On 13/04/13 11:49, Moritz Bartl wrote:
> On 13.04.2013 09:05, Jorge-Leon wrote:
>>> 1) Allow everything (except port 25, which is reasonable to block)
>>> 2) If you don't want the DMCA spam notices, use the reduced exit policy.
>> Please expand on "except port 25, which is reasonable to block", or
On 12/04/13 22:54, Moritz Bartl wrote:
> On 12.04.2013 19:16, Matt Joyce wrote:
>> It would help a lot if we used versioning and stopped sending almost
>> unchanged data constantly and instead only providing the changes
> I doubt that this is easy to do in a privacy-preserving way. You don't
> wan
On 13.04.2013 09:05, Jorge-Leon wrote:
>> 1) Allow everything (except port 25, which is reasonable to block)
>> 2) If you don't want the DMCA spam notices, use the reduced exit policy.
> Please expand on "except port 25, which is reasonable to block", or
> point me to an explanation.
In short: We
On 11.04.13 21:00, Moritz Bartl wrote:
On 11.04.2013 12:15, t...@caber.nl wrote:
If we want to avoid the packet-dropping problem: We could also reject
the IP-addresses of those sites with torrc. What is your opinion about
that Moritz? And, would it ok for the authorities and users with little
ba
On 12.04.2013 19:16, Matt Joyce wrote:
> It would help a lot if we used versioning and stopped sending almost
> unchanged data constantly and instead only providing the changes
I doubt that this is easy to do in a privacy-preserving way. You don't
want to be able to discriminate relays based on w
> Bittorrent may be an exception to the above but the performance cost
> would be at the clients end and for one bittorrent is hardly a realtime
> protocol a little delay making each connection would not make much
> difference, two it performs poorly if you insist on running it over tor
> anyway an
In some work I've done, limitations would follow as such...
a) Advertising non-desire for traffic (exit policy) is the same as
packet filtering with the same rules locally.
b) You can filter whatever you want at any inspection
level you want, for whatever reason, or random/no reason, ***so
long as
> tor could easily be made to efficiently use a similar mechanism, if it
> doesn't already in order to perform the lookups to compute the answer to
> "What is the subset of exit nodes allowing exit to IP addr X on port Y?"
The answer may lie with the client polling some exits and computing
the ans
On 12/04/13 15:03, Moritz Bartl wrote:
> On 12.04.2013 13:33, Matt Joyce wrote:
I assume you mean firewall-based blocking? You could have simply rejected
those IPs via ExitPolicy (see "man tor"). That's a clear-cut way to tell
the
network you don't accept connections to those I
On 12.04.2013 13:33, Matt Joyce wrote:
>>> I assume you mean firewall-based blocking? You could have simply rejected
>>> those IPs via ExitPolicy (see "man tor"). That's a clear-cut way to tell the
>>> network you don't accept connections to those IPs, and no risk of being
>>> labeled a BadExit.
>>
On 11/04/13 20:00, Moritz Bartl wrote:
> On 11.04.2013 12:15, t...@caber.nl wrote:
>> If we want to avoid the packet-dropping problem: We could also reject
>> the IP-addresses of those sites with torrc. What is your opinion about
>> that Moritz? And, would it ok for the authorities and users with l
On 04/12/2013 11:35 AM, Troy Arnold wrote:
On Fri, Apr 12, 2013 at 11:00:42AM +0200, bartels wrote:
On 04/12/2013 10:06 AM, Moritz Bartl wrote:
On 11.04.2013 22:17, bartels wrote:
I don't see the legal issue, though. Maybe it is there, but I don't see
how rejecting sites via Exit Policy ;) wou
On 09/04/13 20:46, krishna e bera wrote:
> On Tue, 9 Apr 2013 22:59:06 +0600
> Roman Mamedov wrote:
>
>> On Tue, 9 Apr 2013 12:50:09 -0400
>> krishna e bera wrote:
>>
>>> So at the risk of being labelled a BadExit (or at best a non-net-neutral
>>> exit) i
>>> blocked all of ThePirateBay's ip add
On Fri, Apr 12, 2013 at 11:00:42AM +0200, bartels wrote:
> On 04/12/2013 10:06 AM, Moritz Bartl wrote:
> >On 11.04.2013 22:17, bartels wrote:
> >>I don't see the legal issue, though. Maybe it is there, but I don't see
> >>how rejecting sites via Exit Policy ;) would trigger any one of (1)
> >>thro
On 12.04.2013 11:00, bartels wrote:
>>> I don't see the legal issue, though. Maybe it is there, but I don't see
>>> how rejecting sites via Exit Policy ;) would trigger any one of (1)
>>> through (5).
