[tor-relays] [tor-dev] Hidden service policies

Scott Bennett bennett at sdf.org
Mon Jul 21 11:22:09 UTC 2014

Thomas White <thomaswhite at riseup.net> wrote:

> Hash: SHA1
> Mike Hearn,
> Simple. If you start filtering anything at all, regardless of what it
> is (yes, even if you filter child porn or fraud sites) then I will
> block any connection of your relays to mine (which are exits and
> guards totally 4Gbps). There are uses for preventing some connections

     Sorry, wrong answer.  If you block connections from other relays,
you break the tor network.  I don't recall offhand whether that sort of
breakage might earn your relay either an Invalid flag or being simply
dropped from the consensus.

> like if you are legally required to then I guess the tradeoff of some
> inconvenience for a handful of relays, but still providing high-speed
> access to Tor for most people and sites is worth it. When you begin to
> do it as a proactive censorship event is when I will be firmly against
> you.
> The moment people censor things because it is illegal, immoral or
> "terrorist" is the moment that person accepts responsibility for the
> traffic that passes through their nodes and is an active attempt by
> them to filter what people can access. Freedom isn't free unless it is
> totally free and a selective reading policy through Tor is not just a
> bad idea as stated below, I find it outright insulting to me and
> everyone else who cares about the free and open internet. The fact
> somebody has the audacity to come to a project like Tor and propose
> blacklisting mechanisms is jaw-dropping.
> In addition, botnets using Tor actually improve the security of the
> network. Generally the more traffic there is, the harder it is to
> conduct statistical attacks against the users. Now of course it is not
> the most politic thing to say or the most popular, but it's the truth.

     Are you suggesting that the mobbing attacks on HSDIR relays are
the actions of botnets?  If so, then you are suggesting that the problem
of mobbing of HSDIR relays is probably insoluble because it would not
be the symptom of a bug in tor. :-(

> We don't need to stop x y or z using Tor, we need to get more people
> using Tor regardless of their purpose. Botnets are the result of
> design/security flaws and not something within the scope of Tor
> Project to address.

     Wrong again.  See multitudinous previous threads regarding bittorrent
over tor.
     Let me give you an example of appropriate filtering.  My system logs
frequent attacks/probes that I consider illegitimate.  I enter the source
addresses of those probes into a pf table of addresses from which SYN
packets for any protocol or port get dropped with no response.  However,
there is a cron job that runs every 30 minutes that takes all the relay IP
addresses in the most recently downloaded consensus and puts them into
another pf table.  This latter table is used by pf rules to bypass the
check described above, but only for relays attempting to connect to my
relay's ORPort or DirPort.  This prevents the sort of breakage you
threaten to cause because currently active relays will still be able to
relay through my relay, although if they are also in the table described
first, then they will have no *other* type of access to my system.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:   bennett at sdf.org   *or*   bennett at freeshell.org   *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *

More information about the tor-relays mailing list