[HN Gopher] Help Censored Users - Run a Tor Bridge
___________________________________________________________________
Help Censored Users - Run a Tor Bridge
Author : News-Dog
Score : 174 points
Date : 2022-03-05 10:01 UTC (13 hours ago)
(HTM) web link (blog.torproject.org)
(TXT) w3m dump (blog.torproject.org)
| chockchocschoir wrote:
| Another thing that would help us who are digging around in
| Russian infrastructure right now: Host Tor exit nodes from
| residential IPs in Russia. This comes with the risk of exposing
| yourself though, but you do help a lot of individuals and groups
| to be able to access resources we wouldn't be able to otherwise.
| Again, this is risky so don't do this unless you know what you're
| in for.
| ignoramous wrote:
| The easiest bit is right at the bottom:
|
| _If you 're not technical enough to run a bridge, but want to
| help censored users, there are other ways you can help:_
|
| _Run a Snowflake proxy. You do not need a dedicated server and
| can run a proxy by simply installing an extension in your
| browser. The extension is available for Firefox and Chrome. There
| is no need to worry about which websites people are accessing
| through your proxy. Their visible browsing IP address will match
| their Tor exit node, not yours._
|
| Link to the extensions from: https://snowflake.torproject.org/
|
| One can also host snowflake on servers:
| https://gitlab.torproject.org/tpo/anti-censorship/pluggable-...
|
| Or, integrate in a website:
| https://gitlab.torproject.org/tpo/anti-censorship/pluggable-...
|
| Or, embed in iframes: <iframe
| src="https://snowflake.torproject.org/embed.html" width="320"
| height="240" frameborder="0" scrolling="no"></iframe>
| btdmaster wrote:
| Going directly to the iframe link works too:
| https://snowflake.torproject.org/embed.html
| kzrdude wrote:
| I needed more explanation to decide whether it was smart to
| install and understand it more. I found this explanation:
|
| https://www.zdnet.com/article/tor-snowflake-turns-your-brows...
| Eduard wrote:
| This criticism makes it seem that Snowflake is a great arrest
| honeypot:
| https://www.hackerfactor.com/blog/index.php?/archives/944-To...
| [deleted]
| nfriedly wrote:
| I've been meaning to do this for a while, so thanks for the
| reminder!
|
| Now that I set it up, how do I know if it's doing anything? The
| logs show it bootstraped up to 100% then figured out my IP, and
| the last line says
|
| > Self-testing indicates your ORPort [my IP]:9393 is reachable
| from the outside. Excellent. Publishing server descriptor.
|
| Glancing at my router doesn't show any appreciable uptick in
| traffic. I see a brief spike that hit ~10% of my bandwidth, then
| it went back down to near zero usage. (I have a static IP and a
| decently fast symmetric internet connection, fwiw.)
| whyleyc wrote:
| You can install "nyx" to check what's going on:
|
| https://nyx.torproject.org/
| nfriedly wrote:
| Thanks!
| westernboy wrote:
| [deleted]
| moffkalast wrote:
| With this one simple trick, you too can turn your local network
| into a cesspit of cybercrime!
| westernboy wrote:
| Cool! --- I won't do it till I read all the docs.
| ravenstine wrote:
| I'm pretty pessimistic about Tor and if I were to run a bridge or
| relay I definitely wouldn't run it locally. If you're going to
| run one, you might as well host it remotely so that there are
| extra steps in a state figuring out that you are trafficking
| other people's data. By design, governments can figure out that
| you're using Tor and what your "role" is, which is bad for both
| the users and those hosting bridges.
|
| What we should be doing is encouraging people to use I2P and
| making it as accessible to the public as Tor (and even more so).
|
| Why I2P over Tor?
|
| - All nodes have the same role, so there's no distinction between
| nodes in terms of whether they are an entrance relay or any other
| user.
|
| - It's not designed to be a clearnet proxy, thus there are no
| "exit" nodes although hidden sites (aka eepsites) can of course
| be made to forward requests to the clearnet.
|
| - I2P has a sort of DNS system built-in that Tor lacks.
|
| - A totally separate or private P2P network is much easier to
| form with I2P than Tor.
|
| - Hidden sites are faster on I2P than on Tor.
|
| - I2P didn't come out of DARPA.
|
| - Torrents that are totally internal to the network and don't
| rely on clearnet trackers or DHT.
