Is "gatereloaded" a Bad Exit?
mikeperry at fscked.org
Sun Jan 30 06:45:02 UTC 2011
Thus spake Eddie Cornejo (cornejo at gmail.com):
> Forgive my ignorance but this seeks rather knee-jerk to me. Maybe I'm
> missing something.
Yeah, I believe you're missing the fact that these ports also contain
plaintext passwords than can be used to gain access to information on
these and other accounts that may or may not have ever traveled over
tor. That is the difference.
> Finally there is no way that an exit node can directly affect the mode
> choices by a client. Ie, apart from a particular node existing, there
> is no way that a node could force a user to use it.
> Therefore I submit that having these nodes, whether they are overtly
> recording traffic or not, does not result in any harm to the TOR
> network. In fact, their presence lessens the burden on the TOR network
> as they are providing much needed bandwidth.
We don't need bandwidth that bad.
> So, what's the threat? Why are you considering banning these nodes
> when, by all accounts, I cannot see them having a negative impact on
> the network as a whole (in fact, it's probably a positive influence)
I believe that allowing these nodes sends a message that we are OK
with people monitoring plaintext traffic, because it is anonymized. We
have never been OK with this.
People use plaintext at their own risk, and yes, they should know
better, but this does NOT mean that we are comfortable feeding them to
If said exits are really interested in helping, they should alter
their exit policy to allow encryption and then rekey. They will be
banned by identity key, not by IP. Rekeying without fixing the exit
policy will just result in IP bans.
Mad Computer Scientist
fscked.org evil labs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the tor-talk