[tor-talk] New to list and questions about exit nodes

DeveloperChris developerchris at rebel.com.au
Fri Oct 25 23:55:45 UTC 2013 

Hi Roger

Thanks. I need to confirm the story as I got it through a third party. What 
you are suggesting is a rooky mistake. If he says he was compromised I can 
tell you for sure he was compromised.

I will see him in a few days so I'll ask him directly.

I appreciate the links. I am trying to come up to speed in double quick 
time. I have some pretty big plans where I hope to convince lots of people 
too join Tor. but I cannot in all good conscience, if it opens them up to 
any form of abuse or excessive risk. I must also be able to explain what 
those risks are. The people I am appealing too are good hearted not network 
savvy.

My initial reaction was to dump my plans but decided hearsay was not a 
strong enough reason, I needed to know more. Perhaps I should not have put 
as much faith into the words of the third party.

Oh and I just noticed. I meant acquaintance not acquittance damn spell 
checkers.

DC


On 26/10/2013 5:34 AM, Roger Dingledine wrote:
> On Fri, Oct 25, 2013 at 06:01:51PM +1030, DeveloperChris wrote:
>> An acquittance of mine created a tor exit node, I know little detail
>> more than that other than he was banned by services such as skype
>> and ebay. and apparently the machine he used was hacked. Now I know
>> he is very security conscious and not a newb. If he was hacked it
>> was by professionals. He is a network engineer.
>>
>> Apparently he pulled the exit node and wiped the machine.
> Just so somebody's said it: there's a good chance that the machine
> wasn't compromised. There are some jerks out there who use Tor to send
> application-level traffic to webservers that tries to break into the
> webserver. Somebody watching the webserver (or watching its network)
> will notice the attack -- but since most attacks these days come through
> compromised computers that are used as 'stepping stones', the mail that
> the website operator sends won't say "stop attacking me!", but rather
> it will say "your computer appears to be compromised." They don't have
> any idea that it's running a Tor exit relay (and in many cases they have
> no idea that something like Tor exists).
>
> Then it's easy for the Tor relay operator to say "oh crap somebody on
> the Internet told me my computer is compromised." (And to be fair, it's
> hard for them to convince themselves that it's not true, so his response
> in this case of "let's wipe it to be sure" was not unreasonable.)
>
> See also
> https://www.torproject.org/docs/faq-abuse#TypicalAbuses
> and
> https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines
>
> Thanks!
> --Roger
>

More information about the tor-talk mailing list