|
| Above all, if you have this concept of an "exit" node then it's
| feasible to observe exit nodes and correlate traffic to a
| clearnet destination with individual users. Depending on the
| regime a person is subject to, their use of Tor can potentially
| backfire on them because the flawed network design.
|
| The concept behind Snowflake seems really cool, and maybe it
| works out for a lot of people in the short term. It is, however,
| potentially adding vulnerability to the network by virtue of
| adding another layer of complexity. Any time you add complexity
| to a system, you are creating potential for something to go
| wrong. With Snowflake you are, again, asking for people to
| identify themselves as Tor bridges (effectively) and neither the
| Snowflake bridge or the client are benefiting from a darknet
| connection when talking to each other because they're using
| WebRTC. WebRTC can of course be used to leak IP addresses.
|
| However, I cannot seem to find the source for the Snowflake
| browser extension anywhere. This is concerning in and of itself.
| Does anyone know where it's located? The page for it on
| addons.mozilla.org does not link to a repo, and the Gitlab repo
| for Snowflake doesn't appear to include any code for packaging a
| browser extension. I would not install a browser extension that
| doesn't have an available source no matter who it's coming from.
|
| If we want censorship-free communication that's as anonymous as
| can be, then give up on a formalized way of accessing the
| clearnet and prefer internal networking rather than running
| glorified VPN proxies.
|
| Tor sucks all the oxygen out of the room while having not
| adequately addressed the serious flaws in its design.
|
| Although I know there are reasons why people would be interested
| in running at Tor bridge and using Tor right in this moment, in
| the long term, we'd be of better help to the world if we worked
| on bettering and promoting a network project that is overall
| better for the censored user in the long term. People should be
| as aware of I2P as Tor and it should be extremely easy to use it.
| We should also make sure there's plenty of good content available
| on the I2P network (yes, I am gradually working on this).
|
| I2P implementations:
|
| - https://github.com/i2p/i2p.i2p (the official Java based
| implementation)
|
| - https://github.com/PurpleI2P/i2pd (a C++ implementation that is
| also used to make I2P available on Android)
| almog wrote:
| What would be an easy and economic way to run a Tor Bridge/s on
| AWS?
|
| I have few hundred bucks left in credit that will expire in a few
| months and no plans to use it
| corint wrote:
| I would suggest looking at Lightsail, if your credits stretch
| that far. The included 1TB+ of bandwidth is the reason for
| that. Bridges would typically see much more bursty traffic
| compared to relays or (especially) exit nodes; this does mean
| that the burst CPU credits on Lightsail (or the t-series EC2
| instances) would pair up nicely.
|
| I'd also suggest running in as many AWS regions as you're able,
| so that there isn't a lovely block of bridges all in one
| region.
| almog wrote:
| Thank you! I haven't used Lightsail yet, so in addition to
| doing something meaningful with the credit, it could also be
| a good learning experience.
| bannedbybros wrote:
| cebert wrote:
| If I were to run a bridge is there absolutely no way I'd get into
| trouble if someone using Tor was looking at child porn or hacking
| someone?
| nacs wrote:
| If you ran an exit node, it's possible but bridges are just the
| entry points and are ok.
| bawolff wrote:
| Only if the entire tor network was criminalized. Generally
| bridges don't see what traffic goes over them (its encrypted)
| and the exit node is not able to link which bridge the request
| came from. So specific activity should not be linkable to your
| bridge.
|
| That said IANAL this is not legal advice, yadda yadda.
| the_duke wrote:
| Hetzner has very cheap cloud servers with generous traffic
| allowance.
|
| See https://www.hetzner.com/cloud
|
| Last time I asked they were officially OK with users running
| bridge and exit nodes.
|
| Consider doing that if you'd rather not expose your home IP to
| scrutiny.
| AnonC wrote:
| The Tor Project currently recommends not using Hetzner, among
| others, since there are many nodes there already. [1] I haven't
| read the complete reasoning, but remember this one being around
| for sometime.
|
| [1]: https://community.torproject.org/relay/community-
| resources/g...
| waffleiron wrote:
| When someone controls a signification amount of nodes they
| can start to de-anonymise users by using correlation of entry
| and exit node. I ran a relay for 6 months now (as one of less
| than 5 people on my AS) and haven't run into any of the
| problems others have seen, those problems seem mostly related
| to running an exit node.
