-------- Weitergeleitete Nachricht -------- > Von: Christian Adam <hirnwu...@t-online.de> > An: tor-relays@lists.torproject.org > Betreff: Re: [tor-relays] I'm Running A Tor Exit But Never Initiated > It > Datum: Mon, 30 May 2016 22:14:51 +0200 > > Dear Percy, > > I read all of your messages very carefully and, please, believe me, I > don't mean to be rude, but just want to provide you a little bit of > relief. > > First of all, I have to share that I AM in fact a schizophrenic for 16 > years now, but fully therapied to the extent I do a job as a system > administrator and get certified for being a data security officer this > week. > This won't reveal any competence on my side, but gives a clue about my > functional level which is, after all, related to sanity. > > Why do I tell this? > Because you don't seem to know much about computers AND because 60% of > the population experience states during their lifetime resembling mine > while diagnosed, but nobody minds and it goes away and was just > triggered by external circumstances and internal attributions. > > I tell this, because my delusional system did not involve at all any > technical devices, but was completely interpersonal and cultural, which > is a little seldom in western countries. > > So, I learned that even if improbable, it helps keeping a harmless, > maybe also annoying, possibility in mind. > > Read Foster-Wallace, This Is Water? > > So, let's have a clue at the facts. > You moved to a new region. > So, you were not yet closely related to your new environment and the old > one you left might have been more and more distant, which makes people > sometimes do morally questionable things. > > You don't know anything about computers, so, someone must have installed > your linuxes. > > I also do that for people. My 73-year-old mom uses linux. And a former > friends mother. > I do remote administration via Teamviewer as I prefer users being > graphically informed I am on their box after their consent. > > Maybe the girl or guy who installed your linuxes has enabled SSH remote > access combined with a DynDNS name resolving to remotely administrate > (and spy) you (out). > > Maybe things got socially weird, not technically. > Maybe the computer shutdown at the library was just coincidence, as this > also happened to me at a university terminal which might have been > poorly maintained. > > In my educational company, the public PCs are the most poorly maintained > and I know that because I am in charge of that and not every library is > financially well off. > > The config you posted reveals two things: > 1. NOT an exit. > 2. You don't know that. > Let me explain. The hash symbol # comments out lines, i.e. these lines > don't contain config, but human readable remarks. > Of course, in a default config file, you can include commented out > options because the easily can be activated by removing the #. > Lines beginning with # are just nothing. > > The second thing is, that your "hard drive is partitioned". > Every hard drive is partitioned. > Operating systems don't use the raw physical devices, but the partitions > made up on them containing the file systems. > > On the most basic Windows installs, there's at least one partition which > you might know as device C:. > Personally, when I install linux, I separate system and user data which > results in two partitions at minimum, one containing /, the root > directory ("file system" in your file browser), and /home containing the > users' personal folders. > > Next thing is that /var/lib/tor contains among others sensitive > statistical data concerning the relays users and are therefore is only > accessible as root via a sudo command. > If you type "sudo -i" and "cd /var/lib/tor", you should be able to > access it as sudo provides you with administrator privileges which are > called root privileges on linux. > You cannot do "sudo cd /var/lib/tor". > > If this folder was normally accessible, someone could just use a > vulnerability in your firefox and learn from where your users originate > and if he knows your record of connections, he would know what the > people from region X do with your connection: accessing a relay or a > bridge, which sets users not only in other jurisdictions at risk of > uncontrolled data collection by whoever it is. > > I asked my mom whether she wants to run a bridge. > She didn't and so I did not install one. > I asked my CEO if he wants to run a bridge. > He didn't and so I did not install one. > I just got the job because I told everything an employer is not allowed > to ask here in Germany, because I told them that they first have to > decide whether to trust me as I will have highest privileges on the > entire network including their private PCs. > > What is true that remote administration is great for saving time and > miles to do people a quick favour. > But it can be used irresponsibly. > > Maybe the one providing you your installs decided you won't even notice > and you get that relay, period. > Not nice. Not responsible. Morally highly questionable. > But after all, quite probable, as every device has a partitioned hard > drive and real adversaries have a keen eye on you not noticing never > ever you have been compromised, except ransomware tricking you into > sending money via Western Union or Bitcoins. > > Criminals want to do criminal business, except ransomware tricking you > into sending money via Western Union or Bitcoins, and agencies want to > prosecute, but scaring you is not an aim of either if you're not an > agent yourself. > > In my house are 8 appartements. > Two of us are schizos. > We integrate well (public health system) and our neighbours like us, > but, of course, we use linux and of course, we have paranoid passwords > and of course... you understand, I guess. > > I have never ever been hacked. > But in my company, I can access every computer without prompting for > consent as everybody finds that comfortable cause they know about that. > I'm in the network at 3 a.m. and I can turn on half of the workstations > while laying in my bed. > > I know how that feels. > My diagnosis reads "paranoid-hallucinatoric schizophrenia" and I know > how it feels to have a perspective not even one of 7 billion people > share. > > Sensitivity is paranoia's beautiful sister. > I strongly suggest someone just wants to mock you. > > Given my experience with newbie users, paranoia and system > administration, what you wrote seemed quite normal and you didn't > provide (as far as I remember) any unusual technical details. > > Maybe what just happened was a lack of informed consent resulting in a > tasteless prank. > > I don't want to do injustice to you, but since Edward Snowden, we're all > used to question every system crash and honestly, our times seem to be > hysterical and violence-saturated. > > The rule is simple. When a user thinks he's infected, he's almost always > not. > If he's infected, he wouldn't notice. > > Hugs, I hope you find peace again soon. > > Please don't feel offended, I only told my story based on the facts you > gave. > > And kind regards, > > christian > > > Am Montag, den 30.05.2016, 13:25 +0200 schrieb Christian Pietsch: > > Hi GDR! > > > > On Mon, May 30, 2016 at 12:54:41PM +0200, GDR! wrote: > > > On Sun, 29 May 2016 15:23:24 +0000 "kr...@anche.no" <kr...@anche.no> > > > wrote: > > > > > > > I can't image a single reason why Tor should be configured to run a > > > > relay without the system admins knowledge. > > > > > > Debian did this - I'm not sure if it does that any more. > > > > This bug is not present in current and recent versions of Debian. > > > > > `apt-get install tor` used to run an exit relay unless you uncomment > > > "ExitPolicy reject *:*" in torrc. I had the same problem a few years > > > ago, suddenly captchas started appearing everywhere after installing > > > tor. > > > > Do you mean this bug in Tor 0.1.0 which was fixed in 2005? > > > > -------------- begin quote from the Debian changelog -------------- > > > > tor (0.1.0.11-1) unstable; urgency=high > > > > * New upstream version (closes: #316753): > > - Fixes a serious bug: servers now honor their exit policies - > > In 0.1.0.x only clients enforced them so far. 0.0.9.x is > > not affected. > > * Build depend on libevent-dev >= 1.1. > > * Urgency high because 0.0.9.10-1 did not make it into testing after > > like 3 weeks because of an impending ftp-master move. So I might > > just as well upload this one. > > > > -- Peter Palfrader <wea...@debian.org> Mon, 4 Jul 2005 17:53:48 +0200 > > > > -------------- end quote from the Debian changelog -------------- > > > > > > Cheers, > > Christian > > > > _______________________________________________ > > tor-relays mailing list > > tor-relays@lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > >
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays