25 tbreg relays in directory

Scott Bennett bennett at cs.niu.edu
Thu Jul 2 01:08:43 UTC 2009


     On Wed, 01 Jul 2009 19:46:49 -0400 Marcus Griep <tormaster at xpdm.us>
wrote:
>On Wed, 2009-07-01 at 17:15 -0600, Jim McClanahan wrote:
>> I remain unconvinced that what happened in the case of "tbreg" should be
>> determining policy for the Tor project, at least as far as client
>> activity is concerned.  To the extent the people who installed really
>> didn't know it involved Tor, it seems to me that, if not technically
>> malware, it is at least a close cousin (where software creators are not
>> being up front with users).  Trying to, in effect, be the guardian of
>> such users is (IMHO) a losing proposition.

     The tbreg case combines two problems.  That combination appears to me
to be the source of some confusion and writing at cross-purposes in the
discussion.  One problem is that someone was distributing a package that
installed a bad version of tor.  This risked considerable harm not only to the
users onto whose machines it installed the bad version, but also to tor users
everywhere.  Such risks point up the need to have software that can recognize
when it has been identified as being defective and then refuse to serve in
any capacity beyond assisting in obtaining an up-to-date version to replace it.
     The second problem is that the tbreg installer may have been installing
software onto people's machines by stealth and/or misrepresentation and then
activating it.  This situation is not necessarily specific to tor and doesn't
in itself reduce anonymity gained through the use of tor.
     I think it will be helpful to the discussion if proposals of remedies,
as well as proposals *not* to remedy a problem, clearly identify which of the
two problems they address.
>
>Perhaps the better action, in the event that there is clear evidence
>that a group is using the Tor network to abuse a service provider, such
>as eBay, would be to alert them to what is happening, and help to
>provide them the tools they need to stem the tide, even if that means
>that they temporarily block the Tor network or are able to gain some
>insight into how the fraudulent activity is occurring. After all,
>providing this means is in part what the Tor DNS Exit List and Bulk Exit
>Lists are for.
>
>As well, by being forthright the Tor network could be seen as a
>generally good network, but which has bad users too, rather than being
>found as a major source of fraud after the fact and determined a bad
>network overall.
>
>Possibly out on my own limb, but that's my opinion.
>
     No, I think those are points well worth considering.  Some of them
have been discussed here in the past, but may now be due for revisiting.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************



More information about the tor-talk mailing list