| BrBone wrote:
| In Russia even obfs4 not work properly. Today is working tomorrow
| you request a new bridges and it is not working too. After 30
| attempt it work or loads very slow. You must be really persistent
| and a little tech-savvy to make something work. I was almost
| desperate but I got lucky. Its not just install a proxy
| extension.
| jerheinze wrote:
| Have you tried snowflake instead?
| pluc wrote:
| I did this during their last recruitment drive. My bridge sat
| there unused for 3 weeks. Then I stopped cause I didn't see the
| point.
| donohoe wrote:
| Is there any actual data on the types of people that use Tor?
|
| I know by the very nature of it, that's not a practical ask.
|
| I can't help but think that despite Tor's good intentions it's
| just not being used for legitimate use.
|
| Every story I've read really relies on anecdotal stories. If feel
| better having a clearer sense of the real userbase.
| 3np wrote:
| My impression is that a large portion of the _traffic_ on Tor
| is malicious in some way, but originating from a very small
| portion of the users. It 's a noisy minority. Just like the
| vast majority of sent e-mail is from criminal activity[0] and
| the comment section on news sites doesn't represent the
| readership fairly.
|
| An easy thing we can all do to help improve that is to use Tor
| for legitimate every-day use, even when you have nothing to
| hide.
|
| [0]:
| https://en.wikipedia.org/wiki/Email_spam#Statistics_and_esti...
| ttybird2 wrote:
| Please remember that doing so might get you in trouble
| https://yanmaani.github.io/does-council-regulation-eu-2022/3...
| estaseuropano wrote:
| Now I'm not a lawyer but very familiar with EU legal texts.
|
| Firstly, the part s/he quotes at the beginning is from the
| preamble/recitals, essentially intention statements,
| explanations and background. This is not in any way legally
| binding, but a court would use it to interpret the articles.
| The articles are what matters
|
| And then we get in the messy things: article 12.
|
| > It shall be prohibited to participate, knowingly and
| intentionally, in activities the object or effect of which is
| to circumvent prohibitions in this Regulation including by
| acting as a substitute for natural or legal persons, entities
| or bodies referred to in Article 2e(3) or Article 2f, 5, 5a,
| 5b, 5e, 5f or 5h, or by acting to their benefit by using the
| exceptions in Article 2e(4), 5(6), 5a(2), 5a(5), 5b(2), 5b(3),
| 5e(2) or 5f(2).';
|
| Eu law tends to be intepreted conservatively. Its not like US
| law which is largely case law - in EU law, except for
| judgements by the ECJ, the measuring stick is the legal text
| and intention, not a wide interpretation that extends the
| actual text as you might do in the US.
|
| So e.g. if users can upload text or video on your service and
| do so to spread/share RT propaganda, you would certainly not
| need to fear anything directly unless you notice/are told its
| there and then don't take action (different rules for large
| platforms though).
|
| Similarly, a VPN or tor node has many functions. Unless you
| actively and intentionally host such content or explicitly
| advertise or distribute it (think e.g. a Popcorntime for RT)
| you would not expect sanctions.
|
| Problem beyond this is that the EU is 27 legal systems. The
| intention of this regulation is to empower national media
| regulators to take action against the propaganda anf lies
| spread by these state media. So while the regulation applies
| directly, each national law might have slightly different ways
| of implemeting this. E.g. Poland might take a much stricter
| view than Portugal, in line with national media regulations.
| lucb1e wrote:
| Since it's also illegal to help a criminal in their act, there
| are already a hundred laws that could be explained in the same
| way.
|
| This relay only accepts and sends encrypted traffic and you (as
| entry node) will not know what is being transmitted. It's
| encrypted with a key you simply do not have, you're just
| forwarding it for people that could otherwise not reach the
| entry nodes. From my point of view this is the safest thing you
| can do for the Tor network.
| 3np wrote:
| As I wrote here when it came up, with that interpretation
| suddenly anyone facilitating communication (including ISPs not
| fully blocking access to anyone who does) is in trouble. You'd
| basically need to ensure full compliance from anyone you're
| peering with or forwarding communication from. So E2EE without
| TPM-enforced client-side scanning or relaying clear-text
| messages without the same or server-side filtering would be
| trouble.
|
| Good luck squaring that with being GDPR-compliant for any real-
| world business use-case...
