting. You could contact the NHS at the (postal) address below. You could contact the DoH (Charles Massey) https://www.gov.uk/government/people/charlie-massey
As evidence in favour of Tor's value, you could point to the "who uses Tor" page at https://www.torproject.org/about/torusers.html.en. You could usefully explain the obvious value of anonymity in browsing health related sites.
And, since you appear to be in Cambridge, you could look for some support (and possible advice) from Ross Anderson (http://www.cl.cam.ac.uk/~rja14/). You can bet that Ross uses Tor, and he almost certainly has experience in dealing with awkward parts of HMG.
Best
Mick
NHS address
NHS Connecting for Health Informatics Directorate Department of Health Princes Exchange Princes Square Leeds West Yorkshire LS1 4HY
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hello Chris!
I run an internal relay in Austria
https://torstatus.blutmagie.de/router_detail.php?FP=19eb1397aa60f3fb8bd0995b...
and checked
from my original IP. It worked, I accessed the site.
Best regards
Anton
On Tue, 15 Apr 2014 21:24:00 +0200 no.thing_to-hide@cryptopathie.eu allegedly wrote:
I run an internal relay in Austria
https://torstatus.blutmagie.de/router_detail.php?FP=19eb1397aa60f3fb8bd0995b...
and checked
from my original IP. It worked, I accessed the site.
That's interesting.
From the DNS responses I get from various places it looks as if the NHS site is run on the Akamai CDN. So it may be that (some of) the Akamai servers are blocking Tor.
Mick
---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------
Is there a legal basis for suing government or other agencies with a public service mandate that persistently block traffic from ip addresses of *non-exit* relays? Is the list of the non-exits easy to obtain by non-tor users and why? I understand and support publishing *exit* ip addresses, that is not what i am questioning here.
On Tue, Apr 15, 2014 at 3:37 PM, mick mbm@rlogin.net wrote:
On Tue, 15 Apr 2014 21:24:00 +0200 no.thing_to-hide@cryptopathie.eu allegedly wrote:
I run an internal relay in Austria
https://torstatus.blutmagie.de/router_detail.php?FP=19eb1397aa60f3fb8bd0995b...
and checked
from my original IP. It worked, I accessed the site.
That's interesting.
From the DNS responses I get from various places it looks as if the NHS site is run on the Akamai CDN. So it may be that (some of) the Akamai servers are blocking Tor.
Mick
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Mon, 14 Apr 2014 23:37:35 +0000, Chris Whittleston wrote: ...
Access DeniedYou don't have permission to access "http://www.nhs.uk/" on this server.
I could access them this morning via tor (unfortunately I can't tell which exit was used). May well be just not-yet-blacklisted.
Andreas
On Mon, 14 Apr 2014 23:37:35 +0100 Chris Whittleston csw34@cam.ac.uk wrote:
Can someone else running a relay from their home connection confirm that they get an 'Access denied' error from http://www.nhs.uk? I've checked with someone using the same ISP in the flat above me and they seem able to access the site just fine, as can I via mobile internet so I'm down to suspecting that they are blocking all Tor relay IPs. This is the exact error I get: Access DeniedYou don't have permission to access "http://www.nhs.uk/" on this server.
Rather than going back and forth with "nope blocked for me", "oh works for me" useless junk, did it not occur to anyone to run a simple console command?...
$ host www.nhs.uk www.nhs.uk is an alias for san.nhs.uk.edgekey.net. san.nhs.uk.edgekey.net is an alias for e9134.ksd.akamaiedge.net. e9134.ksd.akamaiedge.net has address 2.19.223.45
And Akamai blocking Tor is very old news, at least from back in September 2013: https://lists.torproject.org/pipermail/tor-talk/2013-September/030026.html So that's whom you (also) should be pestering about this, not (just) the clueless support drones at NHS.
tor-relays@lists.torproject.org
-
Andreas Krey -
Chris Whittleston -
Geoff Down -
krishna e bera -
mick -
no.thing_to-hide@cryptopathie.eu -
Pepijn Le Heux -
Roman Mamedov -
Scott Bennett -
Tor Relay