RE: [Fsuk-manchester] MFS Tor node

[Pete Morris]

Tor exit nodes are a recipe for headache if ever there was one. If you want a 
nice, quick, does-what-it-says-on-the-tin method of getting MadLab raided by 
GMP on a regular basis and eventually shut down, a Tor exit node will suit you 
down to the ground.

Consider what an exit node is: it effectively acts as a proxy server for people 
who don't want anyone to know what they are looking at. For every freedom 
fighter you will find 100 warez and kiddie porn users. Trying to prove that the 
exit node is not your personal traffic is down to you, and although the EFF 
have a few interesting case-study letters to try and amuse the authorities 
with, when you are sat in a cell you are unlikely to have access to their 
website to download them.

The only person I know who runs an exit node does so on a device that cannot be 
traced to them. I investigated running one for a while in my early days and was 
firmly advised to not touch it with a bargepole.

This is a great shame, as in principle Tor is a superb idea, and obviously 
there is a world wide shortage of high quality exit nodes (by that I mean exit 
nodes that don't themselves packet sniff all traffic going through them to try 
and fish out passwords). However, it's a bit of a no-win situation. To run a 
high quality Tor exit node, you need:
a) high levels of resources, such as bandwidth;
b) high levels of guarantee that your own route between your ISP and "the 
internet backbone" (if you'll excuse my poor metaphors) isn't contaminated by 
government activity (being a top-level ISP such as BT helps);
c) high levels of cash to pay off the authorities and/or enough legal or 
corporal clout to get them to leave you alone.

MadLab strikes me as being an organisation that doesn't have an excess of any 
of those.

Tor exit nodes are one of those ideas rather like joining the 
BNP/EDL/UAF/<insert random extreme political group>, which whilst you are all 
passioned-up about the cause seems the way forward ... but in the cold light of 
day, you think to yourself, "actually I should have kept my head down :("

Pete



-----Original Message-----
From: address@hidden [mailto:address@hidden On Behalf Of Jon Spriggs
Sent: 19 August 2010 00:30
To: Mark Reynolds; Manchester Free Software
Subject: Re: [Fsuk-manchester] MFS Tor node

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Running a bridge or an entry node seems like an OK idea, but running an exit 
node is likely to cause problems for all the users at MadLab.

As a fairly habitual attendee at MadLab, I think I'd prefer not to have the 
internet feed overly used for this. That said, I agree with the use of Tor on 
the whole, and I was considering running a tor exit node for a while, but on a 
VPS rather than at, what is effectively a community centre.

What would probably be a better idea would be to show how one would setup a 
hidden service, how to use tor (as white noise to mask the people who *need* to 
use it) and to let people make their own decisions about entry and exit nodes.

I'm more than happy to help give this as a talk at some point (but not until at 
least November please! There's too many other events going on this month and 
next, and I'd like to give my wife at least a relatively undisturbed October!) 
That said, I'm sure there's likely to be some better informed about services 
like Tor within MFS.

"Mark Reynolds" <address@hidden> wrote:

>What do people think of setting up a MFS Tor node in Mad Lab to show
>in a practical way how free software can help foster freedoms? With
>Internet censorship and recently the threat to secure communications
>on Blackberrys by a number of countries and talk of a crack down on
>Wikileaks privacy -enhancing software that helps protect whistle
>blowers, human rights advocates, etc is more important than ever.
>
>As I'm sure you're aware this technology helps a lot of people in all
>kinds of situations
>https://www.torproject.org/torusers.html.en
>makes interesting reading.
>
>There is a potential for abuse but this is fairly low anyway and the
>exit policies can be configured with bandwidth limits and what
>services to allow e.g. POP3, SSL, etc.
>
>In terms of the type of node bridges use less bandwidth and are
>important in allowing people in countries with censored Internet to
>get on the Tor network. Relays increase the speed of Tor overall and
>exit nodes are always in demand.
>https://www.torproject.org/faq.html.en#RelayOrBridge
>
>Hardware wise it could be run on an old donated computer. Assuming Mad
>Lab or someone else would be willing to provide a home for it it
>should be fairly straight-forward to setup.
>
>What are people's thoughts and opinions on this?
>
>--
>"To win one hundred victories in one hundred battles is not the
>highest skill. To subdue the enemy without fighting is the highest
>skill."— Sun-Tzu
>
>_______________________________________________
>Fsuk-manchester mailing list
>address@hidden
>http://lists.nongnu.org/mailman/listinfo/fsuk-manchester

- --
Jon "The Nice Guy" Spriggs
Sent from my mobile device, therefore, please excuse any typos or gramatical 
errors.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.0.7

iHgEAREIADgFAkxsbQYxHEpvbiBTcHJpZ2dzIChKb25UaGVOaWNlR3V5KSA8am9u
QHNwcmlnZ3Mub3JnLnVrPgAKCRBGx7s2fCjlZec1AJ97LT4LbXNvgS1Ykp76vAe8
aGeclACfbQwyNDShTUE3LLXW24MAERvFDJQ=
=/JMx
-----END PGP SIGNATURE-----


_______________________________________________
Fsuk-manchester mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/fsuk-manchester