Is "gatereloaded" a Bad Exit?
John Case
case at SDF.LONESTAR.ORG
Mon Feb 14 21:49:37 UTC 2011
On Mon, 14 Feb 2011, Aplin, Justin M wrote:
> Although I've been keeping out of this argument for the most part, and even
> though I'm leaning towards seeing things Mike's way, I just wanted to comment
> that I've actually been in an environment like this several times, once at my
> previous university, and once working for a local government organization. As
> asinine as such reasoning is on the part of the network administrator (or the
> person who signs their checks), I can see why the *ability* to run strange
> exit policies could be a good thing, and should be preserved in the software.
Thank you for this anecdote.
> However, I see no reason why providing an anonymous contact email would be so
> hard. Certainly if you're going out of your way to avoid [insert conspiracy
> of choice] in order to run a node, you have the skills to use one of the
> hundreds of free email services out there? I don't think asking for a tiny
> bit of responsibility on the part of exit operators is too much to ask, and
> I'm amazed that "allow them to continue to function as middle nodes until
> they explain why their node appears broken or malicious" is continually being
> turned into some kind of human-rights violation.
Please chime in here if you have ever set up a _real_ nym to use under a
real threat ? I mean, wore a hoodie and sunglases to the market, bought a
burner, got online anonymously, cultivated a persona (in about 10-15
mins), and then threw out the phone.
I can tell you that:
a) transaction costs and time overhead for this are extremely high -
really, really terrible
b) it is VERY VERY quick and easy to nym-leak, even for smart people, even
when they are trying hard
c) this strategy is an all or nothing one - either you get it completely
airtight, end to end, every time, or you walk away from the identity. You
don't just sit on your couch and surf over to the remailer site.
Why am I boring you with this ? Because you keep rationalizing this
policy with these off the cuff, throwaway remarks about "just do this", or
"I would just set up ..." when in reality you have NO FUCKING IDEA what
you are proposing or suggesting. It's not easy to create or maintain
these structures in real life, and people that need this are in literally
life or death (or at least free or jail) situations.
Why don't we just tell people to get a half-rack and a gigE port at 1
Wilshire and be done with it ? That's what _I'd_ do, after all.
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list