|
| As formulated that would hopefully not hold up in court.
|
| https://news.ycombinator.com/item?id=30537464
| Terry_Roll wrote:
| It would be easier for the TOR project if there did scripts and
| distro's for different devices. What surprises me the most, is
| this would seem ideal for the raspberrypi and other SBC because
| one could be setup and then just left to run.
| 3np wrote:
| https://www.torbox.ch
| mhitza wrote:
| I don't run a node but I have the Snowflake plugin installed in
| Firefox.
|
| It seems to be an uptick in Tor activity, as yesterday alone it
| served over 30 different clients. While last year it would hardly
| get any.
|
| Upgraded to better ISP since, in case that makes a difference how
| proxies are chosen.
| lucb1e wrote:
| For those like me who are not familiar:
| https://gitlab.torproject.org/tpo/anti-censorship/pluggable-...
|
| > Snowflake involves a large network of highly ephemeral
| volunteer proxies, with the goal of outpacing the censor's
| ability to block proxy IP addresses [...]. Snowflake addresses
| NAT traversal by [WebRTC's ICE negotiation], among a number of
| new advantages.
|
| > CDNs serve not only their own web services, but also services
| that users may host on their platforms, such as App Engine.
| Snowflake currently hosts the [ICE negotiation] on App Engine,
| but will also do so on other services.
|
| This page has a nice diagram: https://snowflake.torproject.org
|
| Install in Firefox: https://addons.mozilla.org/en-
| US/firefox/addon/torproject-sn...
|
| Install in the big bro(ws|th)er:
| https://chrome.google.com/webstore/detail/snowflake/mafpmfcc...
|
| Without installing anything, you can also just leave this tab
| open: https://snowflake.torproject.org/embed.html
| james-redwood wrote:
| I highly recommend anyone who has the capacity to do so: it's not
| particularly difficult and goes a long way in building the very
| foundations of a free web.
| pooper wrote:
| My practical concern is many people are uplink choked.
| Technically, on 200 Mbps down, I was supposed to get over 10
| Mbps up on Comcast Xfinity but practically it was closer to 5
| or 6 Mbps. This is already problematic if you have more than
| two video conference calls going on at the same time.
|
| I am moving soon to a Spectrum / road runner area and we are
| supposed to get 400 down and 20 up. Let's see if it helps.
|
| I don't think I have the capacity to run a node if I understand
| this clearly (please correct me if I am wrong).
|
| I imagine the way a relay works is you download something from
| a source node and upload it to the destination node where
| source and destination are somewhat randomized?
| fastpoint wrote:
| And get myself on a watch list? No thanks.
|
| More importantly, Tor has a significant amount of use by child
| abusers: https://www.wired.com/2014/12/80-percent-dark-web-
| visits-rel...
|
| So there's not really a moral case for this either. You'd just be
| enabling paedophiles to cover their tracks.
| lucb1e wrote:
| > And get myself on a watch list? No thanks.
|
| It's interesting to see people this scared of not being a role
| model citizen. Gives me a china vibe.
| westernboy wrote:
| And then they got angry when you call a soft police state the
| place where they lives. No drama here, I was probably wrong.
| Broken_Hippo wrote:
| Pretty much all countries do this stuff to some degree: In
| the US, be popular and possibly rich, and you can be more
| likely to get out of criminal charges. The credit system
| doesn't always really tell how responsible you are: live
| within your means and simply save money for things and drive
| used cars, and you'll have to pay more for a house loan. It
| doesn't matter if you've held a lease for the last 12 years
| if your landlord doesn't report the credit, same for
| utilities. Get a loan or else.
|
| I'm not saying everywhere has the same level of surveillance
| and punishment for deviance, simply that everywhere has them
| in some form or another. Of course a few are going to remind
| you of other places. I suppose it is the totality and how
| they impact day to day life that makes the difference.
| the_duke wrote:
| The fact that a brand new account account is feverishly trying
| to frame Tor as enabling abusers gives me confidence in the
| fact that Tor is actually really useful for circumventing
| censorship right now.
| rmbyrro wrote:
| A lot of child abusers also use the Internet, so you should
| stop using it. They also use storage devices, SSDs HDDs, we
| should stop using those as well. And they use electricity, a
| lot...
| fastpoint wrote:
| Those are all things with extremely broad purposes, used by
| nearly everyone. Whereas Tor is incredibly niche, being a
| system explicitly designed to obfuscate network activity to
| make it difficult to impossible to track back to the
| originator.
