IBM says Block Tor
Shawn K. Quinn
skquinn at rushpost.com
Wed Aug 26 19:36:55 PDT 2015
On Wed, 2015-08-26 at 18:51 -0400, grarpamp wrote:
> http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03086usen/WGL03086USEN.PDF
>
> IBM Advises Businesses To Block Tor
>
> With Tor-based attacks on the rise, IBM says it's time to stop Tor in
> the enterprise.
>
> New data from IBM's X-Force research team shows steady increase in SQL
> injection and distributed denial-of-service attacks as well as
> vulnerability reconnaissance activity via the Tor anonymizing service.
As best I can tell, the article refers to blocking access from the
corporate network to Tor, not necessarily e.g. blocking Tor exit node
connections to external corporate web servers. They also recommend
things like blocking personal VPN servers.
My concern is that they take the stance that allowing Tor is a
liability. Sure, there are people who will abuse Tor, but the benefits
of being able to access, say, Pepsi's web site without revealing you're
doing so from Coca-Cola's corporate network should not be ignored.
That's what Tor was originally intended to be used for, among other
things. I concede it was inevitable that some would use it for evil, but
isn't that true about a lot of things?
--
Shawn K. Quinn <skquinn at rushpost.com>
More information about the cypherpunks
mailing list