[tor-dev] exit-node block bypassing
Ximin Luo
infinity0 at gmx.com
Tue Dec 31 11:49:03 UTC 2013
On 31/12/13 12:35, Jeroen Massar wrote:
> On 2013-12-31 12:07, Ximin Luo wrote:
>> Hey all,
>>
>> Flashproxy[1] helps to bypass entry-node blocks. But we could apply
>> the general idea to exit-nodes as well - have the exit-node connect
>> to the destination via an ephemeral proxy.
>
> If an exit node is blocked towards a certain site, that exit node should
> define a policy stating that it is blocked by that destination.
> (DirAuths could maybe be made to add extra details like that?)
>
> If an exit node is useless it is a bad exit and should not be used at
> all, that is, shutdown.
>
This is an unrelated topic from my original post. I am asking whether trying to implement an anti-exit-node-blocking-system would be A Good Thing To Do.
>
> For your 'flashproxy' case, it would just mean 'moving' the exit node to
> the new exit IP btw. You would thus only be shifting the problem.
>
Those new IPs are ephemeral and unpredictable, therefore not feasible to block. See the flashproxy page on how it works; a few tweaks are needed to make it work for exits, but it's fairly straightforward to do so.
But this is also an unrelated topic. I am less interested in getting it to technically work (because I am convinced it *will* work), but rather on whether it is a good idea or not.
--
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
More information about the tor-dev
mailing list