Lee Malek writes: > Hi, I am new here. > > I have an idea for a tor sub-project that would serve our purpose (fighting > censorship) perfectly. > > This would be a different version of tor - a sort of sub-tor... and a browser > plugin. > > Everyone that installs this version of tor would be forced to run a relay - > but only for comments - no images, etc. > > The browser plugin would connect to the tor app and scan the webpage the > person is on. The plugin would display on a drop down comments people have > made using the tor comments system. They can of couse make comments of their > own. > > I think this is a must for our purpose. So many news website block comments > they dont like these days.
This is a major change from the existing approach of Tor and the Tor developers. First, the Tor project has only focused on preventing censorship by networks and network operators, not by web sites. The censorship-resistance approach of Tor has been that your ISP shouldn't be able to control whom you can communicate with, as opposed to that web sites shouldn't be able to control who can post there or what they can post. Although the Tor Project has been very interested in ways to encourage sites not to block anonymous users, there's never been an effort to force the sites to accept anonymous users, or to conceal the fact that someone is using Tor on the exit side. In fact, the Tor Project has specifically rejected the idea of doing that: https://www.torproject.org/docs/faq.html.en#HideExits ("If people want to block us [on the exit side], we believe that they should be allowed to do so.") Second, Tor has never tried to "force" people to route other people's traffic or to hide the fact that this is happening. Instead, there are a lot of cautions given to people who are considering operating exit relays. In your proposal, all of the users would be acting as exits and routing (some) traffic to the public Internet. That would tend to put unsuspecting users at risk because they'd start to be the subject of abuse complaints, including on their home Internet connections. (In some designs, people could also deliberately target specific people they don't like by posting threats through those people's connections.) That would also probably make running Tor a lot less appealing to some users because they wouldn't be given the choice about whether to provide exits for other people's traffic. Third, the distinction between "comments" and other kinds of traffic is one that requires a huge amount of programming to enforce, and that can probably only be enforced if users aren't using HTTPS to connect to the sites. The Tor Project and larger Tor community have been trying very hard to get HTTPS deployed everywhere specifically so that Tor exit nodes _won't_ be able to spy on or examine what Tor users are doing. If progress continues to be made on that front, the Tor exits will be less and less in a position to make the distinction that you suggest between comments and other stuff. (It might be possible to extend the Tor protocol to have "comment posting" be a special kind of exit, where the user explicitly entrusts the text of the comment to the exit node, which then makes its own HTTPS connection to the site and posts the comment. But that would be a lot of engineering work and would entail a new arms race with the web site operators, who would be able to update the HTML code of their sites frequently to stop Tor exit nodes from being able to recognize where and how to post the comments. So that's a lot of effort for a kind of blocking resistance that Tor developers don't necessarily support philosophically and that would be challenging to sustain over time.) Fourth, there are some other technical problems with having everyone be a relay. https://www.torproject.org/docs/faq.html.en#EverybodyARelay -- Seth Schoen <sch...@eff.org> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk