[tor-bugs] #2529 [Vidalia]: Reasonable default and warning for Vidalia exit policy settings

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Fri Feb 11 00:42:13 UTC 2011 

#2529: Reasonable default and warning for Vidalia exit policy settings
----------------------+-----------------------------------------------------
  Reporter:  mo       |              Owner:  chiiph        
      Type:  defect   |             Status:  new           
  Priority:  minor    |          Milestone:                
 Component:  Vidalia  |            Version:  Vidalia 0.2.10
  Keywords:           |             Parent:                
    Points:           |   Actualpointsdone:                
Pointsdone:           |       Actualpoints:                
----------------------+-----------------------------------------------------
 I think the way current Vidalia displays exit policy settings and applies
 them to the config is misleading.
 In particular, one user on Twitter understandably made the following
 problematic assumptions:
 1. The default is reasonable for most users and
 2. "Misc other services" in combination with the label that says "Tor
 blocks some outgoing mail and file sharing applications by default to
 reduce spam and other abuse" means that he does not to worry about DMCA
 complaints and the like.

 My suggestion is as follows:

 1. By default, leave all boxes on the "Exit Policies" tab unticked. The
 label below should say:
 "By default, Tor will only pass encrypted traffic between other Tor nodes.
 Tor always blocks some outgoing mail and file sharing applications."

 2. If a user ticks any box, a small warning sign will appear below the
 label together with a link: "Read about the dangers of letting traffic
 exit the Tor network from your relay here".

 The link should first explain TCP ports in short, what the default
 services are that use these ports, and what it means to share one's
 connection with other Tor users.

 3. The "Misc Other Services" should be renamed "All services". I know this
 is not technically correct, but the sentence below already states that
 some ports are blocked no matter what.

 I think this is a 'defect' and should not be regarded as enhancement.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2529>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list