[tor-talk] A new check

Lunar lunar at torproject.org
Tue Oct 29 08:38:10 UTC 2013


(Why the cross-post to tor-relays?)

grarpamp:
> Keep in mind that while it may be frustrating to some users config
> tests to find that they are temporarily using a false negative exit...
> this 'multihoming' could, and should in fact, be considered a feature
> since it keeps some exits out of the reach of anti-tor blocklists
> that simply parse all the IP's out of the descriptor set.

I have to disagree here. While administrators who block Tor
indiscriminately cause pain to every Tor users, we should solve the
problem with education, not deception.

On the technical side, TorDNSEL should properly detect the IP address
used by exit nodes, so check.tpo should not report false negatives for
multihomed exits. Otherwise, either the node did not had time to be
tested, or there's a bug in TorDNSEL.

Being able to add an extra CAPTCHA for Tor clients or other proxy
services is a legitimate wish in face of abuses. Providing ways to do so
that work reliably is more likely to help with indiscriminate bans.

-- 
Lunar                                             <lunar at torproject.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20131029/463466e1/attachment.sig>


More information about the tor-talk mailing list