[tor-commits] [arm/master] Adding exit notice to resources

atagar at torproject.org atagar at torproject.org
Thu Jun 30 03:32:10 UTC 2011 

commit 3f52b976a61e47ea8fe1403ff0b38723646ffa3b
Author: Damian Johnson <atagar at torproject.org>
Date:   Wed Jun 29 20:13:06 2011 -0700

    Adding exit notice to resources
    
    The relay setup wizard will have an option for presenting an exit notice, so
    adding those resources.
---
 setup.py                                         |   23 +++-
 src/resources/exitNotice/exit-noice.html         |  143 ++++++++++++++++++++++
 src/resources/exitNotice/how_tor_works_thumb.png |  Bin 0 -> 8147 bytes
 3 files changed, 163 insertions(+), 3 deletions(-)

diff --git a/setup.py b/setup.py
index 1eec903..6e31f44 100644
--- a/setup.py
+++ b/setup.py
@@ -2,11 +2,28 @@
 import os
 import sys
 import gzip
-import glob
 import tempfile
 from src.version import VERSION
 from distutils.core import setup
 
+def getResources(dst, sourceDir):
+  """
+  Provides a list of tuples of the form...
+  [(destination, (file1, file2...)), ...]
+  
+  for the given contents of the src directory (that's right, distutils isn't
+  smart enough to know how to copy directories).
+  """
+  
+  results = []
+  
+  for root, _, files in os.walk(os.path.join("src", sourceDir)):
+    if files:
+      fileListing = tuple([os.path.join(root, file) for file in files])
+      results.append((os.path.join(dst, root[4:]), fileListing))
+  
+  return results
+
 # Use 'tor-arm' instead of 'arm' in the path for the sample armrc if we're
 # building for debian.
 
@@ -91,8 +108,8 @@ setup(name='arm',
       data_files=[("/usr/bin", ["arm"]),
                   ("/usr/share/man/man1", [manFilename]),
                   (docPath, ["armrc.sample"]),
-                  ("/usr/share/arm", ["src/settings.cfg", "src/uninstall"]),
-                  ("/usr/share/arm/resources", glob.glob("src/resources/*"))],
+                  ("/usr/share/arm", ["src/settings.cfg", "src/uninstall"])] + 
+                  getResources("/usr/share/arm", "resources"),
      )
 
