On Wed, 2015-08-26 at 18:51 -0400, grarpamp wrote:
http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03086usen/WGL03086USEN.PDF
IBM Advises Businesses To Block Tor
With Tor-based attacks on the rise, IBM says it's time to stop Tor in the enterprise.
New data from IBM's X-Force research team shows steady increase in SQL injection and distributed denial-of-service attacks as well as vulnerability reconnaissance activity via the Tor anonymizing service.
As best I can tell, the article refers to blocking access from the corporate network to Tor, not necessarily e.g. blocking Tor exit node connections to external corporate web servers. They also recommend things like blocking personal VPN servers. My concern is that they take the stance that allowing Tor is a liability. Sure, there are people who will abuse Tor, but the benefits of being able to access, say, Pepsi's web site without revealing you're doing so from Coca-Cola's corporate network should not be ignored. That's what Tor was originally intended to be used for, among other things. I concede it was inevitable that some would use it for evil, but isn't that true about a lot of things? -- Shawn K. Quinn <skquinn@rushpost.com>