Is "gatereloaded" a Bad Exit?

Andrew Lewman andrew at
Mon Jan 31 16:30:20 UTC 2011

In my opinion, judging a relay based on exit policy is a slippery slope
we don't want to go down.  We never claim to make using Tor alone safer
than using the Internet at large.  Whether the creep is at Starbucks
sniffing the wifi or running a relay is irrelevant to me.  Encouraging
people to use encrypted communications, the https everywhere firefox
extension, and learn to be more secure online are some of our goals.
The Tor Browser Bundle, while still a work in progress, is the best way
to protect novice users and get them safer than they are without Tor.

I personally run encrypted services on unencrypted ports, like 25, 80,
143, 110, etc.  It's just a port number and only convention says port
80 has to be for http only.  

If people start doing deep packet inspection to enforce 80 is really
http or running filters in some misguided attempt to block "bad
things" through Tor, then those are reasons to 'badexit' relays.  There
are some obvious ways we can detect traffic manipulation through Tor
relays.  Today, we do detect them and badexit those relays.

If we're going to start censoring Tor exits based on impressions, we
might as well start blocking Tor relays that are rumoured to be run by
national intelligence agencies, criminal organizations, martians, and
other people we might not like.  In fact, we might as well go back to
the original model of "every Tor relay operator has met and gained
Roger's trust". 

I want a diverse set of Tor relays. If people don't want to trust
relays based on whatever heuristics they want to use, great, use
ExcludeNodes in your torrc.  Don't punish everyone based on rumors and

pgp 0x74ED336B
To unsubscribe, send an e-mail to majordomo at with
unsubscribe or-talk    in the body.

More information about the tor-talk mailing list