Re: Restricted Exit Policy Port Suggestions?
On Wed, 11 Aug 2010 03:05:24 -0700 Mike Perry mikepe...@fscked.org wrote: It's become clear that it is almost impossible to run an exit node with the default exit policy in the USA, due to bittorrent DMCA abuse spambots. I believe this means that we should try to come up with one or more standard, reduced exit policy sets that allow use of the majority of popular internet services without attracting bittorrent users and associated spam. Using previous threads, I have an initial sketch of such a policy at: https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment It includes the following ports: 20-22, 53, 79-81, 110, 143, 443, 465, 563, 587, 706, 873, 993, 995, 1863, 5190, 5050, 5222, 5223, 8008, 8080, . While looking over the Vidalia settings, I just noticed that IRC is missing from this list: , 6667, 6697. However, IRC is also a common source of abuse and DDoS attacks, and is often forbidden by ISP AUP. Because of this, I was thinking we should probably define 3 or 4 levels of Exit Policy: 1. Low Abuse (above list, possibly minus 465, 587 and 563) 2. Medium Abuse (above list, plus IRC) 3. High Abuse (default exit policy) Now the question is, what other ports should we add or subtract from this list? I just looked through the IANA-registration-based services file from iana-etc 2.30 (http://sethwklein.net/iana-etc/ as installed to /etc/services on Arch Linux). Here are my recommendations: Add: * 70 (Gopher) * 504 (Citadel (a BBS; see http://citadel.org/)) * 553 (PIRP (see http://cr.yp.to/proto/pirp.txt) * 564 (9P (related to Plan 9; documented at multiple sites)) * 1649 (IANA-registered Kermit port) * 2401 (CVS pserver) * 2628 (DICT (see http://www.dict.org/ and/or IETF RFC 2229)) * 3690 (Subversion) * 4155 (bzr version control system) * 4349 (fsportmap (related to Plan 9)) * 4691 (Monotone version control system) * 5999 (CVSup) * 6121 (SPDY) * 9418 (Git) * 11371 (HKP (“OpenPGP HTTP Keyserver”)) Gopher and Kermit are still in use; Citadel is in use, and the protocol used on port 504 appears to support TLS. PIRP may or may not be in use, but I do not expect abuse complaints related to it. 9P is useful over the Internet, and the Plan 9 ports are unlikely to be exposed to the Internet (or accessed!) unintentionally or by technically clueless users for the foreseeable future, so they should not result in abuse complaints. CVSup can be used to upgrade FreeBSD to a -CURRENT system. The rest of the ports listed above need no further explanation. Other ports to consider: * 194 (IANA-registered IRC port) * 994 (IANA-registered IRC-SSL port) * 1080 (IANA-registered SOCKS port) * 1789 (in IANA services file, registered to DJB; described only as “hello”; possibly useful for testing connectivity to a soon-to-be-public server) * 5191..5193 (other AOL ports; 5190 is already listed) * 5556 (FreeCiv (turn-based game)) * 5688 (GGZ Gaming Zone (probably low-data-rate, although the protocol is probably not useful over Tor and should be checked for unwanted information disclosure)) * 6665 (in IANA services file; described only as “IRCU”) * ..6673 (not listed in IANA services file, but used unofficially by the Inferno VM; overlaps with customary IRC ports; no ports in this range are listed as used by file-sharing programs) * 8074 (Gadu-Gadu) * 8990..8991 (in IANA services file; described as “webmail HTTP(S) service”) I don't expect these ports to cause much trouble for the Tor exit node (except possibly the IRC ports). Port 1080 can be used to reach BitTorrent or other rude services, but that's a little trickier for the client to set up than Tor alone, and it is less likely to result in DMCA complaints sent to the Tor exit operator (although the SOCKS server operator may complain). Robert Ransom signature.asc Description: PGP signature
Re: Restricted Exit Policy Port Suggestions?
