On Tue, 01 Sep 2009 11:22:56 -0400 Ted Smith <teddks@gmail.com> wrote:
So; what should we do? Dis-allow hidden services in Tor? Or block Tor totally? =20 Banning Tor will have no effect on botnets, as others on this list have
On Tue, 2009-09-01 at 16:20 +0200, Folkert van Heusden wrote: pointed out. We should ban Windows, instead.
You raise a good point. Nevertheless, *we* aren't the ones doing the banning, rather the ISPs are (e.g., Comcast in the U.S.), and the ISPs are certainly not going to ban Windows. There's been quite a few times that, when I've called an ISP to try to get them to fix a problem on their end, I've been told that they don't support FreeBSD, which, of course, is irrelevant. I don't ask them for operating system support, just networking support on their end. Any *BSD, LINUX, Solaris, or other UNIX-like system provides far better tools for diagnosing networking problems than a typical Windows system provides. The ISPs, however, will not let customers talk with anyone at the ISP who actually administers the networking hardware or software. They only let customers talk with variously trained monkeys, none of whom have ever read any of, say, David Comer's books on TCP/IP networking, kernel design and implementation books, Cisco Systems manuals, RFCs, etc. The people customers are allowed to talk with have no clue how the Internet actually works. They have no background in it whatsoever and usually do not even have the vocabulary necessary to understand the evidence we present to them, much less follow the reasoning based upon the evidence that points to the problem. Those are the people making the decisions to threaten customers who know what they are doing and are running tor nodes, requiring those customers to stop running tor nodes. They can and do call customers who run tor nodes, claiming that the customer's computer is "infected with a virus or other malware" and/or that the customer's computer is "being used to contact botnets", and when challenged for evidence to support the claims, swear up and down that the evidence exists, but that no, they cannot give it to us and, in some cases, that they don't have access to it themselves, but that they've been sent a report by someone else (or some program) in the company that doesn't give any evidence or that the company has received complaints, of which they also cannot provide copies or other details. A rational, knowledgeable customer will get nowhere against the ignorance of ISP employees following irrational policies and procedures of their employers. The only thing I can think of that might help here is for the tor project and all tor node operators to stop refering to tor relays as "servers". The relay functions are *not* server functions any more than a Cisco router is a server. tor relays are *software routers*, not servers. I realize that a node that also has an open DirPort is providing directory services, but those services are intended for internal use by the software router network, not by humans directly. The fact that humans *can* use HTTP to query a directory server is irrelevant. The primary role of the directory servers is to serve the software routers, not humans, and therefore ought to be considered as the software router equivalent to routing table maintenance daemons. But at present, if an ISP contacts a tor node operator, claiming that the node operator is violating an acceptable use policy prohibiting "servers", a look at the tor project's web site merely convinces the ISP employee that a tor node *is* a server because that's what the web pages say it is. :-( Then they tell the node operator to shut it down or else they will disconnect the service. Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at cs.niu.edu * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * ********************************************************************** ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE