[tbb-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 23 13:17:56 UTC 2016

#18361: Issues with corporate censorship and mass surveillance
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |

Comment (by ioerror):

 Replying to [comment:87 jgrahamc]:
 > Replying to [comment:84 kbaegis]:
 > > Finally, I'd invite you to revisit the key point here, which is that
 your product line makes Tor unusable by many users who still want to
 browse the web anonymously.  I understand that your company has a goal.
 In this specific context, the business goals are causing a legitimate harm
 to web users and this is something that I suggest you revisit more broadly
 within your organization.  Surely CloudFlare has technical expertise that
 extends beyond "Let's fix that with captcha" and there are probably (from
 an engineering perspective) better ways to solve both the problems of DDoS
 and spam than authenticating every single session.
 > I agree with this. I've kicked off an internal discussion of the best
 way to deal with the abuse coming from Tor (and elsewhere) that doesn't
 involve CAPTCHAs. We'll continue with the other things listed above as I
 want to have some immediate impact on this while in parallel looking for
 better solutions.

 It would be nice if this wasn't a closed discussion with answers thrown
 over the wall. How can we include other people in these discussions?

 > > I'll wrap up with a question.  ''How'' are you intending on rolling
 out this new feature?  Is it going to be opt-in, opt-out, will there be an
 email sent to your customers about using it?  I think that this is
 something that the community is greatly interested in.
 > Almost everything we announce goes on our blog so I imagine we'll do it
 that way. It gets emailed to people who subscribe to the blog. I don't
 know if it'll be emailed to all customers (mostly because we don't tend to
 send them a lot of email and it's the marketing group that decides). The
 current plan is for this to be opt-in.

 It would be nice if CloudFlare engaged directly and worked together in an
 open manner. Talking on this bug is a great start and I hope that we can
 continue this process or improve it, perhaps by switching to another open,
 easy to use interface, if needed.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:92>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list