On Wed, 11 Aug 2010 08:44:38 -0400 and...@torproject.org wrote: On Wed, Aug 11, 2010 at 03:05:24AM -0700, mikepe...@fscked.org wrote 1.8K bytes in 55 lines about: : It's become clear that it is almost impossible to run an exit node : with the default exit policy in the USA, due to bittorrent DMCA abuse : spambots. I believe this means that we should try to come up with one : or more standard, reduced exit policy sets that allow use of the : majority of popular internet services without attracting bittorrent : users and associated spam. Giving in to the automated accusations of DMCA violations is a sad statement on the contemporary Internet. It seems the chilling effects of the DMCA are so palpable, no one wants to fight back any more, not users and not ISPs. See http://chillingeffects.org/ for more analysis and options on how to respond. Are there no ISPs/datacenters left in the USA willing to defend the First Amendment of the US Constitution and the user's legal protections under patent/trademark/copyright laws? What you need is a federal prosecutor willing to put the DMCA-abuse spammers behind bars for a zillion counts of perjury. The threat of the EFF sponsoring an occasional lawsuit over a blatantly false accusation won't deter them; the spammers operate as ‘independent’ corporations with no real assets in their names, and if one shell company gets zapped in civil court, they'll close it and start two new ones running the same software the next day. The threat of being sent to prison for the next 2000 years might make those scum turn off their spambots and go ooze back to wherever they came from. Robert Ransom signature.asc Description: PGP signature
Restricted Exit Policy Port Suggestions?
It's become clear that it is almost impossible to run an exit node with the default exit policy in the USA, due to bittorrent DMCA abuse spambots. I believe this means that we should try to come up with one or more standard, reduced exit policy sets that allow use of the majority of popular internet services without attracting bittorrent users and associated spam. Using previous threads, I have an initial sketch of such a policy at: https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment It includes the following ports: 20-22, 53, 79-81, 110, 143, 443, 465, 563, 587, 706, 873, 993, 995, 1863, 5190, 5050, 5222, 5223, 8008, 8080, . While looking over the Vidalia settings, I just noticed that IRC is missing from this list: , 6667, 6697. However, IRC is also a common source of abuse and DDoS attacks, and is often forbidden by ISP AUP. Because of this, I was thinking we should probably define 3 or 4 levels of Exit Policy: 1. Low Abuse (above list, possibly minus 465, 587 and 563) 2. Medium Abuse (above list, plus IRC) 3. High Abuse (default exit policy) Now the question is, what other ports should we add or subtract from this list? -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpUROdGntQNx.pgp Description: PGP signature
Re: Restricted Exit Policy Port Suggestions?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Perry, on 08/11/2010 12:05 PM, wrote: It includes the following ports: 20-22, 53, 79-81, 110, 143, 443, 465, 563, 587, 706, 873, 993, 995, 1863, 5190, 5050, 5222, 5223, 8008, 8080, . ... Now the question is, what other ports should we add or subtract from this list? My 2 cents: I would add 119 (nntp) - -- http://torstatus.blutmagie.de/router_detail.php?FP=368a442ff0f0af0fa15c37c25b71dc7441be27da -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkxigPcACgkQIk+7gSPVysnJmACffn0laFx6eqN2aeN6QLv+A9PL 4iEAn10l30m/XL+T52/A0Hih24K2SD89 =4Xhh -END PGP SIGNATURE- *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Restricted Exit Policy Port Suggestions?
In my opinion, more often then not DMCA takedown requests center around file-sharing and also more often then not the takedown requests actually have validity to them. There are certainly instances where takedown requests are incorrect but the frequency of them isn't high (again, my opinion). My $0.02, after having processed many a takedown request. If you want to exclude p2p, then I would bet that the amount of abuse reports would plummet. Cheers, Harry On Wed, 2010-08-11 at 08:44 -0400, and...@torproject.org wrote: On Wed, Aug 11, 2010 at 03:05:24AM -0700, mikepe...@fscked.org wrote 1.8K bytes in 55 lines about: : It's become clear that it is almost impossible to run an exit node : with the default exit policy in the USA, due to bittorrent DMCA abuse : spambots. I believe this means that we should try to come up with one : or more standard, reduced exit policy sets that allow use of the : majority of popular internet services without attracting bittorrent : users and associated spam. Giving in to the automated accusations of DMCA violations is a sad statement on the contemporary Internet. It seems the chilling effects of the DMCA are so palpable, no one wants to fight back any more, not users and not ISPs. See http://chillingeffects.org/ for more analysis and options on how to respond. Are there no ISPs/datacenters left in the USA willing to defend the First Amendment of the US Constitution and the user's legal protections under patent/trademark/copyright laws? : 1. Low Abuse (above list, possibly minus 465, 587 and 563) : 2. Medium Abuse (above list, plus IRC) : 3. High Abuse (default exit policy) I wouldn't call them varying levels of abuse, as the name alone implies exiting Tor traffic generates abuse. It doesn't. Many exit nodes run without incident for years. We could probably better study/poll exit node operators and ask how many abuse complaints or dmca notices they receive over time to get more data on this topic. And of course, everyone forgets their Tor exit relay will transmit TB of normal traffic without incident. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Restricted Exit Policy Port Suggestions?
