User: Password:
|
|
Subscribe / Log in / New account

Exit node problem

Exit node problem

Posted Jun 10, 2011 22:06 UTC (Fri) by rwmj (subscriber, #5474)
In reply to: Exit node problem by Creideiki
Parent article: Phantom: Decentralized anonymous networking

I always understood that exit policies were just to prevent people connecting to port 25 (to send spam) or "private" (to attack your RFC 1918 private network). I've just checked the manual and I'm actually still unclear on whether they can be used for what I suggested ...

Maybe a Tor expert can help here.


(Log in to post comments)

Exit node problem

Posted Jun 10, 2011 22:12 UTC (Fri) by Creideiki (subscriber, #38747) [Link]

I'm no expert, but seeing as the manual says
For example, "accept 18.7.22.69:*,reject 18.0.0.0/8:*,accept *:*" would reject any traffic destined for MIT except for web.mit.edu, and accept anything else.
I don't understand what you think is lacking.

Exit node problem

Posted Jun 10, 2011 22:18 UTC (Fri) by rwmj (subscriber, #5474) [Link]

Right, but if I go to the bother of finding out and listing all the BBC's networks (in itself an ever-changing task), and list them in a long series of 'accept' statements, do those get properly propagated out to the directory?

The manual is unclear. It says that (some?) exit policies are propagated out. Long complex lists? It doesn't seem to be the intended use of this feature.

I'd want to hear it from a Tor developer, one way or the other.

Exit node problem

Posted Jun 13, 2011 19:04 UTC (Mon) by adisaacs (guest, #53996) [Link]

I'm not a Tor developer, but I follow the mailing lists somewhat.

IIUC, every unique exit policy must be propagated out in the consensus. Adding thousands of unique exit policies (one per "custom" exit node) would make the Tor consensus grow quite large, which would slow down the entire network. I *think* (not entirely certain) that end user nodes have to retrieve the consensus before establishing circuits, so it would slow down Tor startup for all users.

If I understand correctly, then it wouldn't scale for every exit node to pick its own set of allowed IPs.

Besides, how would you decide what networks to exit for? Just BBC? Do you want to allow CNN as well? How about Wikipedia?

Exit node problem

Posted Jun 13, 2011 19:34 UTC (Mon) by rwmj (subscriber, #5474) [Link]

Since the issue is I could well be arrested and have all my computer equipment seized if someone used Tor to access child porn or terrorist material from my network, I'd want to choose sites that wouldn't contain this. And I would like to push the political objectives of Tor without letting people do things that I don't approve off (it's my network access after all). So in my case it'd just be the BBC networks.

Exit node problem

Posted Jul 16, 2011 15:07 UTC (Sat) by fuhchee (guest, #40059) [Link]

"So in my case it'd just be the BBC networks."

OK, but why would someone want to use tor to access the bbc?

Exit node problem

Posted Jul 17, 2011 17:42 UTC (Sun) by anselm (subscriber, #2796) [Link]

AFAIR, the BBC's back content is officially only available to people with a paid-up British television licence. Since you can't get a British television licence unless you're in the UK, the BBC, maybe understandably, restricts access to the relevant servers to clients with an IP address that is located in the UK.

There seems to be a market for UK-based proxy servers especially to allow people from outside the UK to get at the BBC servers. Presumably using a Tor exit node inside the UK would also do the trick.

Personally I'd be happy to pay the Beeb to be allowed to access their programming from here in Germany. For all the griping the Brits do about the BBC, much of what they're broadcasting is still way better than the vile stuff we're stuck with hereabouts.

Exit node problem

Posted Jul 17, 2011 18:41 UTC (Sun) by fuhchee (guest, #40059) [Link]

"AFAIR, the BBC's back content is officially only available to people with a paid-up British television licence."

That's true, but there are two problems with that. I'm pretty sure rwmj is not interested in become a high-bandwidth multimedia proxy. Also, it is somewhat likely that he is not interested in assisting vicarious copyright infringement.

Exit node problem

Posted Jul 17, 2011 23:21 UTC (Sun) by mjg59 (subscriber, #23239) [Link]

The current legal state is that you only need a license to watch the BBC's live streams, not the back content. http://iplayerhelp.external.bbc.co.uk/help/playing_tv_pro... has more on this.

Exit node problem

Posted Jul 18, 2011 7:12 UTC (Mon) by anselm (subscriber, #2796) [Link]

OK, but you can still only get at the BBC's back content from UK-based IP addresses (for the time being, anyway). So there's a certain demand for shady arrangements that let people appear to be in the UK when in reality they aren't.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds