[tor-relays] Deploy relays using hidden exit IP's?

Julian Yon julian at yon.org.uk
Tue Nov 27 16:23:21 UTC 2012

On Tue, 27 Nov 2012 01:58:40 +0000 (UTC)
Sven Olaf Kamphuis <sven at cb3rob.net> wrote:

> [Utopian fantasy]

Meanwhile, back in the Real World, ancient protocols like SMTP dominate
the Internet (oh look, you used it to post to this list) and people
do what they have to in order to keep their services running. Perhaps
you've never worked on a project large enough that network ops and
development are handled by separate teams, but in such an environment a
sysadmin who allowed the servers to fall over because they believed it
was dev's responsibility would quickly find herself out of a job.

Tor won't benefit from that person's career suicide. Whereas giving
admins the power to implement an easy kill switch (by blocking the
exits when they need to) makes Tor a much less attractive prospect for
those who would abuse the network. If you can run your attack over Tor,
knowing you can be blocked easily, or over some botnet, which would you
choose? This means more bandwidth for the rest of us, and fewer abuse
complaints for exit operators. I'd say that's a win.

Of course, some organisations (I'm looking at Wikipedia) have a problem
with Tor that is due to policy, not technology. Is their policy right?
Of course not - the impressive level of vandalism that happens anyway
proves that (although CluebotNG has an equally impressive catch rate,
it has to be said). But unless you're the one paying for and running
the infrastructure of that free-as-in-beer service, what right do you
have to say “let them all go to hell”? Do you say the same about people
who run relays whose exit policies don't allow your traffic? Do you
curse at your neighbour whose unencrypted wireless network doesn't
allow connections to your favourite porn site? Seriously, get some

Nobody's going to listen if you're rude to/about them. They're more
likely to just dig in their heels and erect another barrier. People do
what they feel they must to protect what they (are being paid to) care
about. Being open about where the exits are is one way of saying “look,
we're all friends”. Conversely, making a serious effort to circumvent
their blocks by using unpublished exit addresses will simply create
another game of Cat & Mouse, just like the one being played with bridge
relays. Sites like Wikipedia, who have made at least some token efforts
to come to a solution which works for Tor, will stop trying at all
because it will no longer be possible to distinguish Tor exit traffic
from other non-authenticated connections.

As you can see I've made the effort to write in real sentences, use
capital letters and avoid “zomg”. I won't do so a second time, because
if I haven't convinced you by now I'm not going to. By all means
continue daydreaming, just remember that's what it is. If you want your
utopia to eventually exist, you have to start with reality. You can't
just will it into existence.


3072D/F3A66B3A Julian Yon (2012 General Use) <pgp.2012 at jry.me>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20121127/b414c3f6/attachment.pgp>

More information about the tor-relays mailing list