[tor-talk] CloudFlare

grarpamp grarpamp at gmail.com
Thu Apr 18 23:39:42 UTC 2013


> ban the IP then unban 7 days later. If the IP falls in a
> pre-identified 'dirty' range, I never unban it.

I don't mind this approach too much. At least it leaves
some room for legitimate users to find exits. Restores
the state to open after some time. And is a bit more mature
tool in that, if you don't have accounts (which is better to
block by if you do), it's the next best way to terminate a
problem in realtime. Though I don't think I'd apply a
permaban, because whatever IP is bothering you will
eventually get pulled at the source before long. Unless their
profits come from spam, bribing Russian officials with cracked
CC's, etc.

>> We haven't considered a particular feature to bloc TOR access, but I can pass on the feedback internally.

> As you can see: Not only do they not specifically block TOR, they don't have a feature that to facilitate users blocking TOR.

Yet...

> Coffee shops are a bit difficult to block specifically, but why do you think people who block TOR don't block Romania?

I suppose it's possible they do as well. Just that as with any
userbase, knowing the effective range of their IP's may be hard.
On the other hand, maybe they do block RO indiscriminately
because they believe it to be a compellingly overwhelming
source of trouble, or simply unfathomable, from their perspective,
that a legitimate user would come from there.

For example, a year or so ago I tested an English language based
predominantly North American, slightly Euro, dating site against Tor.
Though they had no stated policy to be sure of it, from my tests it appeared
that from English speaking exit countries, Tor worked fine. If I let Tor float
or come in via say Brazil, the account would be silently deleted. This
lead to belief that they utilized the 'unfathomable' policy. Again, their
actual policy is unknown, I could have just been using unlucky IP's.
Either way, I'd very much hesitate to recommend them to Tor users who
would fear for their legitimate account, and thus any developing relations,
against that unknown. Further, people find dating hard enough without having
their employer or landlord snooping on how many kids they want, and whoever
else generally reading/storing/selling their personal bits. These sites need
to respect that. Part of which is to fully and properly enable HTTPS on
their servers and to permit their users to come from Tor.


More information about the tor-talk mailing list