[tor-talk] torslap!

David Vorick david.vorick at gmail.com
Thu May 2 14:21:31 UTC 2013


What if you had something like exit nodes that required proof-of-work or
bitcoin-to-use in order to be used, as per-choice of the person running the
node? You would have a bunch of 'unsafe' exit nodes that behave like exit
nodes today, and then a bunch of 'difficult' exit nodes that require user
effort (maybe even per-packet) to use, on a scale small enough that its
just like adding 20s to your ping, but enough that it puts off abusive
users. You could also make it so all hashes have to be computed real-time
(require a timestamp within 5 mins, for example), so that an attacker
couldn't use an ASIC for a day and store up 50GB worth of packet-abuse.

I think the goal would be to make abusing these nodes annoying enough to
use abusively that other options (unrelated to tor) are more attractive to
abuse users.

On Thursday, May 2, 2013, Moritz Bartl <moritz at torservers.net> wrote:
> On 02.05.2013 05:11, Tom Ritter wrote:
>> I used to be a big proponent of proof-of-work schemes, but I've scaled
>> back my preference significantly.  There's two problems with them: [...]
>
> My thoughts exactly. But, in this case, I have to say from experience
> that a few websites that use blacklists that block Tor preemptively,
> mostly without knowing about it. These types of blocks can be overcome
> often by just a friendly email that explains Tor.
>
> The second and most common type of blocking happens after someone has
> been "attacked" once, or twice, via Tor, or an active "attack" is
> ongoing. I use quotation marks here because most things that happen
> would not be considered real attacks. Many IDS, and nowadays even blog
> software etc, detects "unlikely behaviour" such as port scanning,
> crawling, trying some script kiddie SQL injections, looking for common
> exploitable CMS and the like. Most of these "behaviours" are *not*
> targetted at specific sites, many are just using some bad or worse
> scanning tool.
>
> This second type of blocking would be very much helped with something
> like torslap.
>
> Sites "under ongoing attack" could easily deploy them, maybe even
> together with a timeout, and thus get rid of the one attacker without
> having to block all Tor users (even temporarily, a mechanism which they
> rarely lift again because they have no incentive to do so).
>
> Sites that sometimes get hit by random scans and the like, not currently
> under active attack, could also obviously benefit from torslap. I
> haven't read the whole thread, but (Re)CAPTCHA could be considered a
> cheap and powerful "proof of work", too.
>
> I would love to see something as simple as an iptables bucket for Tor
> users where they can be first sent to a different webserver/site, and
> after they "do something there" the exit IP is temporarily removed from
> the bucket. A second interesting approach would be something more
> specific for the software used, like a Wordpress plugin that blocks
> admin logins via Tor, puts Tor users under more "supervision" (moderated
> postings/registration, only "guest Tor post" without the ability to log
> in at all, read-only access, etc) etc.
>
> --
> Moritz Bartl
> https://www.torservers.net/
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>


More information about the tor-talk mailing list