[tor-dev] Solving World's Tor Users Being Blocked by Websites (was: Tor exit bridges)

grarpamp grarpamp at gmail.com
Wed May 8 00:14:43 UTC 2019


On 5/7/19, nusenu <nusenu-lists at riseup.net> wrote:
>
> juanjo:
>> Tor relays are public and easily blocked by IP. To connect to Tor
>> network users where Tor is censored have to use bridges and even PTs.
>> But, what happens on the exit? Many websites block Tor IPs so using
>> it to access "clearweb" is not possible. Should we allow and start
>> using "exit bridges"? In I2P we have not this problem since there is
>> no central IP list of relays.
>
> there is no need to extend to one more hope to achieve this
>
> https://lists.torproject.org/pipermail/tor-dev/2018-March/013036.html
>
> https://lists.torproject.org/pipermail/tor-relays/2019-May/017273.html

It's possible to augment such outbound
solution offerings even further by running
an OpenVPN termination service so users
can transport UDP between clearnet as well.
VPNGate.net project has an idea there too.
Even large regional IPv6 pools could be bought
and shared by operators and rotated through.

More tor relay operators should consider
some of the above options, whether as a
requested "bridge" service mechanism, or
listed in the consensus "contact" field, or
as more of a standalone VPNGate support,
or "ExitGate" project sort of arrangement.

Using only tor right now, a user needs to use a clearnet service
that does not scrape consensus, or one not fronted by services
doing similar to CloudFlare's spiteful default tor blocking policy,
or find a lucky exit within whatever geolocation game the clearnet
service uses, or get lucky through traditional vpn or proxy.

But those are only fun statistical hacks, not real long term solutions
to the underlying problem.

It's unfortunate that such braindead blocking, stupid policy regimes,
sites refusal to developing creative solutions [1] for so many world's
users legitimate privacy, info risk, anonymity needs... often results
in users accounts being locked out and escalated into forcing disclosure
of users private info and ID to sites to unlock them, thus exposing
users to ongoing long term fraud, cost, and stress when that info
(in most cases truly unnecessary to collect) is eventually shared
misused and stolen by both sites and criminals... or outright auto
deletion of user's valued account, built up social networks, etc...
all for doing nothing wrong, and harming no one or thing.
Death by DriveByExit :(
And really shameful to deny world's users the right to simply read
a website, be it social, commercial, information, etc or even sadly
their own tax-theft funded governmental public sites doing this
blocking too.


There are some related projects, best practice, as well...

https://trac.torproject.org/projects/tor/wiki/org/projects/WeSupportTor
https://trac.torproject.org/projects/tor/wiki/org/projects/DontBlockMe
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-access

Positive outreach and direct engagement by Tor community
is key here, and perhaps not enough of that is happening,
at least not publicly. It's a big enough issue that it really needs
a dedicated, active, allied, and even funded subproject...
a MegaProject that needs to happen.


[1] Such as forfeitable cryptocurrency and mailed-in cash
deposits refundable in time, increasing account priviledges
and features based on account age and activity, community
moderation and behaviour support within the sites, opensource
third party tracking-free local SecurImage style captcha throughout
a sites features, privacy preserving non-SMS non-Google/Apple
pure TOTP authenticator protocols, PGP recovery, letting
users simply *read* websites without any hindrance,
while utilizing these methods only for *write* operations,
etc and so many more ways you can envision...


Cc'd for awareness and inclusion. *Please remove tor-dev
and tor-relays, and move this to tor-talk or tor-access
for ongoing discussion and progress. Thanks.


More information about the tor-dev mailing list