[tor-talk] New Tor project idea for internet comments

Lee Malek leemalek at Safe-mail.net
Wed Mar 4 20:42:38 UTC 2015


Seth:

The traffic could be distinct because the system would be a duplicate. Almost like a tor light edition. People would be far more willing to host relays when you only allow comments and not images...

If I had the money I would gladly pay for this myself. That's how important it is.

In fact I considered creating a normal browser plugin to accomplish this... but the need for a server to hold all of the comments would be a centralized attack target.

So this would decentralize things.... and come to think of it this would have to include decentralization freenet style. So it would take some work, but it would be worth it.


-------- Original Message --------
From: Seth David Schoen <schoen at eff.org>
Apparently from: tor-talk-bounces at lists.torproject.org
To: tor-talk at lists.torproject.org
Subject: Re: [tor-talk] New Tor project idea for internet comments
Date: Wed, 4 Mar 2015 12:02:07 -0800

> Lee Malek writes:
> 
> > Hi, I am new here.
> > 
> > I have an idea for a tor sub-project that would serve our purpose (fighting censorship) perfectly.
> > 
> > This would be a different version of tor - a sort of sub-tor... and a browser plugin.
> > 
> > Everyone that installs this version of tor would be forced to run a relay - but only for comments - no images, etc.
> > 
> > The browser plugin would connect to the tor app and scan the webpage the person is on. The plugin would display on a drop down comments people have made using the tor comments system. They can of couse make comments of their own.
> > 
> > I think this is a must for our purpose. So many news website block comments they dont like these days.
> 
> This is a major change from the existing approach of Tor and the Tor
> developers.
> 
> First, the Tor project has only focused on preventing censorship
> by networks and network operators, not by web sites.  The
> censorship-resistance approach of Tor has been that your ISP shouldn't
> be able to control whom you can communicate with, as opposed to that
> web sites shouldn't be able to control who can post there or what they
> can post.
> 
> Although the Tor Project has been very interested in ways to encourage
> sites not to block anonymous users, there's never been an effort to
> force the sites to accept anonymous users, or to conceal the fact that
> someone is using Tor on the exit side.  In fact, the Tor Project has
> specifically rejected the idea of doing that:
> 
> https://www.torproject.org/docs/faq.html.en#HideExits
> 
> ("If people want to block us [on the exit side], we believe that they
> should be allowed to do so.")
> 
> Second, Tor has never tried to "force" people to route other people's
> traffic or to hide the fact that this is happening.  Instead, there
> are a lot of cautions given to people who are considering operating
> exit relays.  In your proposal, all of the users would be acting as
> exits and routing (some) traffic to the public Internet.  That would
> tend to put unsuspecting users at risk because they'd start to be the
> subject of abuse complaints, including on their home Internet connections.
> (In some designs, people could also deliberately target specific people
> they don't like by posting threats through those people's connections.)
> That would also probably make running Tor a lot less appealing to some
> users because they wouldn't be given the choice about whether to provide
> exits for other people's traffic.
> 
> Third, the distinction between "comments" and other kinds of traffic is
> one that requires a huge amount of programming to enforce, and that can
> probably only be enforced if users aren't using HTTPS to connect to the
> sites.  The Tor Project and larger Tor community have been trying very
> hard to get HTTPS deployed everywhere specifically so that Tor exit
> nodes _won't_ be able to spy on or examine what Tor users are doing.  If
> progress continues to be made on that front, the Tor exits will be less
> and less in a position to make the distinction that you suggest between
> comments and other stuff.
> 
> (It might be possible to extend the Tor protocol to have "comment posting"
> be a special kind of exit, where the user explicitly entrusts the text of
> the comment to the exit node, which then makes its own HTTPS connection to
> the site and posts the comment.  But that would be a lot of engineering
> work and would entail a new arms race with the web site operators, who
> would be able to update the HTML code of their sites frequently to stop
> Tor exit nodes from being able to recognize where and how to post the
> comments.  So that's a lot of effort for a kind of blocking resistance
> that Tor developers don't necessarily support philosophically and that
> would be challenging to sustain over time.)
> 
> Fourth, there are some other technical problems with having everyone be
> a relay.
> 
> https://www.torproject.org/docs/faq.html.en#EverybodyARelay
> 
> -- 
> Seth Schoen  <schoen at eff.org>
> Senior Staff Technologist                       https://www.eff.org/
> Electronic Frontier Foundation                  https://www.eff.org/join
> 815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
> -- 
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


More information about the tor-talk mailing list