 # Cleans up the temporary compressed man page.
diff --git a/src/resources/exitNotice/exit-noice.html b/src/resources/exitNotice/exit-noice.html
new file mode 100644
index 0000000..7475984
--- /dev/null
+++ b/src/resources/exitNotice/exit-noice.html
@@ -0,0 +1,143 @@
+<?xml version="1.0"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
+<title>This is a Tor Exit Router</title>
+
+<!--
+
+This notice is intended to be placed on a virtual host for a domain that
+your Tor exit node IP reverse resolves to so that people who may be about
+to file an abuse complaint would check it first before bothering you or
+your ISP. Ex:
+http://tor-exit.yourdomain.org or http://tor-readme.yourdomain.org.
+
+This type of setup has proven very effective at reducing abuse complaints
+for exit node operators.
+
+There are a few places in this document that you may want to customize.
+They are marked with FIXME.
+
+Notice Source:
+https://gitweb.torproject.org/tor.git/blob_plain/HEAD:/contrib/tor-exit-notice.html
+
+-->
+
+</head>
+<body>
+
+<p style="text-align:center; font-size:xx-large; font-weight:bold">This is a
+Tor Exit Router</p>
+
+<p>
+Most likely you are accessing this website because you had some issue with
+the traffic coming from this IP. This router is part of the <a
+href="https://www.torproject.org/">Tor Anonymity Network</a>, which is
+dedicated to <a href="https://www.torproject.org/about/overview">providing
+privacy</a> to people who need it most: average computer users. This
+router IP should be generating no other traffic, unless it has been
+compromised.</p>
+
+
+<p style="text-align:center">
+<a href="https://www.torproject.org/about/overview">
+<img src="how_tor_works_thumb.png" alt="How Tor works" style="border-style:none"/>
+</a></p>
+
+<p>
+Tor sees use by <a href="https://www.torproject.org/about/torusers">many
+important segments of the population</a>, including whistle blowers,
+journalists, Chinese dissidents skirting the Great Firewall and oppressive
+censorship, abuse victims, stalker targets, the US military, and law
+enforcement, just to name a few.  While Tor is not designed for malicious
+computer users, it is true that they can use the network for malicious ends.
+In reality however, the actual amount of <a
+href="https://www.torproject.org/docs/faq-abuse">abuse</a> is quite low. This
+is largely because criminals and hackers have significantly better access to
+privacy and anonymity than do the regular users whom they prey upon. Criminals
+can and do <a
+href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_tools.html">build,
+sell, and trade</a> far larger and <a
+href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_distributing_your.html">more
+powerful networks</a> than Tor on a daily basis. Thus, in the mind of this
+operator, the social need for easily accessible censorship-resistant private,
+anonymous communication trumps the risk of unskilled bad actors, who are
+almost always more easily uncovered by traditional police work than by
+extensive monitoring and surveillance anyway.</p>
+
+<p>
+In terms of applicable law, the best way to understand Tor is to consider it a
+network of routers operating as common carriers, much like the Internet
+backbone. However, unlike the Internet backbone routers, Tor routers
+explicitly do not contain identifiable routing information about the source of
+a packet, and no single Tor node can determine both the origin and destination
+of a given transmission.</p>
+
+<p>
+As such, there is little the operator of this router can do to help you track
+the connection further. This router maintains no logs of any of the Tor
+traffic, so there is little that can be done to trace either legitimate or
+illegitimate traffic (or to filter one from the other).  Attempts to
+seize this router will accomplish nothing.</p>
+
+<!-- FIXME: US-Only section. Remove if you are a non-US operator -->
+
+<p>
+Furthermore, this machine also serves as a carrier of email, which means that
+its contents are further protected under the ECPA. <a
+href="http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00002707----000-.html">18
+USC 2707</a> explicitly allows for civil remedies ($1000/account
+<i><b>plus</b></i>  legal fees)
+in the event of a seizure executed without good faith or probable cause (it
+should be clear at this point that traffic with this originating IP address
+should not constitute probable cause to seize the machine). Similar
+considerations exist for 1st amendment content on this machine.</p>
+
+<!-- FIXME: May or may not be US-only. Some non-US tor nodes have in
+     fact reported DMCA harassment... -->
+
+<p>
+If you are a representative of a company who feels that this router is being
+used to violate the DMCA, please be aware that this machine does not host or
+contain any illegal content. Also be aware that network infrastructure
+maintainers are not liable for the type of content that passes over their
+equipment, in accordance with <a
+href="http://www4.law.cornell.edu/uscode/html/uscode17/usc_sec_17_00000512----000-.html">DMCA
+"safe harbor" provisions</a>. In other words, you will have just as much luck
+sending a takedown notice to the Internet backbone providers. Please consult
+<a href="https://www.torproject.org/eff/tor-dmca-response">EFF's prepared
+response</a> for more information on this matter.</p>
+
+<p>For more information, please consult the following documentation:</p>
+
+<ol>
+<li><a href="https://www.torproject.org/about/overview">Tor Overview</a></li>
+<li><a href="https://www.torproject.org/docs/faq-abuse">Tor Abuse FAQ</a></li>
+<li><a href="https://www.torproject.org/eff/tor-legal-faq">Tor Legal FAQ</a></li>
+</ol>
+
+<p>
+That being said, if you still have a complaint about the router,  you may
+email the <a href="mailto:FIXME_YOUR_EMAIL_ADDRESS">maintainer</a>. If
+complaints are related to a particular service that is being abused, I will
+consider removing that service from my exit policy, which would prevent my
+router from allowing that traffic to exit through it. I can only do this on an
+IP+destination port basis, however. Common P2P ports are
+already blocked.</p>
+
+<p>
+You also have the option of blocking this IP address and others on
+the Tor network if you so desire. The Tor project provides a <a
+href="https://check.torproject.org/cgi-bin/TorBulkExitList.py">web service</a>
+to fetch a list of all IP addresses of Tor exit nodes that allow exiting to a
+specified IP:port combination, and an official <a
+href="https://www.torproject.org/tordnsel/dist/">DNSRBL</a> is also available to
+determine if a given IP address is actually a Tor exit server. Please
+be considerate
+when using these options. It would be unfortunate to deny all Tor users access
+to your site indefinitely simply because of a few bad apples.</p>
+
+</body>
+</html>
diff --git a/src/resources/exitNotice/how_tor_works_thumb.png b/src/resources/exitNotice/how_tor_works_thumb.png
new file mode 100644
index 0000000..b9ffe0d
Binary files /dev/null and b/src/resources/exitNotice/how_tor_works_thumb.png differ

More information about the tor-commits mailing list