[90949] in North American Network Operators' Group
Re: Tor and network security/administration
daemon@ATHENA.MIT.EDU (Jeremy Chadwick)
Wed Jun 21 17:53:34 2006
Date: Wed, 21 Jun 2006 14:53:06 -0700
From: Jeremy Chadwick <nanog@jdc.parodius.com>
To: nanog@merit.edu
Mail-Followup-To: nanog@merit.edu
In-Reply-To: <f13ed07b0606211402ic7b4e75je3b9f02ed9ab55f3@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
On Wed, Jun 21, 2006 at 05:02:47PM -0400, Todd Vierling wrote:
> If the point of the technology is to add a degree of anonymity, you
> can be pretty sure that a marker expressly designed to state the
> message "Hi, I'm anonymous!" will never be a standard feature of said
> technology. That's a pretty obvious non-starter.
Which begs the original question of this thread which I started: with
that said, how exactly does one filter this technology?
"You can't" doesn't make for a very practical solution, by the way.
The same was said about BitTorrent (non-encrypted) when it came out,
and the same is being said about encrypted BT (which has caused
some ISPs to induce rate-limiting).
I'm also left wondering something else, based on the "Legalities"
Tor page. The justification seems to be that because no one's ever
been sued for using Tor to, say, perform illegitimate transactions
(Kevin's examples) or hack a server somewhere (via SSH or some other
open service), that somehow "that speaks for itself".
I don't know about the rest of the folks on NANOG, but telling a
court "I run the Tor service by choice, but the packets that come
out of my box aren't my responsibility", paraphrased, isn't going
to save you from prison time (at least here in the US). Your box,
your network port, your responsibility: period.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
