Ah, the unfathomable depths of human stupidity never cease to amaze.
fr33d0m4all, you did the right thing. In the absence of negative
reinforcement, the persons responsible will continue thinking they are
doing the right and sensible thing. Of course, the pessimistic
standpoint is that words never convinced anyone, but I for one believe
in trying.
We are still documenting sites whose wannabe admins discriminate against
Tor btw:
https://pad.systemli.org/p/noncloudflare-torblocks
http://j7652k4sod2azfu6.onion/p/noncloudflare-torblocks
I added ricarica.vodafone.it to it.
As a Tor-only user, I'm accustomed to seeing this kind of stupidity -
fed up with it - but I know for sure that it's hardly going to stop
anytime soon. Many trends point in the opposite direction - the
apperception that it's OK to discriminate against people who value their
privacy and security, the idea that it's OK to paint us as criminals,
and tools like Tor as impractical for daily use.
The kindest thing I'm prepared to say about Tor blockers is that they're
mediocre individuals who never bothered to look behind the FUD. The best
thing about Tor blockers is that they're not out there burning actual
witches, but sitting somewhere burning virtual ones and jerking off to
their own friggin' feeling of comforting normalcy in unnormal times.
It's discrimination, pure and simple.
But the inconvenience of having to find ways around a block - sometimes
after some important transaction fails - is a minor thing: not everyone
knows how to do that, or manages quickly to find a proxy that is
unblocked. Novice users could very well give up at this point. No one
should be comfortable thinking that sabotaging public perception of the
practicality of casual anonymity, in times of mass surveillance, is
acceptable.
And yet here we are - a whole industry offers the snake-oil "security"
of Tor blocking lists, or blocking and MitM as an infrastructure. And
there's plenty of wannabe webadmins out there who implement such things,
mistakenly thinking three things:
a) they need that for "security"
b) it buys them anything in terms of real security, rather than being a
quick fix to temporarily reduce the volume of "suspicious" or fraudulent
events
c) their classification of traffic into "mostly legit" from outside Tor,
and "mostly crooked" from Tor is correct.
Reality is more complex and panopticon-style surveillance of course
drives any activity that is crooked or merely "suspicious" - and there
it starts to get muddy - faster "underground" than any docile activity.
I could rant on and on (at the peril of turning into an armchair
sociologist), because this simplification of reality ties in with the
complaints about "hacking" coming from Tor exits, even culminating in
massive attempts to intimidate exit operators and attack the very
infrastructure in a futile attempt to deflect responsibility - one could
call it scapegoating.
(I would like to add the following - sadly non-operational - comment to
all the abuse complaint discussions:
One who runs a server should accept the responsibility for securing
one's own service - the responsibility for securing one's service rests
with the endpoint, not the carrier. It can't really be fully delegated.
At least that's the philosophical standpoint I stand firmly convinced of
- espousing the opposite one, I believe, lands one in a make-believe
world where problems are solved by looking up to "authority" and no one
has any agency and competence left.)
Those who venture into Tor blocking on their own, believing in points
(a, b, c) above, are likewise deluding themselves.
The only thing that really can be done is try and convince people who do
it wrong, one by one, and let them see the light. I do this too (under
my "real" name), but so far never got a reply that betrayed any inkling
of understanding.
We're up against just too much FUD.
Tristan:
> They obviously don't know what they're doing since they "aren't checking
> the reject policy" on your non-exit relay. Hopefully they'll sort it out.
> Netflix had the same thing for a while.
>
> On Nov 26, 2016 2:55 PM, "fr33d0m4all" wrote:
>
>> Hi,
>> I just want to share my recent time experience with Vodafone Italia
>> (mobile carrier). Some days ago, for the first time, I was surfing
>> Vodafone.it site from my home network where I run a Tor non-exit relay,
>> and when I surfed "https://ricarica.vodafone.it/"; I've got the following
>> error page:
>>
>> Access denied (403)
>>
>> Active policy for this site prohibits access from TOR Network.
>>
>> For further information, do not hesitate to contact us.
>>
>> Contact us: support+vodaf...@reblaze.com
>>
>> For a reference, please provide the following paragraph:
>>
>> [MyIPAddress]://vodafone-rbzr2313438303139323634335aee0f47488438e0
>> [1480192643]
>>
>> I wrote to reblaze.com, I've explained that I'm running a non-exit relay
>> and that even if Vodafone is saying that traffic from Tor (they say TOR
>> -__- ) Netw