[tor-relays] Reminder: don't run transparent proxies at exits
Drake Wilson
drake at dasyatidae.net
Sat Jan 10 05:40:40 UTC 2015
Drake Wilson wrote:
> But the TCP specification doesn't. Nor is the Tor client signaling
> to you that they want an HTTP connection and not a raw TCP connection.
> Whether they happen to be passing octets over it that correspond to an
> HTTP stream is irrelevant.
Or alternatively, let me put the distinction this way:
"Opera-tor."
"Could you please find me the number for Pythagoras' Pizza Palace?"
"Sure, let me get out the copy of the phone book at my desk. It's
555-6283."
"Thanks."
...
"Opera-tor."
"Could you please connect me to 555-6283?"
"Sure." *beep beep*
"Pythagoras' Pizza Palace? I'd like six Scalene Specials delivered for
J. Random User-Agent."
"No problem, we'll get that to you in 30 minutes."
...
"Opera-tor."
"Could you please connect me to 555-6283?"
"Sure." *beep beep*
"Pythagoras' Pizza Palace? My client just called me from jail! You _do_
remember what 'six Scalene Specials' was supposed to be code for, right?"
"Oh, this is actually the operator. I had the right kind of spare,
fresh pizza lying around already, so I figured..."
"What?!"
"Don't worry! I didn't do anything funny to it! It's all good!"
"!!!"
---> Drake Wilson
More information about the tor-relays
mailing list