[tor-relays] Comcast blocks ALL traffic with tor relays
tor admin
j_tor at wilkensteen.org
Mon Jun 12 15:25:57 UTC 2023
If we could get EFF to announce a boycott of any corporation known to
act maliciously against Tor or other privacy-friendly technology (such
as VPNs), that would go a long way.
I will also write to EFF. I have donated money to them, so maybe they
will listen. If they won't support a boycott directly, maybe at least
they will comment on the issue publicly, and that would help launch a
boycott.
If will also help to get an official communication from Comcast saying
they are blocking Tor. If they won't admit this, it makes it that much
harder to fight. I can't do this as I'm not a Comcast customer. Are
there any Comcast customers that can get a Comcast rep to admit, in
writing, that this is happening?
On 6/12/23 10:50, s7r wrote:
> xmrk2 via tor-relays wrote:
>> Any ideas on how to combat this? I was thinking about including some
>> false positives in tor relay list. Imagine including some Google
>> servers' IP addresses - Comcast customers suddenly cannot connect to
>> Google, unless Comcast stops this blocking... or simply whitelists
>> Google. But those false positives sound ugly and a bit malicious, not
>> sure it is a good idea.
>>
>
> This sucks big time, if true. I am trying to ping Comcast from a
> middle relay IP address and it seams, to work, I guess you mean
> AS33651 - Comcast Cable LLC. Anyway, it could be, at latest consensus
> there is no single relay (middle or exit) hosted in AS33651.
>
> I am not sure about the false positive solution, I see only downsides,
> including but not limited to:
>
> - it's not ethical for Tor Project to do this, e.g. stating another
> company's infrastructure (say Google IP address space) is part of a
> network when in fact its not. I get it that the goal is privacy
> oriented and in good faith (freedom faith) but it seams rather
> inappropriate;
>
> - there is no evidence that a blocker might use a list of relays
> provided by Tor Project's metrics portal (I am confident nobody does
> it because it's less effective) - they can just run a Tor client and
> get a copy of a consensus and extract from there IP:PORT IPv6:PORT and
> do from there whatever they please;
>
> - if you include such false positives in the consensus you have to
> simulate dummy Tor relays on those "hot" IP addresses, like providing
> an onion key, RSA identity and ed25519 identity, thus looking like a
> relay, state some bandwidth for it, etc - in this case how will a Tor
> client know which relay is dummy and which not, in order not to try to
> establish circuits that fail, ultimately producing a terrible user
> experience for all users. Same applies for other relays, not just
> clients, that need to produce connections with the dummy relays. If we
> somehow mark them as "dummy", it will be pretty stupid and obvious and
> waste of effort as the blocker can simply understand the "dummy"
> marker and it's done, I guess it's pretty obvious.
>
>> I already wrote about this publicly, and also wrote a mail to EFF.
>> Hope I am not spamming, I feel this is quite important issue and am a
>> bit frustrated by the lack of attention it gets.
>>
>
> Not at all, this is very interesting and not spamming at all. I think
> it is unacceptable for this to happen, and I think all Comcast
> customers should quit if this is true - large internet corporations
> are trying to move on from "IP address identifications" as in only a
> beginner that discovered the internet one week ago still thinks of the
> IP address as "identification of a certain individual / entity",
> everybody is moving to advanced layers of authentication on per device
> basis, cryptographic public key, etc. Comcast if they do such a thing
> they set themselves 25 years behind the industry they operate in. And
> this can create many unwanted effects, someone should try to do
> something about this but I am not sure what we Tor volunteers *can* do
> to help with this, especially the ones that are not Comcast customers.
> EFF is the best start IMO.
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
More information about the tor-relays
mailing list