[tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 22 12:24:28 UTC 2016 

#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |
------------------------------------------+--------------------------

Comment (by jgrahamc):

 Replying to [comment:29 cypherpunks]:
 > CloudFlare expect that "good" User-Agents should leave a permanent trail
 of history between all sites across the web.

 No, we do not.

 We have a simple need: our customers pay us to protect their web sites
 from DoS, spam and intrusions using things like SQL injection. We need to
 provide that service for the money they pay us.

 Another way to think about this is to imagine we're not talking about Tor
 but some other source of abuse. In the past we've worked to shut down open
 DNS resolvers, open NTP servers, and we work with networks to disable
 abuse coming from them. We can't do those things with Tor because of its
 nature.  So we're in a tough spot, we see abuse coming from Tor that's
 hard to deal with because of anonymity.

 A related approach might be for us to say "Let's whitelist all the Tor
 exit nodes". Play that forward a bit and you could see that any abuser
 worth their salt would migrate to Tor increasing the abuse problem through
 Tor.

 Ultimately, I think we want the same thing: reduce abuse coming through
 Tor. Coming up with a good technical solution is hard, but worth working
 on. You may think that CloudFlare doesn't care about this problem, but in
 fact it's something that's occupying time (and therefore money) as we look
 for solutions.

 Despite what's been said in this ticket there have been contacts between
 CloudFlare and Tor developers.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:30>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list