|
| Most people have absolutely no need to use Tor, but it's
| clearly very useful for child abusers looking to not get
| caught. That study reported 80% of hidden service visits were
| to paedophile websites. This really is not comparable in
| scale to how electricity, the internet, storage devices, and
| so on, are used.
| smolder wrote:
| Eliminating privacy to fix the pedo problem (that they
| exist) is throwing the baby out with the bathwater.
| Protecting kids starts with protecting your actual kids,
| not recording your neighbors porn habits, purchase history,
| and political forum posts. Well intentioned or not, when
| you advocate for reducing the _convenience_ of private
| comms, you harm more good people than bad. As long as the
| bad incentive exists, people will do the bad thing, whether
| it 's a little hard or very.
| Pooge wrote:
| > it's clearly very useful for child abusers looking to not
| get caught
|
| And clearly very useful for activists and journalists to
| not get imprisoned and tortured because they revealed
| things they shouldn't have.
| fastpoint wrote:
| Well, that's what the Tor Project claims. It's good
| marketing, but they're essentially lying by omission
| here.
| westernboy wrote:
| This is what I think. But no way to find it's true or
| not.
| sterlind wrote:
| I used Tor in college to connect to the Silk Road to do a
| report on its use of Bitcoin (I didn't buy any drugs.)
| Pooge wrote:
| > It's good marketing, but they're essentially lying by
| omission here.
|
| But so is the "clear Internet", really. Sure there is a
| high proportion of innocent traffic, but if you think in
| terms of criminal activities, I am sure it is non-
| negligible. From copyright infringement to child
| pornography to revenge porn to harassment to unlawful
| handling of data. I have no numbers to back it up, but
| I'm quite sure _a lot_ of crimes are committed on the
| "clear net".
|
| And yet, it would be very unreasonable to shut the
| Internet down over this. Punish the person and their
| actions, not their tools.
| sundarurfriend wrote:
| You'd also be enabling the journalists who expose real world
| pedophiles and m/billionaire criminals, who ruin thousands of
| lives; and helping anyone who needs to fight against
| overwhelming power and has need for an internet, which is so
| many people in so many ways. It only takes 1% of traffic of
| this kind, to overshadow the horrible effects of even 80%
| (which is already a dubious number as pointed out), in terms of
| positive impact on the world.
| merlinscholz wrote:
| Child pornography users in most cases use the internet too. A
| lot of them have cars and drive on the road. We should boycott
| public infrastructure altogether since it can be used for bad
| actions.
| fastpoint wrote:
| The linked study revealed that around 80% of hidden service
| visits were to paedophile websites.
|
| Is 80% of internet traffic child pornography imagery? Are 80%
| of cars driven by paedophiles? If not, your comparison makes
| no sense really.
|
| Also, Tor isn't public infrastructure. It's a largely
| anonymous group of people who have collaborated to form an
| anonymising network. Everyone involved who is aware of the
| above is knowingly enabling the sexual abuse of children, by
| allowing the perpetrators to hide behind their network.
| mhitza wrote:
| And from the same article
|
| > Tor executive director Roger Dingledine followed up in a
| statement to WIRED pointing out that Tor hidden services
| represent only 2 percent of total traffic over Tor's
| anonymizing network.
|
| So that's a 80% of 2% of the entire Tor traffic based on
| 2014 stats. Hardly comparable with stating a question like
| "Is 80% of internet traffic child pornography imagery?"
| 3np wrote:
| On top of that, the study is ~8y old and tells us nothing
| of the state of things today.
|
| Dr Owen's presentation of the study: http://piped2bbch4xs
| lbl2ckr6k62q56kon56ffowxaqzy42ai22a4sash...
|
| Dingledine's follow-up: http://pzhdfe7jraknpj2qgu5cz2u3i4
| deuyfwmonvzu5i3nyw4t4bmg7o5...
| thetrip wrote:
| This could be true in a way. I work at at an
| advertisement firm and know what everybody knows: videos
| and photos are waaaay more bigger than text, even if are
| Word files, so it consumes a way more traffic. 80% get's
| easily short. Edit: I'm assuming that people in the black
| won't traffic only text between them, my bad.
| Pooge wrote:
| > So there's not really a moral case for this either. You'd
| just be enabling paedophiles to cover their tracks.