>> Yes, rejecting via exit policy should not, but direct
>> filtering/tampering via iptables migh
On 04/12/2013 10:06 AM, Moritz Bartl wrote:
On 11.04.2013 22:17, bartels wrote:
I don't see the legal issue, though. Maybe it is there, but I don't see
how rejecting sites via Exit Policy ;) would trigger any one of (1)
through (5).
Yes, rejecting via exit policy should not, but direct
filteri
On 11.04.2013 22:17, bartels wrote:
> I don't see the legal issue, though. Maybe it is there, but I don't see
> how rejecting sites via Exit Policy ;) would trigger any one of (1)
> through (5).
Yes, rejecting via exit policy should not, but direct
filtering/tampering via iptables might.
--
Mor
On 04/11/2013 08:56 PM, Moritz Bartl wrote:
On 11.04.2013 11:56, bartels wrote:
>> I totally agree. That's why our relays allow every port except 25. But,
>> in the event that DMCA complaints scare away the ISP (or the exit
>> operator), they should go for the reduced exit policy (and look fo
On 11.04.2013 12:15, t...@caber.nl wrote:
> If we want to avoid the packet-dropping problem: We could also reject
> the IP-addresses of those sites with torrc. What is your opinion about
> that Moritz? And, would it ok for the authorities and users with little
> bandwith if I reject ~100 ip-adresse
On 11.04.2013 11:56, bartels wrote:
>> I totally agree. That's why our relays allow every port except 25. But,
>> in the event that DMCA complaints scare away the ISP (or the exit
>> operator), they should go for the reduced exit policy (and look for a
>> better ISP), instead of randomly dropping p
Moritz Bartl schreef op 2013-04-11 09:48:
On 10.04.2013 23:42, t...@caber.nl wrote:
It sounds very handy to use the Reduced Exit Policy. But if we _all_
do
that there will be too little exits for users who want to connect to
'strainge' ports. That way they get less anonyimity because they
can'
On 04/11/2013 09:48 AM, Moritz Bartl wrote:
On 10.04.2013 23:42, t...@caber.nl wrote:
It sounds very handy to use the Reduced Exit Policy. But if we _all_ do
that there will be too little exits for users who want to connect to
'strainge' ports. That way they get less anonyimity because they can'
On 10.04.2013 23:42, t...@caber.nl wrote:
> It sounds very handy to use the Reduced Exit Policy. But if we _all_ do
> that there will be too little exits for users who want to connect to
> 'strainge' ports. That way they get less anonyimity because they can't
> choose from hundreds of exits.
> In g
Steve Snyder schreef op 2013-04-10 22:35:
On Wednesday, April 10, 2013 3:42pm, "Jorge-Leon"
said:
[snip]
Oh! I too use the filter as in "BlockingBittorrent".
I did not want to restrict my relay to the "ReducedExitPolicy".
Almost all
complaints were Bittorrent related. So I hoped "BlockingBi
On Wednesday, April 10, 2013 3:42pm, "Jorge-Leon" said:
[snip]
> Oh! I too use the filter as in "BlockingBittorrent".
>
> I did not want to restrict my relay to the "ReducedExitPolicy". Almost all
> complaints were Bittorrent related. So I hoped "BlockingBittorent" would be
> the right ting to
On 10.04.13 12:35, Moritz Bartl wrote:
...
Another thing is filtering on bittorrent. The tor site suggests a filter:
https://trac.torproject.org/projects/tor/wiki/BlockingBittorrent
Just because it is in the community wiki, it is not something you should
do, or an official Tor recommendatio
On 04/10/2013 12:35 PM, Moritz Bartl wrote:
Spending time on "legal issues" is part of the job of an exit operator.
Sorry.
Thanks for educating me.
As a C programmer, I can probably contribute in other ways.
- bartels
___
tor-relays mailing list
to
On 09.04.2013 18:04, bartels wrote:
> Personally, I cannot afford complaints and spend time on legal issues;
> however groundless they may be it is not what I do.
Spending time on "legal issues" is part of the job of an exit operator.
Sorry.
DMCA notices are totally harmless.
> Another thing is
On Tue, 9 Apr 2013 22:59:06 +0600
Roman Mamedov wrote:
> On Tue, 9 Apr 2013 12:50:09 -0400
> krishna e bera wrote:
>
> > So at the risk of being labelled a BadExit (or at best a non-net-neutral
> > exit) i
> > blocked all of ThePirateBay's ip addresses from my exit node for a
> > while.
>
> I
On Tue, 9 Apr 2013 18:01:40 +0100
mick allegedly wrote:
>
> Though personally I'm with Romanov here.
Correction. "Roman" (forgive me Roman).
Mick
-
blog: baldric.net
gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B
On 04/09/2013 07:01 PM, mick wrote:
Though personally I'm with Romanov here. Just relay with no exit until
you have a better feel for tor.
Mick
I guess you are right.
Thanks for the tips.
- Bartels
___
tor-relays mailing list
tor-relays@lists.torpr
On Tue, 09 Apr 2013 18:33:26 +0200
bartels allegedly wrote:
> On 04/09/2013 06:24 PM, Steve Snyder wrote:
> > Just make life easy for yourself and use the Reduced Exit Policy:
> >
> >https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
> Good advice. Had not seen that.
>
> Mus
On Tue, 9 Apr 2013 12:50:09 -0400
krishna e bera wrote:
> So at the risk of being labelled a BadExit (or at best a non-net-neutral
> exit) i
> blocked all of ThePirateBay's ip addresses from my exit node for a
> while.
I assume you mean firewall-based blocking? You could have simply rejected
th
On Tue, 09 Apr 2013 18:04:53 +0200
bartels wrote:
> On closer inspection, I find that bittorrent can run over the tor network,
> like any other traffic.
It doesnt run both ways because peers cannot be available for incoming
connections, so users will find themselves eventually banned from
serve
On 04/09/2013 06:24 PM, Steve Snyder wrote:
Just make life easy for yourself and use the Reduced Exit Policy:
https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
Good advice. Had not seen that.
Must say it is a pretty loose list. I do not see the point in accessing a squid
On Tuesday, April 9, 2013 12:04pm, "bartels" said:
> Forgive my ignorance, I am new to tor and learning.
> On closer inspection, I find that bittorrent can run over the tor network,
> like
> any other traffic.
> Personally, I cannot afford complaints and spend time on legal issues; however
> grou
On Tue, 09 Apr 2013 18:04:53 +0200
bartels wrote:
> Forgive my ignorance, I am new to tor and learning.
> On closer inspection, I find that bittorrent can run over the tor network,
> like any other traffic.
> Personally, I cannot afford complaints and spend time on legal issues;
> however groun
Forgive my ignorance, I am new to tor and learning.
On closer inspection, I find that bittorrent can run over the tor network, like
any other traffic.
Personally, I cannot afford complaints and spend time on legal issues; however
groundless they may be it is not what I do.
It leaves me with a q
Hello Mo,
Thanks for answering. My question was not really clear, but the issue is
resolved anyway.
The server was hacked and is re-installed.
So, nothing to do with tor; the exit relay is up and running again.
- Bartels
On 04/09/2013 10:21 AM, Moritz Bartl wrote:
Hi,
Most countries have li
Hi,
Most countries have liability exemptions for passing traffic. There is
no legal obligation to shut down or anything.
See also
https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines .
What is your question exactly?
--Mo
On 08.04.2013 18:28, bartels wrote:
> Hi People,
>
> Two
Hi People,
Two days ago I opened two fast tor exit relays v2.3 on debian wheezy.
Now I get complaints from paramount that I have unwittingly distributed Hansel
and Gretel via BitTorrent
39585
BitTorrent
Can this be linked to tor, or is that impossible?
I don't want to shut dow
41 matches
Mail list logo
