Opened 4 years ago

Closed 3 months ago

#14349 closed task (wontfix)

Tackling the Tor fear

Reported by: Traumflug Owned by:
Priority: Medium Milestone:
Component: Archived/Development Progress Version: Tor: unspecified
Severity: Normal Keywords: archived-closed-2018-07-04
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

It's about this blog post and my experience with acting instead of begging for money:

https://blog.torproject.org/blog/call-arms-helping-internet-services-accept-anonymous-users

Comments are disallowed there, but I have to offload my experience somewhere, I'm exhausted and short of smashing the screen.

As of yesterday I run a Tor relay and the clear experience is that running the relay as an exit node severly prohibits network operations. Even when connecting the same way I did before, with the same IP address.

Side note: even this site suddenly considers all my actions as being spam, I have to solve captchas all the time.

I saw this speech at 31C3 and spontanuously decided to run such a relay. Jacob Applebaum said he wanted to have thousands of nodes, so all support to him and his plan! I have only one Mbit/s, but certainly more than nothing. The relay runs on the router through which my PCs connect to the internet. OpenWRT provides a nice package, setup was done in a few hours (could have been faster if docs weren't that contradictionary).

First I had to learn that Freenode blocks exit nodes. They ask you to block ports 80, 443, and all IRC ports, making the relay pretty much a non-exit node. So I subscribed to the tor-relays mailing list and asked for advice there. General answer: "learn reading!" "You're too dumb to understand this!" "Connect through Tor!" Now, I want to contribute to Tor, no plan on using it myself.

One kind person gave me the link to the blog post above, which describes exactly what I want to tackle. But you see? Even on Tor lists you get flamed by 4 of 5 users. Zero attitude to enhance the situation.

So I made my relay a non-exit relay (adding the reject *:* rule) and connected to Freenode again. Answer there: "We're not going to change this!" "Learn reading!" "It has technical reasons you don't understand!". Without telling much about these technical reasons, of course.

Now, regarding being dumb, I use the internet since befor the WWW was invented and admin a few smaller sites. I think I do know what's possible and what not.

Freenode allows connections through Tor using a hidden service. But they do not allow to use the very same service from the very same IP address when not connected through Tor. When using Tor they request to connect by SASL authentication, but they claim they can't do the very same for non-Tor connections from the very same IP address. Exit nodes would change their IP address all the time, something like that. It's hard to imagine any techical reason for this besides a severe insuffiency in their IRC software.

Regarding enhancing their software they say: "we're working within the confines of the software we've decided to use, and which is generally good for our and our user's needs" In other words: "we don't even think about enhancing this software and even if you did for us, we'd send you away".

I'm exhausted. Except for this blog post, flaming everywhere. Even on the Tor lists. How is a plan as laid out in the blog post and laid out by Jacob Applebaum going to fly? How are people expected to run an exit-relay without buying dedicated hardware with a dedicated IP address? I see ZERO chances to get this generally off the ground.

Child Tickets

Change History (2)

comment:1 Changed 10 months ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

comment:2 Changed 3 months ago by teor

Keywords: archived-closed-2018-07-04 added
Resolution: wontfix
Status: newclosed

Close all tickets in archived components

Note: See TracTickets for help on using tickets.