[tor-talk] Tapping/logging for research [was: media]
grarpamp
grarpamp at gmail.com
Mon Oct 6 09:27:12 UTC 2014
On Fri, Oct 3, 2014 at 9:18 AM, Lunar <lunar at torproject.org> wrote:
> Derric Atzrott:
>> There are some strong ethical questions in logging all traffic from a
>> relay, but I can't see any other way to get this sort of data.
>
> The answer to the ethical question is simple: this is plain wrong. You
> don't spy on people.
There's a difference between various depths of research you might
conduct and present:
- This week saw b-traffic in n-sessions to google, facebook, tor2web.
- This week there were 25000 unencrypted POP3 sessions, 20 http, 50 ssh, etc.
- This week there were 25000 unencrypted POP3 sessions to yahoo.
- 10000 from user 0000001 at yahoo, 10000 from 0000002, 5000 from 0000003.
- 10000 from USER bob at yahoo, 10000 from mary, 5000 from john.
- Hey look, mary's cheating on bob with john.
At conduction, the last three could be a problem for you and users.
At presentation, only the last two.
The sites and ISP already know exit the hits came from so that's
of no issue to users.
There's a spectrum, so you can't just throw out blanket ethic/legal
over all exit research work.
https://www.youtube.com/results?search_query=netflow+analysis
http://www.alexa.com/topsites
http://www.clamav.net/
https://www.bro.org/
Reminds me, I need to buy more splitters...
> But there's also a legal aspect to it: in many jurisdictions, as soon as
> you start looking at the traffic, you become liable for it.
Looking agnostic is one thing, probably more likely to burn your
eyes out than get legal'd for it. Talking/using [with intent] is another
thing. And of course filtering causes problems when filters fail,
endorsement is pointed at you, you look stupid, or promulgate
police states.
http://www.netnanny.com/
More information about the tor-talk
mailing list