|
| Let's ban knives makers because they allow people to get
| mugged. By making knives, they're enabling muggers to commit
| crimes.
| fastpoint wrote:
| Are the vast majority of knives being used to stab people?
|
| The study I linked had the proportion of hidden service
| visits to paedophile sites at around 80% of the total.
|
| It's such an alarming figure, it really should be in the Tor
| documentation as a warning of what you'll actually be
| enabling by running a node.
| thetrip wrote:
| Are photos and videos like more large than text? Like 90%?
| This is Coriolanus
| http://shakespeare.mit.edu/coriolanus/full.html 317.9 KiB
| (325,563 bytes). This is HB frontage
| https://hips.hearstapps.com/hmg-
| prod.s3.amazonaws.com/images... 1.2 MiB (1,217,366 bytes).
| Yeah 77%.
| Pooge wrote:
| > Are the vast majority of knives being used to stab
| people?
|
| This is a good point, but more on that below.
|
| > It's such an alarming figure, it really should be in the
| Tor documentation as a warning of what you'll actually be
| enabling by running a node.
|
| No, because even according to the article they are not even
| confident in their results. From DDoS attacks to law
| enforcement visiting those websites, it is impossible to
| assess.
|
| > "We do not know the cause of the high hit count [to child
| abuse sites] and cannot say with any certainty that it
| corresponds with humans," Owen admitted in a response to
| the Tor Project shared with WIRED, adding that "caution is
| advised" when drawing conclusions about the study's
| results.
|
| Human rights activists around the globe are relying on such
| infrastructure to have a safer way to communicate with the
| outside world and denounce actions of their governments.
| They are by far not the people who would click on the most
| hidden services, so they _will_ be under-represented on
| such studies.
|
| Sure encryption is used for unlawful behavior, but if you
| ban encryption and/or Tor, you will just hurt the people
| that need it the most while criminals will just find an
| alternative.
| thrill wrote:
| I think you asking the question wrong. It's "are the vast
| majority of people who are stabbed done so with a knife?".
| hereforphone wrote:
| I forget, am I supposed to be pro giving Russian citizens access
| to unfiltered Internet now, or against?
| jdrc wrote:
| pro, it's always good to know enemy propaganda, for both sides.
| besides, i assume in today's world it's very hard to hide facts
| very widely. Sure some people only watch state TV but bad news
| eventually will reach almost everyone
| gmemstr wrote:
| Genuine question, what sort of risks are associated with running
| this on a typical residential connection?
| 3np wrote:
| Not much at all (unless you're in the DPRK, I guess).
|
| Running an exit node is likely to give you issues, though.
| News-Dog wrote:
| Best Answered at: <https://forum.torproject.net>
| mkl wrote:
| Where there? There seem to be hundreds of posts, and
| searching for "risks" and "bridge risks" didn't seem to bring
| anything up.
| 3np wrote:
| I think they meant that it's a good place to ask.
| News-Dog wrote:
| Please ask on the Forum, You are more likely to be able to
| talk directly with a Dev.
|
| However they will be most likely preoccupied with the new
| release at the moment.
|
| FYI: Tor Browser User Manual <https://tb-
| manual.torproject.org>
|
| Tor Support <https://support.torproject.org>
| flatiron wrote:
| I ran a bridge once. First thing that happened is I could no
| longer use my banks website or app. Got a message that I was
| using tor. I was not an exit node I guess they blocked all exit
| nodes and bridges.
|
| Second thing that happened is I worked at the power company and
| the union went on strike. While on strike some dummy put in a
| lot of power outage reports and used tor. So IT wanted to see
| if anyone else was using tor and my IP when I worked from home
| came up as Tor so I had to go through a whole thing at work
| that I just run a bridge and I had nothing to do with the
| tickets. They requested I stop running the bridge and I did.
|
| No more tor bridges for me!
| 3np wrote:
| > So IT wanted to see if anyone else was using tor and my IP
| when I worked from home came up as Tor
|
| That sounds like it has nothing to do with you running a
| bridge but about you connecting to work through tor. And/Or
| you weren't running a bridge but a public relay. In either
| case the company's IT sound like dummys.
| flatiron wrote:
| I was not connected to work via tor. My ip was listed on
| the tor network as a bridge. IT simply got all the tor IPs
| and cross checked it against IPs connected to their VPN and
| I came up. On another note a coworker downloaded a
| bollywood movie on BitTorrent and forgot to stop sharing
| and connected to the work VPN and IT got a dmca notice.
| They then went on a huge investigation about BitTorrent.
| Some people got nasty emails their IP was listed on public
| trackers. Their kids were using BitTorrent and they were
| getting nasty emails about it. That was a bit big brother
| for me even though I didn't get sucked up into that
| thankfully.
| 3np wrote:
| > My ip was listed on the tor network as a bridge
|
| Seems like you're mixing up the terminology (which is
| understandable, I've done it myself a couple of times in
| the past).
|
| https://support.torproject.org/censorship/censorship-7/
| Bridge relays are Tor relays that are not listed in the
| public Tor directory.
|
| There are still ways to get and detect bridge addresses
| but I'd be surprised if the kind of IT department that
| would give you trouble for running one would also go
| through the effort of doing so?
|
| > On another note a coworker downloaded a bollywood movie
| on BitTorrent and forgot to stop sharing and connected to
| the work VPN and IT got a dmca notice. They then went on
| a huge investigation about BitTorrent. Some people got
| nasty emails their IP was listed on public trackers.
|
| If they were listed as seeds illegally sharing copyright-
| protected content (and the kids weren't just downloading
| Debian ISOs), that's par for course.
| flatiron wrote:
| Yep yer right I was a relay.
| m-p-3 wrote:
| I wished they'd only filter by exit nodes but they grab
| everything including the relay nodes. That's annoying,
| otherwise I'd run a relay node at home.
| 3np wrote:
| Bridge relays aren't. The person you're replying to was
| running a public relay, not a bridge.
|
| https://support.torproject.org/censorship/censorship-7/
| gnuhack wrote:
| No more freedom anymore. It gives us something to think
| about. We are following a path that will lead us into very
| obscure times...
| viraptor wrote:
| You're free to run tor nodes. You just have to accept the
| consequences of others not liking that. That's not
| impacting on your freedom, and it's also part of their
| freedom to not like you for running a node.
| booleandilemma wrote:
| You're free to do X, but your life as you know it is over
| if you do.
|
| Does that feel like freedom to you?
| hatware wrote:
| It's shocking how few understand the times we are living
| through.
| [deleted]
| brigandish wrote:
| There are consequences to everything and different
| consequences to the same actions in different places, to
| talk about "accept the consequences" without addressing
| that is not helpful nor insightful in any way. The real
| points to focus on are:
|
| - whether the consequences are appropriate
|
| - whether they are natural, a side effect of
| intervention, or direct consequence of intervention
|
| For example, if you criticise the king of Thailand while
| in Thailand or as a Thai person you will have committed
| the crime of lese-majesty and can get you 15 years _per
| instance_. If we apply your principle of that being an
| example of _freedom_ for which "you just have to accept
| the consequences" then we have learnt nothing and
| provided nothing of worth. If, however we ask whether
| that is appropriate and whether it can change (it is a
| direct intervention so it can) then we can assess it.
|
| That clearly does impact freedom, as does the bank
| deciding not to serve a customer that is running a Tor
| node. How is it their business anyway? What impact does
| running a bridge have on them? Regardless, let's say it
| was an exit node and the OP was accessing bank services
| via their own exit node - do they not authenticate the
| customers accessing their accounts?
| bawolff wrote:
| This is such a silly thing to say. Freedom usually means
| the ability to do something without negative consequence.
|
| Its sort of like how you were free to do anything you
| wanted in the soviet union, you just had to accept the
| consequences that if you do something the state doesn't
| like you will end up in the gulag.
| amalcon wrote:
| By this logic, I don't have freedom of speech because
| I'll be thrown out of your house if I go there and start
| insulting you. The interesting part about freedom is
| where it intersects with someone else's freedom.
| Grandparent is pointing out that this is one of those
| cases, and the response is that it's not "real" freedom
| then?
| bawolff wrote:
| Yes, that's correct - you don't have absolute freedom of
| speech in my house.
|
| You do have some relative, qualified freedoms from
| government interference.
|
| However, its entirely possible to still be quite
| restricted in your speech as a practical matter under
| american style "freedom of speech". For example, rightly
| or wrongly, parlor had trouble obtaining services. The
| government didn't interfere, but as a practical matter
| they probably had more trouble getting their "mesage" out
| than opposition groups in countries without freedom of
| speech that could more easily rely on international
| resources.
