Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread krishna e bera 
On Fri, 24 May 2013 13:39:31 -0400
Chris Patti  wrote:

> I just had to shut my relay down because someone was using it to hijack
> someone else's Gmail account :\

If someone's Gmail account was "hijacked", they must have had a weak or
compromised password.  This has nothing to do with you or anyone else
running an anonymizing proxy network.
Linode abuse department is likely similar to other ISPs i have dealt
with, they just forward user complaints, without examining them, to the
ip block owner.  I had to be firm a couple of times in showing my
provider how the complaint was in fact due to the complainant's
negligence or faulty policy.
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread Andrea Shepard 
On Fri, May 24, 2013 at 05:04:49PM -0400, Griffin Boyce wrote:
>   If someone is noticing a trend where their exit is consistently doing
> , it may be possible to end that abuse with creative use of
> iptables.   Kind of surprised that Linode allowed a tor node to run in the
> first place.

You shouldn't use iptables to block connections that the exit policy
says are permitted; it makes clients get false positive connection failures.

-- 
Andrea Shepard

PGP fingerprint: 3611 95A4 0740 ED1B 7EA5  DF7E 4191 13D9 D0CF BDA5


pgpK7hYIST2eJ.pgp
Description: PGP signature
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread Nathan Suchy 
You could block port 443 for SSL
On May 24, 2013 2:26 PM, "Chris Patti"  wrote:

> I just had to shut my relay down because someone was using it to hijack
> someone else's Gmail account :\
>
> Dunno how I could get around this other than by blocking port 80, which is
> kind of the point :)
>
> -Chris
>
>
> --
> Christopher Patti - Geek At Large | GTalk: cpa...@gmail.com | AIM:
> chrisfeohpatti | P: (260) 54PATTI
> "Technology challenges art, art inspires technology." - John Lasseter,
> Pixar
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread Griffin Boyce 
Chris Patti  wrote:

> I understood the legal implications.  See my above note about the abuse
> report from Linode.
>
> I'm not complaining, just noting that it's unfortunate that folks have to
> abuse things.
>

  Agreed. People are jerks sometimes. =/

  If someone is noticing a trend where their exit is consistently doing
, it may be possible to end that abuse with creative use of
iptables.   Kind of surprised that Linode allowed a tor node to run in the
first place.

~Griffin
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread Alex 
So do companies. Your ISP was apparently unhappy with the exit node you had 
and looked quite far for something to shut it off.

Feel free to change the former exit node to a relay.


Gesendet mit AquaMail für Android
http://www.aqua-mail.com


Am 24. Mai 2013 21:36:53 schrieb Chris Patti :

I understood the legal implications.  See my above note about the abuse
report from Linode.

I'm not complaining, just noting that it's unfortunate that folks have to
abuse things.



On Fri, May 24, 2013 at 3:34 PM, Roman Mamedov  wrote:

> On Fri, 24 May 2013 13:39:31 -0400
> Chris Patti  wrote:
>
> > I just had to shut my relay down because someone was using it to hijack
> > someone else's Gmail account :\
> >
> > Dunno how I could get around this other than by blocking port 80, which
> is
> > kind of the point :)
>
> "The point" of what? -- and for the record, GMail Web interface uses HTTPS
> (port 443), not 80.
>
> If you don't want to run a 80/443 exit node, then consider allowing a
> number
> of different ports except those, AFAIK exits are scarce enough that any
> port
> that is used by people for anything that you can allow, will get used.
>
> However if you run an Exit node without fully understanding legal and other
> implications (and you seem to do just that), then by all means please
> don't :)
>
> --
> With respect,
> Roman
>



--
Christopher Patti - Geek At Large | GTalk: cpa...@gmail.com | AIM:
chrisfeohpatti | P: (260) 54PATTI
"Technology challenges art, art inspires technology." - John Lasseter,
Pixar
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk



___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread Tom Ritter 
On 24 May 2013 15:36, Chris Patti  wrote:

> I understood the legal implications.  See my above note about the abuse
> report from Linode.
>
> I'm not complaining, just noting that it's unfortunate that folks have to
> abuse things.


In my opinion the tragedy here is not that people abuse Tor, because
everything will be abused.  It's that providers will allow themselves to be
bullied, and then bully others, when behavior falls into the bucket of
"legal, but annoying".  If they SWIPed the IP, this could be averted
easily, and remove Linode from having to deal with the complaints at all,
but they won't do that either.

