Delivery-Date: Fri, 06 Nov 2015 03:13:18 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 656231E1015
	for <archiver@seul.org>; Fri,  6 Nov 2015 03:13:15 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id C2DBD37D28;
	Fri,  6 Nov 2015 08:13:10 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 45EC337D18
 for <tor-talk@lists.torproject.org>; Fri,  6 Nov 2015 08:13:07 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Xb59spKy0e8U for <tor-talk@lists.torproject.org>;
 Fri,  6 Nov 2015 08:13:07 +0000 (UTC)
Received: from mail-ig0-x236.google.com (mail-ig0-x236.google.com
 [IPv6:2607:f8b0:4001:c05::236])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 209FF37288
 for <tor-talk@lists.torproject.org>; Fri,  6 Nov 2015 08:13:07 +0000 (UTC)
Received: by igbhv6 with SMTP id hv6so29021812igb.0
 for <tor-talk@lists.torproject.org>; Fri, 06 Nov 2015 00:13:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :content-type; bh=VQN0+bVfsZlh/Jw4qHP/LuTg3wwVYh0Ixlk+2XzIPp8=;
 b=AmBMwgrwvwiDjezmeNvrOm6zem6Bi3KhaNNdi0Yu65pdwKwKUcSAWlZMuTTNXWfYP0
 18Yq2rmgBXfciin0Sz2eGEaQeCla/PeMeMUO6hndFr8WyX5zFEahiNpe3jtW3sgtCz6n
 k7rbh51LMXNajTbXOrIbXCX16C5Nwqz2QwD3c0rDs7ndQyCxaIrYnLp3L6mEB02LN2kk
 yWNIba9j3dZKUNeHKhzUHnUVnGFJLOnE0tl9y4n4JJTIoX1AOabElCCS0VrTjA6e+Huy
 wvme0DcclvpRHVywtNzA1pxBdLbIBWWGL+X/KgMFrkoNA8HusAGPl6NzDX1d/uy5eH90
 Qolw==
X-Received: by 10.50.73.228 with SMTP id o4mr7872060igv.37.1446797584791; Fri,
 06 Nov 2015 00:13:04 -0800 (PST)
MIME-Version: 1.0
Received: by 10.36.137.197 with HTTP; Fri, 6 Nov 2015 00:12:25 -0800 (PST)
In-Reply-To: <563BC58B.6050901@codingrights.org>
References: <563BC58B.6050901@codingrights.org>
From: grarpamp <grarpamp@gmail.com>
Date: Fri, 6 Nov 2015 03:12:25 -0500
Message-ID: <CAD2Ti2__C8NssLbRbd=NqhVLEj0ODE1HbHpSbEkdroKYxh=c1A@mail.gmail.com>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] actions taken against bad nodes
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Thu, Nov 5, 2015 at 4:09 PM, Lucas Teixeira <lucas@codingrights.org> wrote:
> should be easy to detect e.g. with the OONI infrastructure.

There are folks running scripts to detect various things, you
can find some of that in git. Some is driven by exitmap.
If you find some exits that are doing something you can
script against, feel free to post your work.

> Is there a mechanism in place to ban them from the network, are they

You can report malicious relays here where people may pick it
up, look into and confirm it and get them pipelined for banning as
needed. There are a couple of badrelays pages on wiki that may
interest you further.

> I realize that a good portion of those nodes are located on judicially
> hard places, but I also wonder if in some jurisdictions it would be
> possible to prosecute the owners of these nodes.

Citizen prosecutors are not something many countries permit,
it's not in the interest of the state. Tor Project itself has no
history of reporting such relays, but you can report any
confirmed malicious nodes to whatever authorities you wish
and hope they take it up under whatever digital crime laws
they may have. Keep in mind that many malicious nodes
are operated anonymously, and that many prosecutors are
clueless or busy with other things like victims and paper
violations in their own jurisdictions. Odds are you're not a
victim with standing in their jurisdiction, unless you start
playing with mapaddress or geoip to do that.

It's probably more effective to report them here, get
them confirmed and banned by dirauths, and even report
them to their hoster. It's certainly quicker than the courts.

Given there's no contractual relationship, it would be
interesting to see if a relay could seek tort or free speech
or something against tor for banning them, while at the
same time not being liable for whatever it was they were
doing in their local jurisdiction.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