|
| And that's not neccesarily a bad thing. America has
| identified freedom of speech as a sort of fundamental
| good - so instead of being truthful about it being a
| qualified right, seem to instead try to redefine the term
| so that anything not covered by by first amendment isn't
| "true" freedom of speech.
|
| After all the saying goes: "I disapprove of what you say,
| but I will defend to the death your right to say it" not
| "I disapprove of what you say, but I will defend to the
| death your right to be free from government interference
| in saying it". There is much more to freedom of speech
| than just what the first amendment covers.
| supernovae wrote:
| By your own definition no one is really free then. I can
| camp on BLM land, but i can't live on it. I can drive on
| roads, but there are still laws. I can go shopping, but i
| can't just take things. I can go to the movies, but i
| can't bring a camera to record them. People always abuse
| freedom to be absolute and that never works.
|
| Everything in life has consequences. You have to weigh
| them.
| bawolff wrote:
| If your point is that nobody can be truly 100% free in
| this world, and it is all shades of grey - then, yes, i
| would agree.
| bauruine wrote:
| This sounds like you where runnig a relay and not a bridge.
| Bridges are not public so your bank had to actively harvest
| them to block you which seems unlikely.
| flatiron wrote:
| You are correct. I was running a relay.
| jeroenhd wrote:
| It's sad to see incompetent IT block random bridges and
| relays. I would be stubborn and switch banks, to be honest.
|
| Your power company story is even worse, because the people
| who supposedly know how computers work couldn't be bothered
| to find out how running a bridge does has nothing to do with
| requests coming in.
|
| I wonder if these companies are so aggressive against things
| like cheap VPNs and Apple's private relays as they are
| against TOR.
| onphonenow wrote:
| Many automated tools consider tor a fraud signal - so be
| careful.
|
| Users sometimes believe lies online (ie bridge internet
| extension is OK or not noticeable) and create a lot of trouble
| for themselves.
|
| Profile sync can bring that extension onto your work computer
| as an example I'm familiar with. If you are bridging tor at
| work not great
| crtasm wrote:
| It's unfortunate that some (many?) tools treat the list of
| Tor nodes equally, despite only exit nodes being of actual
| concern in most usecases.
|
| Running a bridge with the Snowflake extension/webpage does
| not put your IP on the public list of Tor nodes: https://tb-
| manual.torproject.org/bridges/
|
| Being careful not to sync personal settings/extensions to a
| work machine is certainly good advice.
| [deleted]
| [deleted]
| goodpoint wrote:
| Besides from risk, often it's not a good idea due to the
| latency introduced by it.
|
| EDIT: this is the official recommendation from Tor. Spare the
| downvotes for one minute.
| hatware wrote:
| Can you elaborate? How would running a bridge impact latency?
| goodpoint wrote:
| The advice (from years ago) was that the Tor network is
| bandwidth-aware but not very latency aware.
|
| It requires bridges, relays and exit nodes to build a
| circuit and communicate.
|
| The client does not know what latency exists between the
| chosen nodes when builds a circuit.
|
| If the nodes are located in large datacenters in good
| locations you'll have acceptable latency relatively often.
| If they are on residential ISPs it might not be the case.
|
| Perhaps things have improved in the meantime.
| https://community.torproject.org/relay/relays-requirements/
| does not mention latency.
| jerheinze wrote:
| Running a Tor snowflake[1] 'bridge' is now as easy as installing
| an addon and forgetting about it:
|
| https://addons.mozilla.org/en-US/firefox/addon/torproject-sn...
|
| https://chrome.google.com/webstore/detail/snowflake/mafpmfcc...
|
| [1] : https://snowflake.torproject.org/
| ravenstine wrote:
| Does anyone know where the source code is for the Snowflake
| browser extension? I'm failing to find it anywhere, including in
| the Snowflake Gitlab repo. This is concerning to me, but I'm sure
| there's a good chance I'm just missing it.
| raybb wrote:
| I'm guessing it's here
| https://gitlab.torproject.org/tpo?filter=snowflake under
| "Snowflake WebExtension" but they should link to it more
| prominently.
| ravenstine wrote:
| Ah, thanks!
___________________________________________________________________
(page generated 2022-03-05 23:01 UTC)