On 9/09/22 23:51, Simon Wilson wrote:
Noting that whilst some may consider that block excessive, it does
appear that some 'authorities', including at least the Australian
government's cyber security department, Fortinet, and others, recommend
these IPs are blocked.
E.g. "The Australian Cyber Security Centre (ACSC) recommends
organisations block traffic from Tor exit nodes to their
internet-exposed services provided this will not meaningfully impact
accessibility for significant numbers of legitimate users"
https://www.cyber.gov.au/acsc/view-all-content/publications/defending-against-malicious-use-tor-network
Just a brief read of the summary of that article indicates that they are
basically saying that malicious users use tor so you should block tor to
avoid connections from malicious users. I would like to point out the
following:
* TOR connections are slow. Malicous users don't like slow connections
because it limits what they can do.
* Blocking connections from CN and RU will probably be a lot more
effective in blocking malicious traffic than blocking TOR connections,
but the same arguments could be said for that, you can get legitimate
traffic from anywhere.
* Malicious users are much more likely to come from botnets than from
TOR, and botnets can connect from anywhere and are much *less* likely to
be malicious (People who run exit nodes tend to be knowledgeable enough
to know how to keep their computers from becoming part of a botnet).
My take on the article is it's an underhanded attempt by the Australian
and other governments to get people to block TOR. The reason why
governments want to block TOR is rather obvious, TOR makes it much more
difficult for law enforcement and other government agencies to track the
source of illegal activities, propaganda, censored content, political
speech and other forms of communication that these same governments
which to prevent. Recommending that the general public block TOR exit
nodes serves their own ends, but quite likely not yours.
Okay, off-topic rant is over now.
Peter
