sake of allowing privacy for the masses? okay, sure. i never really
cared about my data in the first place. ;-)
attackers have other ways, most definitely. but why use one of those other
methods (proxying through a botnet) when you have tor already available
to you?
don't get me wrong by the way. i use tor all the time. and i'm a pretty
legit tor user if i say so myself :), but i can understand why someone would
want to block it. i imagine a forensics person looks and sees a tor ip and
thinks "okay. i just deadended. there's nothing i can do because this is
a tor exit node." with a botnet, most bots can be traced back to their
meeting point which is a little bit more useful.
is there an easier way for denying tor? or instead of denying, how about
identifying a user as being tor and then redirecting them to a page that
explains why a tor user isn't allowed to visit a specific website.
if there's a better way to identify a tor user (malicious or not),
perhaps the list will benefit from it and come up with a better solution.
On 6/3/06,
Joel Jose <[EMAIL PROTECTED]> wrote:
its not just fair game. we had discussed it in tor irc chan. ok so you just made a apache mod for the black list. tor always did and always do allow anyone to block tor users if they please. but the easiness which tor gives for the blocking must not be overused to deny tor communications even for legitimate purposes(definition vague).hopefully the blacklists, apache mods.. and other methods of blocking tor are not "default" enabled. And hopefully the security cookbooks and other HOWTO's dont come with a default recommendation to enable these tor blocking modules.The admin needs to be educated about tor. Ideally he must be able to decide for himself the balance betrween anonimity and performance. He should be empowered to take his own decision. An educated and well informed decision. Remember " if privacy is outlawed, only outlaws will have privacy".. and hackers have better ways to protect their privacy.. but as of today.. legitimate users dont have that luxury.. tor is thier most practical hope.
joel.
--
As soon as men decide that all means are permitted to fight an
evil, then their good becomes indistinguishable from the evil
that they set out to destroy.
- Christopher Dawson, The Judgment of Nations
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
