Jay Lee Jaroslav jaroslav at
Thu Jan 13 03:09:14 UTC 2011

On Jan 12, 2011, at 9:01 PM, Roger Dingledine wrote:

> On Thu, Jan 13, 2011 at 01:17:33AM +0100, Mitar wrote:
>> On Wed, Jan 12, 2011 at 6:26 AM, Mike Perry <mikeperry at> wrote:
>>> and to suggest
>>> solutions for their security problems that involve improving their
>>> computer security for the Internet at large (open wifi, open proxies,
>>> botnets),
>> I am not sure what you mean by that? That there should not be open
>> WiFi because it improves security? Or that because there are open
>> WiFis, open proxies, botnets you have to secure your systems anyway?
> I assume he meant the latter -- there are many ways that people can
> reach your website and have their IP address not really linked to the
> human making the connection.
> This is related to the "if you remove Tor from the world, you're not
> really reducing the ability of bad guys to be anonymous on the Internet"
> idea. See also my first entry at
>> But how do you secure them against abusive behavior (blackmailing,
>> posting abusive content...)?
> By making your decisions based on the application-level content rather
> than the routing of the packets. If you have a forum, and it has jerks,
> then you need to learn about accounts and authentication. If it stays
> bad, you need to learn about reputation, or moderation, or various other
> techniques people have developed over the years to deal with abuse.
>> There is probably a reasonable argument that identification would help
>> with security here. No?
> It depends where your jerks are coming from. If your jerks are all obeying
> every law and showing up from their static non-natted IP address, then
> yes, routing address is definitely related to identity. But if your
> jerks have ever noticed this doesn't work so well for them, they may
> start using other approaches and suddenly you're back needing to learn
> about application-level mechanisms (or you're back being angry at the
> Internet for not giving you identification by IP address; if blocking
> by IP address is the only abuse prevention mechanism you've got, you're
> going to spend a lot of your life angry).
> For more on this topic, I'd point you to a short article a few years
> ago by Goodell and Syverson called "The Right Place at the Right Time:
> Examining the Use of Network Location in Authentication and Abuse
> Prevention" -- but in going to hunt for it I can't find it available
> online anymore. Proprietary publishers suck I guess. :(
> --Roger
> ***********************************************************************
> To unsubscribe, send an e-mail to majordomo at with
> unsubscribe or-talk    in the body.

Thank you Roger!

Jay Le Jaroslav <jaroslav at>

To unsubscribe, send an e-mail to majordomo at with
unsubscribe or-talk    in the body.

More information about the tor-talk mailing list