Tor bandwidth requirements (was: Some legal trouble with TOR in France)
On Mon, May 15, 2006 at 02:11:15PM +1000, glymr wrote: If you really care about your legal safety and the anonymity of the network, you should be contributing, even if only enough to permit half of a 56k dialup connection (ie 1-2kb/s) to relay traffic. The Tor documentation states that 20k/sec each way is the minimum requirement for a Tor server. If that documentation is wrong, and lower bandwidth would still be useful, I'd be happy to run a server. I could definitely offer 10k, perhaps 15k. I think it'd be useful if Tor would be happy with 5k, since that will make running Tor servers on the increasingly popular (in the UK) 128kbit upstreams feasible. Dave -- Dave Page [EMAIL PROTECTED] Jabber: [EMAIL PROTECTED]
cryptfs_luks
Hi, ever heard of cryptfs_luks? No. Google also finds nothing. bye, Matej
Re: Some legal trouble with TOR in France +
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 2. Well most people using Tor, aint running a server at ALL. They are just the users, running Tor in Client only mode. And the middlemen are gonna be needed, if you want to have more hops! maybe i am misinformed, but i was under the impression that middleman mode only stops the circuit from ending at the node, all other 'exit' nodes also carry middleman traffic Not everyone can run an EXIT server, but there are lots who can run a middleman server, not everyone can find, nor afford an ISP willing to allow them to run an EXIt server. But most ISP's dont grieve about what the eye dont see so running a middleman is no problem. yes but you completely missed my point, more exit nodes means less chance that any one node is picked on by the law. My advice would be take advantage of their bandwidth, its free. what am i paying my isp for if it's not bandwidth? i don't see your point And get EXIT servers to only run limited middleman capability and stop trying to make them Do-It-All. If EXIT servers gave, at maximum, 20% of currently spare bandwidth to middleman traffic, and get in as many middlemen as possible, then that might speed the whole Tor system up. segregating exit and middlemen nodes more distinctly - how is this going to help... do you want to stand at the top of the tower with only 100 other people or would you prefer there was 300 with you? I think you could look to a simple natural phenomenon to give an example of why we, the small people, need to see this as a 'all for one, one for all' - herds of grazing animals. Sure, there may be some at the edges who will get eaten by the lions more, but the size of the group... what happens if a lion foolishly gets himself into a pocket at the edge and then finds himself surrounded by a sea of horns? 3. The only Free-Riders would appear to be ordinary Tor users who dont run in server mode, but thats why we have Tor! Yes, Tor is a FREE SERVICE! it is not a 'free service' at all, it is a group of people all agreeing to do something for each other. your idea about segregating makes it more dangerous for the end points than my idea of making all nodes endpoints. the worse the ratio between exit nodes and client only users gets, the more chance there is of exit nodes coming under fire. What about a system of service classes - different classes of service for different classes of Tor user/service provider! More on that later... 4. No... they'll just run Tor in client mode only! what if the software does not permit this? i think perhaps you are not aware of how common it is for people to just install things and not think about going into the source and modifying it. the sort of people who would do this are the sort of people we DON'T want using tor, and this should be something that should be incorporated into the default configuration. Making it so all nodes are carrying traffic via the verification mechanisms i described would help eliminate both free riders and those wishing to exploit. Just like my metaphor of the herd making pockets and luring the lions in, they can't win if they are surrounded on all sides by the less powerful but organised and hostile adversary. Lets face it, if you think tor is a good idea you are hostile to something. And you are not powerful. It is only through solidarity that tor even has a hope of surviving, let alone providing a decent service to its members. Child porn is a different matter, it threatens the Tor network! It is best handled easier by a url/site/ip block list on the EXIT nodes. to protect itself Torland should put a site uo tp create this block list and Tor EXIt servers use it if they wish. Eg 16+,18+,21+ lists, then EXIT servers put on the lists approprate tio theuir region. Also the client side of Tor could be have a user configuration to NOT obtain pages/images/etc from URL/IP on these list according ot the confugration they set. This protects them from that. Police could even add to this list and child protection/free speech groups could double check to stop speech censorship. well, the problem here is that what you are suggesting is essentially saying that you should permit some level of censorship. you are talking about a slippery slope here. There is nothing stopping any tor user from running software such as peerguardian with a custom blocklist. This should not be encouraged, however it should not be prohibited. what you are talking about doing is adding a blacklisting system to tor. Do you want to put the freedom to choose at risk? Who can you trust to implement such a blacklist? Surely it would make more sense, to, for example in the case of our french friend who has been frisked by the police, for THEM to implement a blacklist, in co-operation with those police, not only to show that we are on their side, but to make it clear that the server operator is not interested in being complicit. This would be a good thing to encourage
Re: Some legal trouble with TOR in France +
[EMAIL PROTECTED] wrote: Child porn is a different matter, it threatens the Tor network! It is best handled easier by a url/site/ip block list on the EXIT nodes. to protect itself Torland should put a site uo tp create this block list and Tor EXIt servers use it if they wish. Eg 16+,18+,21+ lists, then EXIT servers put on the lists approprate tio theuir region. Also the client side of Tor could be have a user configuration to NOT obtain pages/images/etc from URL/IP on these list according ot the confugration they set. This protects them from that. Police could even add to this list and child protection/free speech groups could double check to stop speech censorship. Porn. Sex. Illegal porn. Blahblahblah. Total crap. http://62.142.11.7/pziteorg/VA-The.Best.Of.Jihad.Snuff.Videos.Wmv.Real-20050207-PZ/ 27x the.best.of.jihad.snuff beheadingshooting format: wmv/real 5125028 505.wmv -- iraqi police officers in iraq (shooting) 3294790 american2.wmv -- jack hensley in iraq 1085798 amil.WMV -- unknown in iraq 6545968 amraky.WMV -- eugene armstrong in iraq 8231054 ciaamil.wmv -- unknown in iraq 2200551 cj_9833.RAM -- daniel pearl in pakistan 369937 fas.wmv -- russian in chechnya 4187566 Intikhabat.wmv -- unknown in iraq 5566007 iraq2vediom.wmv -- nick berg in iraq 1998520 iraqiarmymanf.wmv -- iraqi officer hussein shanun in iraq 1084964 italywaturky.wmv -- unknown in iraq (shooting) 5357890 KenBigley.rm -- kenneth bigley in iraq 1421286 koria1.wmv -- south korean kim sun-il in iraq 1028476 lazof.wmv -- unknown in iraq 4730704 masseer.WMV -- unknown in iraq 7210324 mokh.wmv -- unknown in iraq 4171087 murtad.wmv -- unknown in iraq 2416030 Musil.wmv -- unknown in iraq 310 nepal.wmv -- nepalese in iraq 6180949 nz.rm -- paul johnson in saudi arabia 5617330 pog0078.WMV -- shosei koda in iraq 1644245 sh_1.WMV -- unknown in iraq 725224 russian.wmv -- russian in chechnya 4324945 russian3.asx -- russian in chechnya 2995840 turken.wmv -- murat yuce in iraq (shooting) 3212062 turky2.wmv -- turkish driver durmus kumdereli in iraq 5687788 yahudi.rm -- unknown in iraq --- Real murder/torture beheading videos from Iraq Chechnya presented by Al-Zarqawi Merry Men. And I don't even need Tor/Hidden Services to distribute them. An regular webspace account on my own name, own country, own ISP, normal unencrypted FTP and a very public site.
