[tor-relays] Reminder: don't run transparent proxies at exits

Drake Wilson drake at dasyatidae.net
Sat Jan 10 03:26:47 UTC 2015

eric gisse wrote:
> Plus the logic starts to get warped when you wonder "So do you BadExit
> every node that runs on an ISP that caches traffic?"
> What about ISP's (and openDNS) that NXDOMAIN trap to insert advertising?

These, I think, are more general points that have not adequately been
resolved anywhere, though I think the vague consensus has been that the
latter merits a BadExit at the moment.  Indeed the basic idea of "exits
should behave transparently and not manipulate traffic" relies on "there
exists a relevant public Internet which is more or less consistent in its
behavior as far as not manipulating traffic".  To the extent that that
becomes less true, the notion of behaving exits becomes more detached from
the practical situation.

   ---> Drake Wilson

More information about the tor-relays mailing list