[tor-talk] Are squid proxies acceptable on exit nodes?

Roman Mamedov rm at romanrm.net
Mon May 9 14:48:57 UTC 2016


On Mon, 9 May 2016 16:28:33 +0200
Andreas Krey <a.krey at gmx.de> wrote:

> To me it looks like the tor exit is using a squid
> proxy - is that an acceptable thing to do as a
> relay operator?

Squid itself is just a tool, sure it can cache, it can log all requests, but is
it configured to do so? Not necessarily so.

On the other hand it has very advanced filtering capabilities and ACLs by
hostname/URL/destination IP/etc (including regexp support), and maybe that's
why it's being used -- to block some of the simplest cases of malicious
behavior?

You could ask whether or not applying any filtering strips the exit node
operator from their "common carrier" status (if there was any in the first
place), but that's another question, and one that should be more troubling for
the exit node operator, not for its users.

As it stands, I'd say the mere presence of Squid does not equate "evil", it
all depends on how it's set up and what it's being used for.

-- 
With respect,
Roman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20160509/7a74e8e2/attachment.sig>


More information about the tor-talk mailing list