[tor-relays] public open socks port
Roger Dingledine
arma at torproject.org
Wed Oct 23 20:10:34 UTC 2019
On Tue, Oct 22, 2019 at 09:33:31PM +0200, ylms wrote:
> I am wondering if there is any reason why one should not open the socks
> port of Tor to the public internet? I mean I run a Tor exit or relay, so
> why should I not open the port and give it to people that can't install
> Tor on some devices?
Matt Traudt's reply provides one good issue that should make you pause:
the socks protocol has no encryption, so even if users use https,
anybody watching the traffic gets to match up the users to their
requested destinations. So the privacy properties they get are really
unlike running Tor themselves.
Another reason I'd discourage providing an open socks port is that random
people on the internet will find it and use it as an open proxy, thinking
that you're just an incompetent administrator with a misconfigured
service, and never knowing that they're using Tor. There are organized
crime groups that gather and sell lists of open proxies, and they would
eventually find your proxy address, stick it on their list, and then
other organized crime groups will buy it and use it for whatever they do.
The Tor network is a commons, and it will remain most sustainable when
people who use it think about the impact of their traffic on the network
and the network operators.
(That last sentence is why the move by Brave and Firefox and others to
consider sending their 'private browsing' traffic through Tor is so
exciting. Google et al have taught people that "the cloud" is infinite,
and huge companies will just pay to keep it big enough, and that model
is not so easy with the decentralized community Tor network.)
--Roger
More information about the tor-relays
mailing list