(sorry for the top posting, I do not believe my phone can bottom post.) Slightly OT but in response to the US ISP comment: Until recently (my motherboard gave out) the ISP Xmission was great about my server and dmca. I let them know about my tor node and the several dozen takedowns I received afterwards were ignored by them---not to mention everyone I have interacted with there has been very friendly and knowledgeable (and my residental speed was $60/month for 50 Mbps full duplex with fiber!) :) I figure there are still a few small ISPs out there which haven't had the chilling effect take hold. Kasimir Gabert On Aug 11, 2010 7:09 AM, Harry Hoffman hhoff...@ip-solutions.net wrote: In my opinion, more often then not DMCA takedown requests center around file-sharing and also more often then not the takedown requests actually have validity to them. There are certainly instances where takedown requests are incorrect but the frequency of them isn't high (again, my opinion). My $0.02, after having processed many a takedown request. If you want to exclude p2p, then I would bet that the amount of abuse reports would plummet. Cheers, Harry On Wed, 2010-08-11 at 08:44 -0400, and...@torproject.org wrote: On Wed, Aug 11, 2010 at 03:05:2... *** To unsubscribe, send an e-ma...
Re: Restricted Exit Policy Port Suggestions?
Am 11.08.2010 15:01, schrieb Harry Hoffman: There are certainly instances where takedown requests are incorrect but the frequency of them isn't high (again, my opinion). It is not so much that they are incorrect. What is incorrect is to force the takedown of Tor exit nodes because of - in comparison - little abuse. And after all the Tor relays are not the origin of the infringement and actually protected by the DMCA (512a). Still, upstream ISP don't care much and want the complaints to cease. In that sense, the takedown requests *are* incorrect. If you want to exclude p2p, then I would bet that the amount of abuse reports would plummet. You cannot exclude p2p if as with Tor exits policy is port based. Bittorrent (which is the main culprit here) uses port 80 (or 443 for SSL) for tracker connections, and random ports for actual transfer. If you cut of tracker connections (by blacklisting them), abuse stops. If you stop the actual transfers from happening, abuse stops, too. Both MediaSentry and BayTSP refer to the infringement including the port that the data was offered on. Moritz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Restricted Exit Policy Port Suggestions?
Thus spake and...@torproject.org (and...@torproject.org): On Wed, Aug 11, 2010 at 03:05:24AM -0700, mikepe...@fscked.org wrote 1.8K bytes in 55 lines about: : It's become clear that it is almost impossible to run an exit node : with the default exit policy in the USA, due to bittorrent DMCA abuse : spambots. I believe this means that we should try to come up with one : or more standard, reduced exit policy sets that allow use of the : majority of popular internet services without attracting bittorrent : users and associated spam. Giving in to the automated accusations of DMCA violations is a sad statement on the contemporary Internet. It seems the chilling effects of the DMCA are so palpable, no one wants to fight back any more, not users and not ISPs. See http://chillingeffects.org/ for more analysis and options on how to respond. Are there no ISPs/datacenters left in the USA willing to defend the First Amendment of the US Constitution and the user's legal protections under patent/trademark/copyright laws? Yeah, unfortunately what this means in practice is voting with your feet and leaving ISPs that simply do not want to devote the staff and the stress to dealing with this spam for you, regardless of the law. The problem is this drastically changes the effective market for bandwidth for Tor. Bandwidth costs are plummeting, and exit node operators (and thus the Tor network as a whole) are faced with a choice: you can pay less than $1/Mbit and go with an ISP that is less than ideal, but will still allow you to exit to most Internet services, or you put your foot down and end up moving your node every few months until you finally end up paying $20/Mbit with the RBN. Or, you shop around for non-US bandwidth. Sometimes, you just need to pick your battles. If you believe the DMCA is bullshit and want a full exit policy, I think the practical answer is Go outside the US for bandwidth. Or, be prepared to provider-hop for a good, long time. : 1. Low Abuse (above list, possibly minus 465, 587 and 563) : 2. Medium Abuse (above list, plus IRC) : 3. High Abuse (default exit policy) I wouldn't call them varying levels of abuse, as the name alone implies exiting Tor traffic generates abuse. It doesn't. Many exit nodes run without incident for years. We could probably better study/poll exit node operators and ask how many abuse complaints or dmca notices they receive over time to get more data on this topic. And of course, everyone forgets their Tor exit relay will transmit TB of normal traffic without incident. Yeah, perhaps that's not what we should call the options in the UI, but that is really what it boils down to. You can run an exit node for much longer without a complaint if you don't allow any form of IRC, SMTP, or NNTP. -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpryUeGXmW6o.pgp Description: PGP signature
Re: Restricted Exit Policy Port Suggestions?
