SORBS still sucks (was: Connections to botnet masters)
xiando
xiando at xiando.com
Mon Aug 27 21:30:22 UTC 2007
> Some times ago we have a thread about SORBS and many exit nodes were
> listed in this DNSBL with the attribut "trojan hacked". Conclusion of
> the thread was: "They have no glue!"
They still have no clue.
> Google sometimes does not work with several exit nodes and give you the
> message "You may have a virus or malware, please clean your computer!"
> (or something like that).
I use http://www.scroogle.org/ to search Google, regardless of doing so
through Tor or not. And they don't have this connection limit mikey mouse
bullshit Google has. It also shows 100 results pr. page by default (so you
don't have to add num=100 when searching Google, which is their max pr. page)
and the page layout is way cleaner. I've also e-mailed a bit with mr. Brandt
(who runs him) and I trust him (which is no reason why you or anyone should,
but hey, if you use Tor then you don't need to).
> I have changed the exit policity of my node and now it is no longer
> listed in SORBS and works fine with Google. May be, this is not a good
> solution. Any other suggestions?
My personal opinion is that you should simply educate people on how SORBS
blacklists huge IP-ranges and huge amounts of IPs based on absolutely nothing
and that 90% of their blacklist is totally innocent IPs. I used SORBS until I
became aware of this, now I know and now I don't use them - and I always
mention this if people ask me what blacklists they should/shouldn't use.
Let SORBS blacklist whatever they want. Just document it and tell people about
it and when enough people know and nobody uses it then it doesn't matter if
they and their 5 users are blacklisting the whole internet.
--xiando(tm).
More information about the tor-talk
mailing list