[tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 6 14:59:18 UTC 2016 

#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
 Reviewer:                                |        Sponsor:  None
------------------------------------------+--------------------------

Comment (by tne):

 Replying to [comment:221 jgrahamc]:
 > Replying to [comment:220 tne]:
 > > I agree wholeheartedly with your mention of focusing on individual
 requests instead (who wouldn't?). The problem is, it's just a promise at
 this point. If you could really do it efficiently and reliably, this
 entire discussion would be moot -- you could drop IP rep altogether.
 However, you don't, so evidently you can't (yet) do it efficiently and
 reliably, and timing matters.
 >
 > We already do examine individual requests to look for abuse. That's part
 of the layers of defense we give web sites.

 Exactly; it's "part of" your solution. In and of itself, it isn't
 sufficient. This means you'll continue to rely on IP rep. Nobody likes
 that, not even you I reckon, but it's the best you have right now. Dealing
 with that reality, I think there are ways to reduce the pain in specific
 areas (e.g. sites that are not being "actively abused") and that are worth
 exploring. Would you comment on that?

 > > Whatever long-term plans CF might have regarding a strictly request-
 level approach, any short-term compromises will help.
 >
 > I'm working short and medium on this not long. Short term we've
 introduced the ability for sites to whitelist Tor, we changed our
 clearance cookie so that it applies across circuit changes, and we've
 recently made changes to the CAPTCHAs which should stop people getting
 stuck in loops of CAPTCHAs. I'm also working on a slightly less short term
 project to apply other technologies (non-CAPTCHA) to Tor. The important
 thing there is that I need to measure their effectiveness in this
 situation and will do so.

 I know, I've been following the discussion. I probably should have thanked
 you and your team for that beforehand. As I said, I even benefit from some
 of those changes, and that's great.

 I'm looking forward to those non-CAPTCHA approaches. It's good to hear
 they're planned for the "short to medium term", since for many people
 those are the ones that matter most.

 (Note that this is orthogonal to the point I was making; but that's OK.)

 > > Attempting to reduce CF's reliance on it is a noble goal that I
 support, I'm just afraid it is a mirage that will only perpetuate the
 status quo (which, in my view and that of many others, is hardly tenable).
 Hopefully I don't come across as a defeatist, I'm just trying to be
 realistic (hence the more nuanced suggestion).
 >
 > I'm not spending my time here as some sort of mirage or PR exercise.

 Given the whole thread above I understand the tone, but I'd like not to be
 caught in the crossfire. I'm referring to a technical mirage (I think it's
 fair to say at this point that dropping IP reputation is not a goal you
 can set a date for right now, and maybe you'll never be able to). I have
 yet to see anything that would suggest CF is trying to mislead anyone
 deliberately, and I'm not trying to imply it myself.

 Assumption: By "''It's better to think at an individual request level and
 ask "Does this request indicate abuse?" and then decide what to do. Of
 course, we can take into account other things as well, but [...]''" you
 didn't really mean that you were aiming to do that exclusively, as that
 would prevent you from using an IP reputation system (which uses data
 besides the isolated request, i.e. reputation scores gathered via other
 customer sites). I interpreted it like that however, and we might have
 talked past each other. If that's correct, what I said will make more
 sense.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:222>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list