Is "gatereloaded" a Bad Exit?

Eddie Cornejo cornejo at gmail.com
Sun Jan 30 06:18:43 UTC 2011


Forgive my ignorance but this seeks rather knee-jerk to me. Maybe I'm
missing something.

Everyone that uses TOR should acknowlege that all data that doesn't
use encryption before entering the TOR network. It's even in the FAQ
(https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#CanexitnodeseavesdroponcommunicationsIsntthatbad)

That means if I go to http://www.somewebsite.com I already acknowedge
that someone out there could potentially be monitoring my traffic -
regardless of whether I use TOR or not. In other words TOR does not
claim to protect against this kind of attack.

Furthermore we all acknowledge that any exit node could potentially be
monitoring our unencrypted traffic (As Andrew stated earlier "You are
correct in that we cannot detect recording of traffic.")

Finally there is no way that an exit node can directly affect the mode
choices by a client. Ie, apart from a particular node existing, there
is no way that a node could force a user to use it.

Therefore I submit that having these nodes, whether they are overtly
recording traffic or not, does not result in any harm to the TOR
network. In fact, their presence lessens the burden on the TOR network
as they are providing much needed bandwidth.

In addition, if a user was to attempt to use encryption then another
entirely separate exit node will be used instead (one that has a
policy that allows traffic on the specific port) So the user isn't
inconvenienced or forced to use an insecure protocol.

So, what's the threat? Why are you considering banning these nodes
when, by all accounts, I cannot see them having a negative impact on
the network as a whole (in fact, it's probably a positive influence)

FWIW, none of these nodes are mine. I used to run an exit node but I
don't any longer (with my new Internet connection speeds it's not
worth it)

Eddie

On Sun, Jan 30, 2011 at 15:57, Mike Perry <mikeperry at fscked.org> wrote:
> Thus spake Mike Perry (mikeperry at fscked.org):
>
>> Thus spake Gregory Maxwell (gmaxwell at gmail.com):
>> > As far as that exit policy goes, the RFC1918 blocks might be there in
>> > an ignorant attempt to trigger the exit flag for completely benign
>> > reasons, though sniffing sounds more likely.
>>
>> I agree. We already have scripts to detect this, we just have not yet
>> decided to actually use them yet. I believe we should.
>>
>> Currently, 5 nodes exit to *only* plaintext ports for web and email.
>> There are about 50 others that exit to the plaintext versions for web
>> or email.
>>
>> I believe we hould ban these 5 immediately, and consider banning the
>> other 50 after issuing the appropriate announcements.
>
> Sorry, the 5 are:
>
> NOTICE[Sat Jan 29 20:56:43 2011]:Nodes allowing plaintext but not secure:
>        ElzaTorServer=009E71AED2C5580E942AC1743D1C440C5B2C459E
>        QuantumSevero=4BF2F90E6E1905E2FB4F371E471422150D722A93
>        gatereloaded=550CC9724FA77C7F9260B93989D22A70654D3B92
>        oompaloompa=775DF6B8CF3FB0150A594F6E2B5CB1E0AC45D09B
>        oompaloompa2=BABBF0694251E5AFF7BF3A0A02EFDC12CB99B05F
>
>
> --
> Mike Perry
> Mad Computer Scientist
> fscked.org evil labs
>



-- 
Eddie Cornejo

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT d? s: a C+++ UL+++ P++ L++ E- W+ N- o K- w++
O M-- V PS+ PE Y PGP++ t 5 X+ R tv-- b+ DI++++ D++
G e++ h r+++ y++++
------END GEEK CODE BLOCK------
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list