[tor-relays] Deploy relays using hidden exit IP's?
Michael Zeltner
m at niij.org
Tue Oct 30 09:37:12 UTC 2012
Excerpts from grarpamp's message of 2012-10-30 10:20:03 +0100:
> Shouldn't some exit relays (funded or not) be deployed
> to use an exit IP that is different from it's advertised
> exit IP in order to prevent a simplistic form of blocking
> based on scraping the descriptor set? I think this can
> happen if the default route is out another interface or
> secondary address. Something of that nature.
There are a few exits that do that, IIRC, however, please correct me if I'm
wrong, it causes https://check.torproject.org/ to tell the user that they
aren't using Tor for their connection.
It's one thing having a green onion in your browser bar, another to get
confirmation from a service dedicated to only check if the connection is coming
from the Tor network ... There's potential for people being quite confused by
such a setup. From a usability standpoint, I think it's a bad idea at this
point.
In regards to solutions for this, I'm wondering if there could be some sort of
callback that would drop the connection if it didn't come from a
check.torproject.org request?
Michael
--
http://niij.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20121030/fbb63acf/attachment.pgp>
More information about the tor-relays
mailing list