Delivery-Date: Wed, 04 Mar 2015 15:02:34 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,URIBL_BLOCKED
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 37B9D1E01B0
	for <archiver@seul.org>; Wed,  4 Mar 2015 15:02:32 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id AD2663424C;
	Wed,  4 Mar 2015 20:02:14 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id B9D4D34201
 for <tor-talk@lists.torproject.org>; Wed,  4 Mar 2015 20:02:10 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id c57oa5Z7_MTS for <tor-talk@lists.torproject.org>;
 Wed,  4 Mar 2015 20:02:10 +0000 (UTC)
Received: from mail2.eff.org (mail2.eff.org [173.239.79.204])
 (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 91890341FB
 for <tor-talk@lists.torproject.org>; Wed,  4 Mar 2015 20:02:10 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org;
 s=mail2; 
 h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date;
 bh=7OvRyDe21o9hbb18fK3sj5zYaRMvBLunASPcEJfdO8c=; 
 b=XB6r8mucSYe564YnkSzM0ELo0jatGLP6HQ1LOvSEbhuZ7JxbbF2qaC0zv8w5woPXcmCXoidoxR1IpkxrTzQKsKKkEp3UNdYMY3jPQoboTk+RWibRel/bF9jxQiFbo8NSjwXHqw+zGwkBiGrj0oe63xpfQ2PMPwFdhGxFeQcQFlo=;
Received: ; Wed, 04 Mar 2015 12:02:07 -0800
Date: Wed, 4 Mar 2015 12:02:07 -0800
From: Seth David Schoen <schoen@eff.org>
To: tor-talk@lists.torproject.org
Message-ID: <20150304200206.GO8917@mail2.eff.org>
References: <N1-BYpT3R43m8@Safe-mail.net>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <N1-BYpT3R43m8@Safe-mail.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [tor-talk] New Tor project idea for internet comments
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Lee Malek writes:

> Hi, I am new here.
> 
> I have an idea for a tor sub-project that would serve our purpose (fighting censorship) perfectly.
> 
> This would be a different version of tor - a sort of sub-tor... and a browser plugin.
> 
> Everyone that installs this version of tor would be forced to run a relay - but only for comments - no images, etc.
> 
> The browser plugin would connect to the tor app and scan the webpage the person is on. The plugin would display on a drop down comments people have made using the tor comments system. They can of couse make comments of their own.
> 
> I think this is a must for our purpose. So many news website block comments they dont like these days.

This is a major change from the existing approach of Tor and the Tor
developers.

First, the Tor project has only focused on preventing censorship
by networks and network operators, not by web sites.  The
censorship-resistance approach of Tor has been that your ISP shouldn't
be able to control whom you can communicate with, as opposed to that
web sites shouldn't be able to control who can post there or what they
can post.

Although the Tor Project has been very interested in ways to encourage
sites not to block anonymous users, there's never been an effort to
force the sites to accept anonymous users, or to conceal the fact that
someone is using Tor on the exit side.  In fact, the Tor Project has
specifically rejected the idea of doing that:

https://www.torproject.org/docs/faq.html.en#HideExits

("If people want to block us [on the exit side], we believe that they
should be allowed to do so.")

Second, Tor has never tried to "force" people to route other people's
traffic or to hide the fact that this is happening.  Instead, there
are a lot of cautions given to people who are considering operating
exit relays.  In your proposal, all of the users would be acting as
exits and routing (some) traffic to the public Internet.  That would
tend to put unsuspecting users at risk because they'd start to be the
subject of abuse complaints, including on their home Internet connections.
(In some designs, people could also deliberately target specific people
they don't like by posting threats through those people's connections.)
That would also probably make running Tor a lot less appealing to some
users because they wouldn't be given the choice about whether to provide
exits for other people's traffic.

Third, the distinction between "comments" and other kinds of traffic is
one that requires a huge amount of programming to enforce, and that can
probably only be enforced if users aren't using HTTPS to connect to the
sites.  The Tor Project and larger Tor community have been trying very
hard to get HTTPS deployed everywhere specifically so that Tor exit
nodes _won't_ be able to spy on or examine what Tor users are doing.  If
progress continues to be made on that front, the Tor exits will be less
and less in a position to make the distinction that you suggest between
comments and other stuff.

(It might be possible to extend the Tor protocol to have "comment posting"
be a special kind of exit, where the user explicitly entrusts the text of
the comment to the exit node, which then makes its own HTTPS connection to
the site and posts the comment.  But that would be a lot of engineering
work and would entail a new arms race with the web site operators, who
would be able to update the HTML code of their sites frequently to stop
Tor exit nodes from being able to recognize where and how to post the
comments.  So that's a lot of effort for a kind of blocking resistance
that Tor developers don't necessarily support philosophically and that
would be challenging to sustain over time.)

Fourth, there are some other technical problems with having everyone be
a relay.

https://www.torproject.org/docs/faq.html.en#EverybodyARelay

-- 
Seth Schoen  <schoen@eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

