[tor-talk] Private Exits
Jason Evans
jsevans at emailme.cz
Sun Jun 28 07:50:55 UTC 2020
The purpose of this email is to describe a solution that doesn't exist
but could. The technology is available, it just hasn't been created yet.
The current Tor network:
Alice uses Tor Browser to connect to mywebsite.com.
Tor Browser connects to a guard note, then a middle node, then an exit
node. mywebsite.com only sees the IP from the exist node and Alice
remains anonymous.
However mywebsite.com knows that the IP is from an exit node and at
first, it just annoys her with puzzles, then eventually it blocks her
altogether. She tries exit node after exit node and sometimes it works,
sometimes it doesn't.
Alice uses Tor Browser to connection to mywebsite.onion
Tor Browser connects to a guard note, then a middle node, then to
mywebsite.onion. mywebsite.onion only sees the previous hop but nothing
else and Alice remains anonymous.
The Tor network with Private Exits:
Alice uses Tor Browser to connect to myexit.onion.
Tor Browser connects to a guard note, then a middle node, then to
myexit.onion. myexit.onion provides a portal to the internet via a web
interface similar to a VNC session. myexit.onion is not recognized as a
Tor exit node and Alice can then go to mywebsite.com without any extra
harassment.
Private Exits would exist primarily as a stand alone software
application. They would provide the user with a web interface that would
require uploading a public key to authenticate (similar to SSH). Each
Private Exit would normally have a 1:1 User/Owner relationship but it
wouldn't always need to be like that.
More Examples:
Pedro is a journalist inside of a country with stringent internet laws.
He connects to pedrowork.onion. This Private Exit is located at his
office in New York. He has complete access to the full Internet.
VPN Provider Iheartanonymity.com creates a shared Private Exit for their
paid subscribers. mywebsite.com sees users coming from a VPN provider
but they don't hold them in the same regard as Tor users.
Iheartanonymity.com only sees a small portion of the traffic that they
would see from hosting a traditional Exit Node and without the worries
about treated like one.
Suggestions appreciated. I am not a developer and even the simple bash
scripts that I write are so bad that they are a crime against humanity.
I'm just hoping to maybe throw out some ideas for someone else to implement.
Best Regards,
Jason Evans
More information about the tor-talk
mailing list