[tbb-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 23 20:25:59 UTC 2016

#18361: Issues with corporate censorship and mass surveillance
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |

Comment (by kbaegis):

 > > Finally, I'd invite you to revisit the key point here, which is that
 your product line makes Tor unusable by many users who still want to
 browse the web anonymously.  I understand that your company has a goal.
 In this specific context, the busi ness goals are causing a legitimate
 harm to web users and this is something that I suggest you revisit more
 broadly within your organization.  Surely !CloudFlare has technical
 expertise that extends beyond "Let's fix that with captcha" and there  are
 probably (from an engineering perspective) better ways to solve both  the
 problems of DDoS and spam than authenticating every single session.
 > >
 > >
 > >
 > I agree with this. I've kicked off an internal discussion of the best
 way to deal with the abuse coming from Tor (and elsewhere) that doesn't
 involve CAPTCHAs. We'll continue with the other things listed above as I
 want to have some immediate impact on this while in parallel looking  for
 better solutions.

 I agree with Jacob here.  The Tor community can likely give you unique
 expertise if they're given a forum to do so.  Currently, they had to open
 a ticket to get your attention- hence the above discussion.  I'd also
 seriously look into how you are addressing DDoS from the network layer
 (specifically your edge router/firewall/load balancing configurations),
 how you scale your client infrastructure elastically, and specifically how
 you define your threat model.  Two subpoints: your own engineer has
 admitted that captcha is a terrible way to address this problem, stating
 "we struggle to even serve captchas."  So I'd challenge that this is an
 effective solution.  Second, I'm with several others here seriously
 questioning the SNR and throughput constraints around blanket allowance of
 Tor infrastructure.  It's like using a hatchet to remove a fly from your
 friends forehead.  Small problem, oblique solution.

 > > I'll wrap up with a question.  How are you intending on rolling  out
 this new feature?  Is it going to be opt-in, opt-out, will there be  an
 email sent to your customers about using it?  I think that this is
 something that the community is greatly interested in.
 > >
 > Almost everything we announce goes on our blog so I imagine we'll do it
 that way. It gets emailed to people who subscribe to the blog. I don't
 know if it'll be emailed to all customers (mostly because we don't tend
 to send them a lot of email and it's the mark eting group that decides).
 The current plan is for this to be opt-in.

 I think that this marginalizes the issue.  Offering a feature that most
 customers would have to voluntarily opt into and likely don't know about
 (because they'd have to be looking for it to find it) is a waste of
 everyone's time- particularly a CTO.  If your goal is to find a solution,
 this patently isn't it if it's going to be unannounced and opt-in.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:103>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list