-tom (who also uses Linode for his server, but runs it as a middleman)
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread Chris Patti 
I understood the legal implications.  See my above note about the abuse
report from Linode.

I'm not complaining, just noting that it's unfortunate that folks have to
abuse things.



On Fri, May 24, 2013 at 3:34 PM, Roman Mamedov  wrote:

> On Fri, 24 May 2013 13:39:31 -0400
> Chris Patti  wrote:
>
> > I just had to shut my relay down because someone was using it to hijack
> > someone else's Gmail account :\
> >
> > Dunno how I could get around this other than by blocking port 80, which
> is
> > kind of the point :)
>
> "The point" of what? -- and for the record, GMail Web interface uses HTTPS
> (port 443), not 80.
>
> If you don't want to run a 80/443 exit node, then consider allowing a
> number
> of different ports except those, AFAIK exits are scarce enough that any
> port
> that is used by people for anything that you can allow, will get used.
>
> However if you run an Exit node without fully understanding legal and other
> implications (and you seem to do just that), then by all means please
> don't :)
>
> --
> With respect,
> Roman
>



-- 
Christopher Patti - Geek At Large | GTalk: cpa...@gmail.com | AIM:
chrisfeohpatti | P: (260) 54PATTI
"Technology challenges art, art inspires technology." - John Lasseter,
Pixar
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread Roman Mamedov 
On Fri, 24 May 2013 13:39:31 -0400
Chris Patti  wrote:

> I just had to shut my relay down because someone was using it to hijack
> someone else's Gmail account :\
> 
> Dunno how I could get around this other than by blocking port 80, which is
> kind of the point :)

"The point" of what? -- and for the record, GMail Web interface uses HTTPS
(port 443), not 80.

If you don't want to run a 80/443 exit node, then consider allowing a number
of different ports except those, AFAIK exits are scarce enough that any port
that is used by people for anything that you can allow, will get used.

However if you run an Exit node without fully understanding legal and other
implications (and you seem to do just that), then by all means please don't :)

-- 
With respect,
Roman


signature.asc
Description: PGP signature
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread Chris Patti 
To be clear, it was my choice.  Linode received an abuse complaint, so I
could either shut down the relay or have my account nuked.

I chose to shut down the relay.

-Chris


On Fri, May 24, 2013 at 3:07 PM, Joe Btfsplk  wrote:

> On 5/24/2013 12:39 PM, Chris Patti wrote:
>
>> I just had to shut my relay down because someone was using it to hijack
>> someone else's Gmail account :\
>>
>> Dunno how I could get around this other than by blocking port 80, which is
>> kind of the point :)
>>
>>  How exactly does their hijacking attempt implicate your relay?  At
> least, to shut it down entirely?  I'm just asking.
>
> If they used any other anonymous proxy, the hijacker's activities are his
> own - yes / no ?  I'm sure people hijack gmail accts all the time w/o using
> Tor.
> __**_
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk
>



-- 
Christopher Patti - Geek At Large | GTalk: cpa...@gmail.com | AIM:
chrisfeohpatti | P: (260) 54PATTI
"Technology challenges art, art inspires technology." - John Lasseter,
Pixar
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tragedy of the commons.

2013-05-24 Thread Joe Btfsplk 

On 5/24/2013 12:39 PM, Chris Patti wrote:

I just had to shut my relay down because someone was using it to hijack
someone else's Gmail account :\

Dunno how I could get around this other than by blocking port 80, which is
kind of the point :)

How exactly does their hijacking attempt implicate your relay?  At 
least, to shut it down entirely?  I'm just asking.


If they used any other anonymous proxy, the hijacker's activities are 
his own - yes / no ?  I'm sure people hijack gmail accts all the time 
w/o using Tor.

___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Tragedy of the commons.

2013-05-24 Thread Chris Patti 
I just had to shut my relay down because someone was using it to hijack
someone else's Gmail account :\

Dunno how I could get around this other than by blocking port 80, which is
kind of the point :)

-Chris


-- 
Christopher Patti - Geek At Large | GTalk: cpa...@gmail.com | AIM:
chrisfeohpatti | P: (260) 54PATTI
"Technology challenges art, art inspires technology." - John Lasseter,
Pixar
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk