> In most cases, they come to us to ask how they can handle the > jerks without punishing everyone. This implies they see value in > Tor.
This is quite interesting response. The second sentence of which indicates the 'everyone' is Tor, being seen in two categories, jerk, nonjerk. Not everyone as in their entire userbase. Interesting is they came to Tor to segregate that. Thought they would just ask how to nuke it all and move on. It's pretty awesome various people are getting out and actually talking with each other! > Something more automated, like nymble, may be a boon to more > acceptance of Tor (http://www.cs.dartmouth.edu/~nymble/). Briefly reading their docs. Looks like another brokered system. Problem is the PM's and NM's are run by the same third party. That party has all the data needed to de-anon you at the request of the site or other entities. Even if the roles are split across parties it is still much weaker than Tor. And they quote: "Nymble's main goal is to protect users' privacy with respect to the servers they connect to: Client's IP addresses are anonymous to servers. Clients must trust Nymble to provide this anonymity against servers." Further, it can't deal with multiple users behind say, corporate, university and cafe nats. And it DHCP environments could be a mixed bag of time delays after getting stuck with the jerks old ip address. It still has a place though, but hopefully not an exclusive one. The time forgiveness is nice. > I believe these are automated systems blocking posts or such, and > not targeted at Tor itself. If this refers to Craigslist, it seems that yes, sometimes it will throw up an automated blocked-392242...@craigslist message upon viweing. As for posting, they tend to silently sink posts somewhere in the positng process before it actually makes it into the listings. My testing seems to say that some large fraction of the exit nodes are blocked in this silent fashion. I think Craigslist is in dire need of systems programming help and a good bit of creativity. Their flagging system can be leveraged much more effectively. And they can definitely reap some good wins with throwing both their posts and inbound mail through the equivalent of DSPAM. And they do really stupid stuff like putting the email links in the personals section behind captchas but leave the rest of their site links open. I'd leave it all open and DSPAMify it. With all the spam posts they have, there's actually benefit in allowing geeks to automate their LTR searches and replies :) In Canada, plentyoffish seems to block new account creation via tor. Usage works ok, unless you roam outside minimally the USA, then you get auto nuked. Google also blocks new accunt creation. Honestly, I don't have much faith in google anymore. With all their brainpower they really have no excuse for throwing up SMS as a way to combat their publicly stated primary reason for doing so in their FAQ's... spam prevention. Facebook seems ok. Hate Ebay so can't comment. Don't know much about identi or LJ. Though agreed, absent statements from them all as to what they're doing to combat and assist behind the scenes, it could be just the Tor IP's being unlucky in the game of permanent whack a mole. As opposed to targeting Tor specifically. I'll give that maybe 50/50 odds. > I think the more enlightened a company is about handling privacy, > the more their userbase will trust them. I'm more likely to use > a company if they say they respect my privacy by allowing me to > use Tor Absolutely agreed. I've read dozens of corporate privacy policies end to end and they all have a numerous cop outs in them that give me no reason to trust them. Particularly in regards to 'those third parties which provide services to them so they can serve you' clauses. The more restrictive/closed about how their services are used and their internal policies and practices, the less kudos they earn. I would not be suprised at all if there are third party shells backed by very large black orgs whose purpose is to vacuum up, correlate, and rebroker the social data space... based entirely on similar cop outs or plain old under the table dealings. Blacker versions of Intelius, Axciom, Google and the credit bureaus come to mind. Happy socializing, suckers ;) > If someone wants to help coordinate a lunch or some meetup; there > are Tor people that can show up to help. I've been impressed by > some of the presentations others have done about Tor, online > privacy, anonymity and why this matters, all over the world. Local linux/bsd/win/mac/2600/cissp/infragard/etc user groups also come to mind as both source and sink for Tor related outreach. *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
