[tor-relays] RFC: does a private exit would work?
gus
gus at torproject.org
Sat Mar 4 16:29:13 UTC 2023
On Sat, Mar 04, 2023 at 10:28:44AM +0100, Toralf Förster wrote:
> tl;dr;
> restricted access + usage of an exit
>
>
> longer:
> An exit is sooner or later abused. A reduced exit policy does not prevent
> that.
>
> What about setup a tor exit relay with 'PublishServerDescriptor = 0' ?
>
> Having an access line like for bridges would restrict the access. An
> alternative could be a port knockig + iptables solution.
>
> Objections and comments are welcome.
>
> --
> Toralf
What's the goal? To have a private exit that only you can use?
There is this very interesting paper and project called HebTor:
https://dl.acm.org/doi/10.1145/3372297.3417245
This paper introduces HebTor, a new and robust architecture for exit
bridges---short-lived proxies that serve as alternative egress points
for Tor. A key insight of HebTor is that exit bridges can operate as Tor
onion services, allowing any device that can create outbound TCP
connections to serve as an exit bridge, regardless of the presence of
NATs and/or firewalls. HebTor employs a micropayment system that
compensates exit bridge operators for their services, and a
privacy-preserving reputation scheme that prevents freeloading. We show
that HebTor effectively thwarts server-side blocking of Tor, and we
describe the security, privacy, and legal implications of our design.
If you're interested on playing with it -- for educational purposes only
--, I can share some instructions in private.
Gus
--
The Tor Project
Community Team Lead
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20230304/c6362eb7/attachment.sig>
More information about the tor-relays
mailing list