Seth David Schoen wrote:
It seems obviously crazy to me for Twitter to prevent people from
accessing it over Tor, both in light of widespread censorship of
Twitter
on different networks and in light of governments' attempts to find out
where users of services are connecting from.
Yes, agreed. I have to wonder what the origin of this sudden policy
is. And, is it a policy directed at anonymous users? Or is it just
certain IPs being marked as malicious and blacklisted?
On the other hand, if a service is viewing anomalous originating IP
address as an indicator of compromise, then using Tor destroys that
information source. For example, if Twitter whitelists Tor exit nodes
and says that connecting from them is never viewed as suspicious, then
anybody who knows this and compromises a Twitter user's account can
just use the stolen account over Tor and never get detected or blocked.
Well a clearly this isn't a definitive "this user is not up to
anything bad" setting, but rather they need a more holistic approach
here. Their policy here is very opaque. But if the goal is to avoid
automated activity (follow/unfollow/spam/messaging etc), then there are
other approaches that could work just as well.
Why not captcha these activities if the user comes from Tor or an
identified proxy? Is this a pain in the ass for users? Yes. Is it
going to prevent them from expressing themselves anonymously online?
No.
~Griffin
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change
to digest, or change password by emailing moderator at compa...@stanford.edu.