Thus spake Mike Perry (mikepe...@fscked.org): Thus spake and...@torproject.org (and...@torproject.org): Yeah, unfortunately what this means in practice is voting with your feet and leaving ISPs that simply do not want to devote the staff and the stress to dealing with this spam for you, regardless of the law. The problem is this drastically changes the effective market for bandwidth for Tor. Bandwidth costs are plummeting, and exit node operators (and thus the Tor network as a whole) are faced with a choice: you can pay less than $1/Mbit and go with an ISP that is less than ideal, but will still allow you to exit to most Internet services, or you put your foot down and end up moving your node every few months until you finally end up paying $20/Mbit with the RBN. Or, you shop around for non-US bandwidth. Sometimes, you just need to pick your battles. If you believe the DMCA is bullshit and want a full exit policy, I think the practical answer is Go outside the US for bandwidth. Or, be prepared to provider-hop for a good, long time. Now, what we *should* be doing is turning on the default first, and then reducing it back to the restriced policy *after* complaints arrive and the ISP refuses the budge. They are not going to cancel service immediately, and if you argue with them for a bit, you can at least try to educate some people (and maybe make it easier for the next relay they get). This is what I've done with my nodes, and this is what Moritz did too. So far though, ISPs have insisted that either bittorrent goes, or we go. -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpXY8EmEgf2T.pgp Description: PGP signature
Re: Restricted Exit Policy Port Suggestions?
On Wed, Aug 11, 2010 at 11:52 AM, Mike Perry mikepe...@fscked.org wrote: [snip] Sometimes, you just need to pick your battles. If you believe the DMCA is bullshit and want a full exit policy, I think the practical answer is Go outside the US for bandwidth. Or, be prepared to provider-hop for a good, long time. [snip] This is, however, bad for the diversity of the Tor network. Ideally there would be exists as widely spread as possible in order to minimize the return on investment for attackers. It seems to me that there exists an opportunity to collaboratively build a list of destinations which are safe— in that the probability of an ISP complaint or an unfriendly law enforcement visit is effectively insignificant. Safe destinations might include things like some network services (DNS, esp if tor moves to the TCP dns stuff which has been discussed lately), human rights organizations, other anonymity services, read-only web resources, services which already have special handling for tor (e.g. Wikipedia, which is effectively read-only for Tor exits, IRC networks which identify and specially handle Tor), and services which are known not to keep logs. While these destinations would only amount to only a tiny fraction of the Internet they could amount to a reasonable portion of the overall exit usage thus freeing up the rest of the exit capacity for everything that can't use these limited exits and providing increased performance and diversity for things that can. This is something that would require some technical infrastructure. Currently nodes don't get an exit flag unless they are fairly broadly open... and thousands of nodes each running a different idea of the safe destinations would create a computational burden on circuit creation as well as significant directory bloat. Setting the exit flag on nodes with very narrow exit policies would also facilitate the creation of targeted exit spying nodes. To avoid these problems a single template exit list could be distributed with the directories then included in node exit lists. I don't have any great answer on how to create and manage such a list— a small one is fairly easy to manage but I don't expect a large one to be. But I think the bigger question is: would the existence of this option discourage the creation of full exits to such an extent that it would hurt the tor network overall? At least in the US and soon, with the ACTA, perhaps most of the developed world I think the answer is no. The difficulty in establishing network connectivity which won't be immediately shutdown due to overzealous notice-and-takedown conformance is already so great that anyone running a full exit instead of a relay is obviously putting out a special effort to do so. The existence of an easy limited-exit option shouldn't change the incentives much. There are other things which could be done to increase the usefulness of the tor network in the face of an increasingly difficult exit climate, for example improving the exit enclave functionality would be helpful (putting services which do not need anonymity themselves behind hidden services is far from optimal both due to performance and name discovery issues), but I don't think this would provide as great or as immediate a benefit as simply increasing the real exit capacity to selected destinations. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/