Re: Some legal trouble with TOR in France
On Sat, May 13, 2006 at 05:03:53PM +0200, Joe Knall wrote: I clearly do not dare to run a tor server in Germany for reasons like these :( The thought police has been notified. Expect them shortly. So my question is: does anyone know about or have experience with the implications when founding an organisation (Verein in german, incorporated society) of two or more people to run tor? Why do you think you will get a visit from the police if you're running a server in a colo? The ISP will bend over backwards to give them a root console. Now what would be interesting is whether they will tap the line for traffic analysis, or install a rootkit (latter's too risky, probably). The server/exit node would be run by the organisation, not a human You could try forming a Ltd. It's reasonably cheap and quick in Germany. being. Could this approach keep the members' private lives private? -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: Some legal trouble with TOR in France
On Sat, May 13, 2006 at 09:09:06AM -0700, Ringo Kamens wrote: If it's the JAP I'm thinking of, you shouldn't trust it. The german government ordered JAP top put in a backdoor to the program to catch one solitary JAP user even though it was against german law. The backdoor was released as an urgent security update and the guy was nabbed. Yes, you probably shouldn't use JAP if you plan to assassinate the president. As for the tor server, I suggest that you completely wipe those drives securely, reformat, and reinstall everything. The best thing to do would be to sell those drives and buy new ones because it could be that they put taps in them. Also, they could have installed a keylogger. If I were you, I wouldn't use any of that equipment again. At the very minimum, you need to reinstall windows/linux/etc. and tor with a reformat because they probably put in a trojaned version of tor. Whoa, way too much paranoia in your morning coffee. You gotta to titrate that to keep operational. -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: Sum legl trubs wid TOR en France + more
So the summary on drives is: * There's no point in being overly paranoid about wiping these because $they already got them and can be presumed to have a copy if they want it, the only point in wiping is the removal of potential malware, any reforam will do that. * Given sufficient time and money only physical destruction is sufficient protection (googling : destruction of classified disks SOP : gives the US Military position on this, presumably they know what they can recover...) ON the topic of what *could* happen: * The worst case is you could be the subject of an extrodinary rendition and spend the last painful month of your life in a dark hole. * The most likely case is you'll be questioned, searched, and possibly breifly detained while the cops fugure out you really can't help them even if you want to. My personal anectdote about police and TOR. I was running a very popular exit node (was usually top three at the time), I was contected by a Sheriff from North Carolina (for those out side the US, this is not known as a particularly lenient, or computer savvy jurisdiction). It seems someone was commitiing a bit of credit card fraud through my exit node. I explained how tor worked (mixing a bunch of stuff togather repeatedly with no logs), and gave URLs to documentation. Basicly the standard form letter on the phone. I never heard about it again. Law enforcement is used to leads that go no where, most do. I may have getten the benefit of some doubt due to my position (sys admin at major comp sci lab, and the node was on that network not a private connection), but I doubt it. -Jon
Re: Some simple changes to the tor architecture I believe may greatly improve it
On Tue, 16 May 2006, glymr wrote: I've been following a number of recent threads with great interest and in the process came up with a number of ideas for changes to the architecture of tor which should be simple to implement and greatly improve both performance and anonymity. As a quick summary - have you read the mailing list archives? Most of the things that you're proposing here have been discussed and beaten into atomic particles long since. I'm skipping over suggestions 1-3 - they're in the faq, discussed to bits on the list, and probably in the wiki as well. I can only hope that I'm reading suggestion 4 wrongly. It -sounds- like you're saying: Log all of the traffic going out of tor exit nodes, and give it to your (local) authorities Barring the fact that the NSA[0] are doing a fine job of this sort of thing already, what on -earth- are you thinking this can do, outside of leaving you personally liable for all of the traffic exiting your node, -and- charges of information and identity theft, not to mention ensuring that a metric ton of tor users are profoundly unhappy with you. Oh. I just realized. Maybe you're trying to get people to stop using tor... For Suggestion 5, I suggest that you read more about game theory. Suggestion 6 makes it much easier to do timing and correlation attacks, and seems rather dubious as such. server will maintain this information on the directory. (by the way, this suggests that it may be a good idea for accesses to the directories, by nodes, be done through a tor circuit, which may already be happening but I don't know). You might want to read the spec -before- commenting, then. Actually, that holds for your suggestion 7 as well. ... and suggestion 8 - along with some of the research in the field. Perhaps what you want isn't quite what tor was designed to solve. cheers! [0] and the Stasi before them... == A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now.
RE: Some legal trouble with TOR in France
They send you to prison if you don't give up the information. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matej Kovacic Sent: 15 May 2006 07:57 To: or-talk@freehaven.net Subject: Re: Some legal trouble with TOR in France Hi, Under the British Regulation of Investigatory Powers Act, they would simply confiscate the entire machine, demand any authentication tokens required to access it, and lock you up if you refused to surrender them. I believe similar laws exist in most EU jurisdictions now. What about the priviledge of non self-accusation? It is expensive, but you can just piss 'em off and buy new hardware... bye, Matej
Re: Some legal trouble with TOR in France
On 5/15/06, Mike Perry [EMAIL PROTECTED] wrote: Thus spake Ringo Kamens ([EMAIL PROTECTED]): Also, they can put you on grand jury and give you obstruction of justice for refusing to talk. According to wikipedia (http://en.wikipedia.org/wiki/Grand_jury): In all U.S. jurisdictions retaining the grand jury, the defendant has the right under the Fifth Amendment not to give self-incriminating testimony. [] OK, that covers the defendant, but what if the person in question is not a defendant? Unfortunately, the First Amendment does not seem to apply to questioning by a court (or Congress, for that matter). The Fifth Amendment protects you from being a witness against yourself, but it doesn't protect you from being a witness against someone else. Anthony
RE: Some legal trouble with TOR in France
Yes apparently it's not in force yet. I'm sure its coming though. Although as currently written there seem to be a few loop holes - e.g. you can give up 'any' key and you can choose which key just so long it meets stated the requirements of the request. There isn't a requirement to give up 'all keys'. You can also destroy the key before receiving the request if you think a request is coming. Giving up dummy keys that unlock dummy volumes would make it very hard to prove you didn't meet the request unless the specific information that they were looking for was already named on the request. Or as I read it, you can destroy a key even after the request is received if you can prove you no longer have it in your 'possession' -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Perry Sent: 15 May 2006 00:16 To: or-talk@freehaven.net Subject: Re: Some legal trouble with TOR in France Thus spake Eric H. Jung ([EMAIL PROTECTED]): Tony's point was that you could arrange not to have the authentication tokens anymore. You better hope they believe you when you say you don't have it, though. Not having the authentication tokens counts as refusing to surrender them. Per US law, if a judge subpoenas you to hand them over and you refuse and/or remain silent, it means indefinite jail time (until you hand over the tokens) and/or fines. Where is your source on this? As I understand it, there are a few fundamental principles of the US legal system that should render this statement completely false. One is Habeas Corpus.. You can't just throw someone in jail indefinitely without a criminal charge and a trial. http://en.wikipedia.org/wiki/Writ_of_habeas_corpus Though it seems BushCo are violating it with enemy combatant charges, I do not think they have the political power (at least anymore) to name an anonymity provider as an enemy combatant (especially if they are a natural born US citizen). The same applies to the 72 hour warrant deal, at least as far as I can tell from http://www.fff.org/comment/com0601c.asp Second, if it is a criminal charge, you are not under any obligation to testify against yourself in a criminal court of law (5th ammendment). There are various exceptions to this, main one being if you are not the person charged of the crime (though I think you can still claim that such testimony may incriminate you for unrelated matters). I suppose it could also be argued that the passphrase does not count as testimony, but it sure seems like it is. Finally, some googling on subpoena compliance seems to indicate that punishment for subpoena non-compliance is 'contempt of court' charge and fines. http://www.rcfp.org/cgi-local/privilege/item.cgi?i=questions That page advises you not to answer any subpoenas without challenging them first, among other things (ie one state's court cannot usually subpoena someone from another state). Contempt of court charges for non-compliance may be repeated, but any contempt law I can find on the web has some form of maximum limit. The longest I've seen so far is North Carolina, which is a max of 1yr in 90 day increments: http://www.rosen.com/ppf/cat/statco/laws.asp Also, dunno how accurate it is, but Wikipedia seems to claim that the key disclosure provisions of the RIPA (Part III) are not yet in force in the UK: http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000 We seriously