[tor-relays] [tor-dev] Hidden service policies

Thomas White thomaswhite at riseup.net
Mon Jul 21 13:21:08 UTC 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Sorry, wrong answer.  If you block connections from other relays, 
> you break the tor network.  I don't recall offhand whether that
> sort of breakage might earn your relay either an Invalid flag or
> being simply dropped from the consensus.

For a single relay to my knowledge, it shouldn't do. There are many
reasons some relays can't connect to each other so it doesn't "break"
Tor as an alternative route is simply found.


> Are you suggesting that the mobbing attacks on HSDIR relays are the
> actions of botnets?  If so, then you are suggesting that the
> problem of mobbing of HSDIR relays is probably insoluble because it
> would not be the symptom of a bug in tor. :-(

The question is botnet CnC's, the proposal has nothing to do with
solving the botnet CnC problem and I am also stating Tor is not the
one who needs to tackle them right at this moment, the budget and
resources are just not there. However creating a system where
operators start blacklisting hidden services is extremely bad for
anonymity both for the hidden service and the user.

To answer the rest of your question, I am not a developer. I am
somebody who cares about anonymity and that is why I run the 2nd
largest server cluster on the Tor network from my own pocket.
Filtering or proposing to blacklist anything is not acceptable in my
view. Whatever solutions individuals care to launch to protect their
relay is their own responsibility, but actively developing something
by the core developers to blacklist hidden service is a completely
despicable idea. To elaborate only on the legal side of things, if I
can easily block hidden services passing through my relays or if I am
the RV point for one the government can then serve me a notice
ordering me to block it, this I have already run through my solicitor
and there no escaping that fact unfortunately.

Also note, botnets in this sense are not the topic. The proposal is an
easy mechanism to censor hidden services and let it not be portrayed
as anything other than that. I can see why 90% of people opposed his
"coin taint" idea and 75% wanted him to leave the bitcoin foundation.
If Tor did introduce such measures, I would be swiftly leaving Tor's
ranks and withdrawing all support (both all 25 relays/exits/guards,
and financial) from it.

So to state clearly:

Should Tor Project develop a system to filter hidden services?

I'll let people decide that for themselves. But my opinion, is that
doing so defies the point of a hidden service and people who push for
it should be ashamed of themselves.

- -T






On 21/07/2014 12:22, Scott Bennett wrote:
> Thomas White <thomaswhite at riseup.net> wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> 
>> Mike Hearn,
>> 
>> Simple. If you start filtering anything at all, regardless of
>> what it is (yes, even if you filter child porn or fraud sites)
>> then I will block any connection of your relays to mine (which
>> are exits and guards totally 4Gbps). There are uses for
>> preventing some connections
> 
> Sorry, wrong answer.  If you block connections from other relays, 
> you break the tor network.  I don't recall offhand whether that
> sort of breakage might earn your relay either an Invalid flag or
> being simply dropped from the consensus.
> 
>> like if you are legally required to then I guess the tradeoff of
>> some inconvenience for a handful of relays, but still providing
>> high-speed access to Tor for most people and sites is worth it.
>> When you begin to do it as a proactive censorship event is when I
>> will be firmly against you.
>> 
>> The moment people censor things because it is illegal, immoral
>> or "terrorist" is the moment that person accepts responsibility
>> for the traffic that passes through their nodes and is an active
>> attempt by them to filter what people can access. Freedom isn't
>> free unless it is totally free and a selective reading policy
>> through Tor is not just a bad idea as stated below, I find it
>> outright insulting to me and everyone else who cares about the
>> free and open internet. The fact somebody has the audacity to
>> come to a project like Tor and propose blacklisting mechanisms is
>> jaw-dropping.
>> 
>> In addition, botnets using Tor actually improve the security of
>> the network. Generally the more traffic there is, the harder it
>> is to conduct statistical attacks against the users. Now of
>> course it is not the most politic thing to say or the most
>> popular, but it's the truth.
> 
> Are you suggesting that the mobbing attacks on HSDIR relays are the
> actions of botnets?  If so, then you are suggesting that the
> problem of mobbing of HSDIR relays is probably insoluble because it
> would not be the symptom of a bug in tor. :-(
> 
>> We don't need to stop x y or z using Tor, we need to get more
>> people using Tor regardless of their purpose. Botnets are the
>> result of design/security flaws and not something within the
>> scope of Tor Project to address.
> 
> Wrong again.  See multitudinous previous threads regarding
> bittorrent over tor. Let me give you an example of appropriate
> filtering.  My system logs frequent attacks/probes that I consider
> illegitimate.  I enter the source addresses of those probes into a
> pf table of addresses from which SYN packets for any protocol or
> port get dropped with no response.  However, there is a cron job
> that runs every 30 minutes that takes all the relay IP addresses in
> the most recently downloaded consensus and puts them into another
> pf table.  This latter table is used by pf rules to bypass the 
> check described above, but only for relays attempting to connect to
> my relay's ORPort or DirPort.  This prevents the sort of breakage
> you threaten to cause because currently active relays will still be
> able to relay through my relay, although if they are also in the
> table described first, then they will have no *other* type of
> access to my system.
> 
> 
> Scott Bennett, Comm. ASMELG, CFIAG 
> **********************************************************************
>
> 
* Internet:   bennett at sdf.org   *or*   bennett at freeshell.org   *
> *--------------------------------------------------------------------*
>
> 
* "A well regulated and disciplined militia, is at all times a good  *
> * objection to the introduction of that bane of all free
> governments * * -- a standing army."
> * *    -- Gov. John Hancock, New York Journal, 28 January 1790
> * 
> **********************************************************************
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQIcBAEBAgAGBQJTzRPEAAoJEE2uQiaesOsLZz4QALVWcTawSqkax2MQNzDht0KX
VlQHf1X0pLw01ELoBPybT5RTG+GIs0HfI9MPLK17hac3jDJ/an0zzC/QreBjAb7/
BOsfbXrwxei4XBsaWleS6gXUpt0k0ebNHjqIZ/SMTA96kLvis+b4YTOQ48CW5EQu
u4RXT69/iKEqRjGS3icnfcwvSyeBhfaQtJks9vt2cTqt2J3yB9kaYyXsXOdbFhYT
J2VpAOVsAfIrvEc8OEkt2qVdMXLbXhHFfPLb6CBql94Yy1+Z/jTxk32joMS47JlJ
zmGGcBPwYUf0DhubikbpRBNMypLM4lRXuu/iH9klpq0XhtV66x94W+Le4+4mDZKR
R/tAfcOwsy/Z7say7CJdaSyW0aLPoa1h/IdOhkC+bFhapDv09juvICsNEU5EqAOj
AgkHdiiQX8wXKIX0gaL4sf7cwGLcLDOiPMhwv+HtHhTTIzh4saMmF24GXVEnrCgR
xLzIt2t3A6PVOzFHuIvd7awz/1mCxDgXbj7vJbeGNSN0w9mfU6xiXqv1W6pqSOeI
0v7alTd/y7tgXe7HE6wjp9/PC7gG1aUgt2y4Z0AmVrvGBafeAG4TqOkQdDLT9aNx
dJR6dd+yhK0/4/QB6lwGIN/D8X5zhV24wFY1Kv+zF+jPq0MaUjup4pfHramwp2G/
Lg07bEFADDgMoPDXUKua
=Mz+H
-----END PGP SIGNATURE-----

More information about the tor-relays mailing list