[tor-talk] Torrents real-time and dynamic blocklist

Aymeric Vitte vitteaymeric at gmail.com
Tue Oct 13 06:46:38 UTC 2015


Well, please read the study and comments from others before posting, 
some had the same "doubts" and "snake oil"/"paying" concerns 
(torrent-live is open source and you can build your blocklist free of 
charge), they are addressed there

Does it happen that exit nodes get notices? Yes

We are not talking about port 6881 or > 50000, we are talking about 
dynamically blocking TCP connections to bt dangerous spies

And no, the method can not be fooled/flooded like this

Le 13/10/2015 01:59, sh-expires-12-2015 at quantentunnel.de a écrit :
> On Fri, Oct 09, 2015 at 07:05:08PM +0200, Aymeric Vitte wrote:
>> Anyway I don't think that's really of the interest of this list except
>> that some exit nodes operators might envision to use something like the
>> dynamic blocklist, if some are often bothered by notices/letters we can
>> propose a trial to see if the list is adapted, which we think it is.
> You are pretty right, your information isn't useful for anyone at all,
> why would a operator of a exitnode allow a third party to control
> his exit policy? Even partly, bad idea.
>
> If and exit gets staturated by such traffic, it can reject
> the default ports, like 6881 and the like, and Port-Ranges > 50.000,
> that will provide much better results.
>
> He could reject much more, without limiting usability of Tor.
>
> If the few torrent-tracker operators would understand, that not
> being able to scrape their trackers from a exit node is beneficary
> for them too, we actually could achieve something here.
>
> Anyway, given the distributed approach, protocols like BitTorrent, your
> blacklist can only provide a false sense of security (the best case).
> The problems, like being flooded by an adversary, I have addressed in
> the previous posting. ;)
>
> My coworkers and I call such services, either a racket or snakeoil.
>
> The problem, of being held accountable for torrenting are much better
> addressed by using a VPN. Since the law is different for most of
> the pariticipants of this list, in some countries you can still download
> without any problems, problematic is uploading (distributing) stuff
> other than your own, or wich is covered by libre licenses.
>
> If you, wrongly, got held accountable, ask the lawyer form rightscorp,
> if their network services are secured against routing attacks, and how they
> tend to proof that the origin is really you out of your network, that
> hasn't such measures (like sourceroute verification).
>
> If you still want to throw money, throw it either at your local tor-
> organisation, the tor-project or the folks producing a libre torrentclient.
>
> Sorry, for giving you the impression, that I may address you Ayms, I am
> adressing all the other people, that may consider your approach of a
> centralized entity (blacklist) for clients using protocols or networks
> like BitTorrent or Tor, that are somehow distributed.
>
> I don't see peersm adressing any r/l issues, that are adressed by other
> approaches at all.
>
> P.S: This list needs a policy for advertisng paid services, like
> $1 per distributed message paybale to the torproject ;)

-- 
Peersm : http://www.peersm.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms



More information about the tor-talk mailing list