eliminating bogus port 43 exits

Andrew Lewman andrew at torproject.org
Fri Jun 12 22:28:15 UTC 2009

grarpamp wrote:
 > 3 - Further, there needs to be an understanding of what the traffic
> ACTUALLY IS. Operators should be using tools such as wireshark,
> tcpdump, bro, etc to determine the content. And if it turns out to
> be encrypted to destinations and services unknown, NO such determination
> can be made. The only thing left to go on is impact as in #2 above.

I wasn't going to comment on this thread in general because I have
nothing new to add to the conversation.

However, I feel compelled to mention this #3 is possibly very bad advice
for those in the USA.  Our Legal FAQ clearly states this is probably
illegal; https://www.torproject.org/eff/tor-legal-faq.html.en#ExitSnooping.

Until such a case determines it legal or not, some very savvy lawyers
recommend against doing exactly what you suggest.  If your lawyer
suggests otherwise, we're happy to talk to them.

"Should I snoop on the plaintext that exits through my Tor relay?

No. You may be technically capable of modifying the Tor source code or
installing additional software to monitor or log plaintext that exits
your node. However, Tor relay operators in the U.S. can create legal and
possibly even criminal liability for themselves under state or federal
wiretap laws if they affirmatively monitor, log, or disclose Tor users'
communications, while non-U.S. operators may be subject to similar laws.
Do not examine the contents of anyone's communications without first
talking to a lawyer."

Andrew Lewman
The Tor Project
pgp 0x31B0974B

Website: https://torproject.org/
Blog: https://blog.torproject.org/
Identica/Twitter: torproject

More information about the tor-talk mailing list