On Fri, Oct 3, 2014 at 9:18 AM, Lunar <[email protected]> wrote: > Derric Atzrott: >> There are some strong ethical questions in logging all traffic from a >> relay, but I can't see any other way to get this sort of data. > > The answer to the ethical question is simple: this is plain wrong. You > don't spy on people.
There's a difference between various depths of research you might conduct and present: - This week saw b-traffic in n-sessions to google, facebook, tor2web. - This week there were 25000 unencrypted POP3 sessions, 20 http, 50 ssh, etc. - This week there were 25000 unencrypted POP3 sessions to yahoo. - 10000 from user 0000001@yahoo, 10000 from 0000002, 5000 from 0000003. - 10000 from USER bob@yahoo, 10000 from mary, 5000 from john. - Hey look, mary's cheating on bob with john. At conduction, the last three could be a problem for you and users. At presentation, only the last two. The sites and ISP already know exit the hits came from so that's of no issue to users. There's a spectrum, so you can't just throw out blanket ethic/legal over all exit research work. https://www.youtube.com/results?search_query=netflow+analysis http://www.alexa.com/topsites http://www.clamav.net/ https://www.bro.org/ Reminds me, I need to buy more splitters... > But there's also a legal aspect to it: in many jurisdictions, as soon as > you start looking at the traffic, you become liable for it. Looking agnostic is one thing, probably more likely to burn your eyes out than get legal'd for it. Talking/using [with intent] is another thing. And of course filtering causes problems when filters fail, endorsement is pointed at you, you look stupid, or promulgate police states. http://www.netnanny.com/ -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