have to watch our paranoia on this one. This is one of those situations that if we believe we have no rights, it will be very easy to knock us over, simply by playing off our fears and demanding keys without any legitimate basis to do so. If any Tor operator is arrested/detained in the US, they would do well to refuse to surrender any passphrase until they are actually in court and ordered to do so by a Judge (and then only after voicing protest, to allow for clear appeal to a higher court). Cops will probably just lie to you and try to convince you that you are required on the spot. Ask for a lawyer immediately. This is not just to protect the Tor network either. With computer laws as crazy as they are, and with the IPPA coming down the road, soon simply having something like an Open Source DVD player or archiver on your machine will be enough to land you in jail for a while, if it's not already... -- Mike Perry Mad Computer Scientist fscked.org evil labs
Re: unsubscribe
Gregor, don't send mails to the mailing list if you want to unsubscribe. Instead you need to send them to the mailing list management software (majordomo or whatever). Gregor Magdolen schrieb: unsubscribe !DSPAM:446906c0120211594113294! -- Mit freundlichen Gruessen / With kind regards DAn.I.El S. Haischt Spammers, please please send any mail to: Daniel S. Haischt [EMAIL PROTECTED] Want a complete signature??? Type at a shell prompt: $ finger -l [EMAIL PROTECTED]
Re: Some legal trouble with TOR in France +
On Mon, May 15, 2006 at 03:36:59PM -0700, Ben Wilhelm wrote: [...] The line is drawn. The line is that Tor does not censor. That's the only line that makes sense, because everything else requires subjective judgement that many would not be able to agree on. I typically argue this from the can't point of view, not the won't. If it were possible detect block evil activities through programmatic means, I *would* be in favor of blocking them. Unfortunately, evil-detection isn't automatable (RFC3514 notwithstanding), and most schemes for blocking are both over-broad _and_ easy to circumvent. Non-automated schemes, as you say, fall for different reasons: you can't make one without putting human judgment in the loop, and once you've done that, you've appointed somebody as a censor, and you've created a mechanism for someone else to take the reigns of censorship in the future. Also, there's the jurisdictional arbitrage problem: which local standards does your hypothetical censor try to comply with? China's? France's? If you don't want your internet connection to be used anonymously, for *anything*, then don't run a Tor exit node. Rather, if you're not willing to accept that people may use your Internet connection to do stuff you don't like, don't run an exit node. You don't have to like everything that people do. I don't *want* people to use my software for any number of things, but I believe that the benefits it provides do outweigh the problems. It's impossible to block subjects on a case-by-case basis anyway - the exact thing Tor was built to prove! - and I'd rather not waste our coders' time on that. Hm? I don't think Tor was built to prove anything; I think it was built to further usable online privacy for everyone. :) As for wasting the coders' time, don't worry. We have a long history of ignoring bad ideas. wink yrs, -- Nick Mathewson pgpiJcfBc4WJi.pgp Description: PGP signature
RE: Some legal trouble with TOR in France +
Please define 'evil activities' -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nick Mathewson Sent: 15 May 2006 23:59 To: or-talk@freehaven.net Subject: Re: Some legal trouble with TOR in France + On Mon, May 15, 2006 at 03:36:59PM -0700, Ben Wilhelm wrote: [...] The line is drawn. The line is that Tor does not censor. That's the only line that makes sense, because everything else requires subjective judgement that many would not be able to agree on. I typically argue this from the can't point of view, not the won't. If it were possible detect block evil activities through programmatic means, I *would* be in favor of blocking them. Unfortunately, evil-detection isn't automatable (RFC3514 notwithstanding), and most schemes for blocking are both over-broad _and_ easy to circumvent. Non-automated schemes, as you say, fall for different reasons: you can't make one without putting human judgment in the loop, and once you've done that, you've appointed somebody as a censor, and you've created a mechanism for someone else to take the reigns of censorship in the future. Also, there's the jurisdictional arbitrage problem: which local standards does your hypothetical censor try to comply with? China's? France's? If you don't want your internet connection to be used anonymously, for *anything*, then don't run a Tor exit node. Rather, if you're not willing to accept that people may use your Internet connection to do stuff you don't like, don't run an exit node. You don't have to like everything that people do. I don't *want* people to use my software for any number of things, but I believe that the benefits it provides do outweigh the problems. It's impossible to block subjects on a case-by-case basis anyway - the exact thing Tor was built to prove! - and I'd rather not waste our coders' time on that. Hm? I don't think Tor was built to prove anything; I think it was built to further usable online privacy for everyone. :) As for wasting the coders' time, don't worry. We have a long history of ignoring bad ideas. wink yrs, -- Nick Mathewson
Re: Some legal trouble with TOR in France +
In addition, censoring child porn, death threats, etc. is impossible and you're dedicating yourself to a job that you will have to do 24/7 and never finish. You block a site, they make a new one. You block a file hash, they modify a file. You block a keyword, they use encryption. You block message topics, they use stenography. The line has been drawn and needs to continue to be drawn at: No Censorship You can't say that stopping child porn isn't censorship. You might want to censor child porn because it's bad for society. Under the same logic, you can censor profanities. Then it goes further, people want to censor radical views as is happening with terrorism because it's bad for society, then it goes to censoring conversation topics, political views, and BAM you live in a police state. Ringo On 5/15/06, Ben Wilhelm [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: Ok so they will come back with more than just child porn... thats when we have to draw the line! Yeah, so we disabled child porn like you asked, but we're not willingto do anything about piracy, death threats to government officials,cybercrime, or that mob ring running all their communications through our system. Yeah yeah, I know, the mob ring is responsible for the deathof a dozen officers. Can't do anything. Well, I mean, we could,obviously. But we don't want to. Sorry! Let me know if you find any more child porn sites though!That will go over *real* well.The line is drawn. The line is that Tor does not censor. That's the onlyline that makes sense, because everything else requires subjective judgement that many would not be able to agree on.If you don't want your internet connection to be used anonymously, for*anything*, then don't run a Tor exit node. It's impossible to blocksubjects on a case-by-case basis anyway - the exact thing Tor was built to prove! - and I'd rather not waste our coders' time on that.-Ben
Re: Some legal trouble with TOR in France +
[reformatted, snipped, and top-posting fixed.] On 15 May 2006 23:59, Nick Mathewson wrote: I typically argue this from the can't point of view, not the won't. If it were possible detect block evil activities through programmatic means, I *would* be in favor of blocking them. Unfortunately, evil-detection isn't automatable (RFC3514 notwithstanding), and most schemes for blocking are both over-broad _and_ easy to circumvent. On Mon, May 15, 2006 at 11:59:37PM +0100, Tony wrote: Please define 'evil activities' Murder, child abuse, top-posting, and posting one-line replies to long messages without snipping irrelevant portions. ;) No, seriously, I can't do any better than your dictionary or your favorite ethicist. That's the point I was trying to make. Right and wrong are not things that a single person or groups can decide for the rest of the world, and they're certainly not something that software can detect. That doesn't mean that there's no such thing as right and wrong; it means that you shouldn't enforce moral judgments at the network layer. Sorry if I wasn't clear, or if it seemed like I was advocating censorship. And we have now drifted completely away from Tor. For penance, I resolve that my next posts will be technical or project-related. If I ignore future political stuff, that's why. :) yrs, -- Nick Mathewson pgp7vhPMdW2mK.pgp Description: PGP signature
Re: Some legal trouble with TOR in France +
$0.02 On May 15, 2006, at 11:27 PM, [EMAIL PROTECTED] wrote: We are paying with fear (if you run a Tor EXIT) of arrest and prosecution, for many more mere accusation, just for even running a Tor server or a Tor client is enough to keep many away from the Tor network. Just take a look at the mail for our French EXIT server raided last week. I think if there was some sort of Exit node filter list in use, with whoever (or whatever) providing the block lists, then the owner would be in a much worse position because there could be a claim that he didn't do all that was possible to disallow the use of his exit node for nefarious purposes. Once you say that you are going to provide that level of protection (i don't agree that it is protection, or even a morally good thing to try and do), then you become liable for the failure of that protection. I believe we should take a lead, and offer the EXIT servers protection from some mis-use of this variety and the users protection from possible walking into or being tricked into UNKNOWINGLY downloading a web page wtih this subject matter on it. Thanks for watching out for my well being, but really, YOU SHOULDN'T. (REALLY!) This is WHY I suggested the use of EXIT node filter lists, whatever the EXIt node wants, and with clients getting the option to specify the EXIt node also protects them by using specified list(s) at minimum to protect them. I don't like the idea of filter lists. I don't even like the fact that ip ranges and addresses can be entered in the ExitPolicy - I would rather just see the private nets blocked automatically. (I do understand why they are there, and understand their necessity in private tor nets, though). I don't like the RedirectExit parameter either (but I understand the reason, just the same). When you start using exit filters for whatever reason, however good you think the reason is, it allows someone else to use it for a reason that you won't consider good. I do understand the difficulties we will be getting ourselves into. But it is cheaper for us ALL if the police get to give us a set of block lists for child porn than them chasing us all, all over the network. Ok so they will come back with more than just child porn... thats when we have to draw the line! Our EXIt servers just refuse to allow them to be used. Appeasement has been tried before, and usually doesn't get the desired result, just ask Neville Chamberlain... Wouldnt it have been better in the first place to have censored out the child porn, then hold the fort? Then the incentive (as publically expressed by politicians) to attempt to intercept eveything would be VERY much reduced. No, and no it would not. / $0.02 User 165 [EMAIL PROTECTED] PGP.sig Description: This is a digitally signed message part
Re: Some legal trouble with TOR in France +
On 5/15/06, Ben Wilhelm [EMAIL PROTECTED] wrote: The line is drawn. The line is that Tor does not censor. That's the only line that makes sense, because everything else requires subjective judgement that many would not be able to agree on. There's always the possibility of letting each exit node decide for itself what subjective judgement to make. And in fact that's what is being done. Some exit nodes allow port 25, some don't. Some allow 6667, others don't. Some exit nodes only allow port 80. You can likewise filter by IP address. The only real problem is that it's not feasible to effectively filter out the type of traffic you don't want (especially in a way which can be described in an exit policy). Remember that by default Tor *does* censor. Port 25 is blocked by default. Why is this? Anthony
Re: Some legal trouble with TOR in France
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Anthony DiPierro wrote: On 5/15/06, Mike Perry [EMAIL PROTECTED] wrote: Thus spake Ringo Kamens ([EMAIL PROTECTED]): Also, they can put you on grand jury and give you obstruction of justice for refusing to talk. According to wikipedia (http://en.wikipedia.org/wiki/Grand_jury): In all U.S. jurisdictions retaining the grand jury, the defendant has the right under the Fifth Amendment not to give self-incriminating testimony. [] OK, that covers the defendant, but what if the person in question is not a defendant? Unfortunately, the First Amendment does not seem to apply to questioning by a court (or Congress, for that matter). The Fifth Amendment protects you from being a witness against yourself, but it doesn't protect you from being a witness against someone else. Anthony Doesn't their questioning of you make you a witness to your own 'complicity'? Accomplices are treated much the same as the primary defendant I'm pretty sure. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (MingW32) iD8DBQFEaR7bGkOzwaes7JsRA+GGAKCOvOvDHfAXZ3JYNNOSjr9gZwfaCgCgpomI AW6lDLw3RNfa4WL2ZC8vW/k= =rAhA -END PGP SIGNATURE-
Successful Tor Server Defense Letters
I'm interested in collecting letters to ISP, Law Enforcement, Complainers, Whiners, and Google Groups Admins that have successfully explained Tor to the other party. I'd like to turn these into a template, in the spirit of http://tor.eff.org/eff/tor-dmca-response.html.en. Google Groups periodically pops up as a consistent complainer that causes the ISPs great consternation. There exists a page at http://wiki.noreply.org/noreply/TheOnionRouter/TorAbuseTemplates which can serve as the collection point thus far. Please sanitize your submissions to remove personal details about your server and your ISP. I'd post my own Abuse responses, but apparently they aren't very successful. I've been nullrouted, blacklisted, and asked to leave ISPs for my exit servers. I'm hoping others have had better experiences. Thanks! -- Andrew