> Whether or not FB is deliberately blocking Tor now, how out-of-line would it be for them to eventually block it in the future?
> tl;dr: Why use Tor + FB?
Fair point, there may only be some arcane use cases for the combo, but the dilemma becomes far more stark at:
"How out-of-line would it be for users of the internet writ large to aggressively block IP addresses associated with malicious activity?"
There was a call to "name and shame" DDOS participants a few months back, with the argument that every operator has the obligation to keep their "systems in trim."
I was enamored with the idea. AV blacklists code, why not source? The AV industry has learned (for the most part) that sharing malware samples is for the good of everyone. But victims tend to stay silent about the IPs that participated in a DDOS, or worse, launched targeted intrusions.
Why not build a list of pariah IPs and refuse to talk to them until they get their act together?
Turns out that puts radical constraints on some useful projects, like Tor. Bot farmers might accidentally DDOS not only their target, but all of Tor if exit nodes were quickly blacklisted. Possibly worse, a government could intentionally spew noisy malicious activity through the network to get the endpoints shut down with deniability.
Is it possible for a Tor exit node to "keep their system in trim?" Preventing its use as a gateway for malicious activity?
You could make a crippled Tor that only allows a certain limited set of services, but that's not really Tor anymore.
Anyone have a way to address:
a) policing malware by IP addresses
while
b) allowing deniability of communication
that's better than just giving up on one priority or the other?
> tl;dr: Why use Tor + FB?
Fair point, there may only be some arcane use cases for the combo, but the dilemma becomes far more stark at: "How out-of-line would it be for users of the internet writ large to aggressively block IP addresses associated with malicious activity?"
There was a call to "name and shame" DDOS participants a few months back, with the argument that every operator has the obligation to keep their "systems in trim."
http://bsdly.blogspot.ca/2012/12/ddos-bots-are-people-or-man...
I was enamored with the idea. AV blacklists code, why not source? The AV industry has learned (for the most part) that sharing malware samples is for the good of everyone. But victims tend to stay silent about the IPs that participated in a DDOS, or worse, launched targeted intrusions.
Why not build a list of pariah IPs and refuse to talk to them until they get their act together?
Turns out that puts radical constraints on some useful projects, like Tor. Bot farmers might accidentally DDOS not only their target, but all of Tor if exit nodes were quickly blacklisted. Possibly worse, a government could intentionally spew noisy malicious activity through the network to get the endpoints shut down with deniability.
Is it possible for a Tor exit node to "keep their system in trim?" Preventing its use as a gateway for malicious activity?
You could make a crippled Tor that only allows a certain limited set of services, but that's not really Tor anymore.
Anyone have a way to address: a) policing malware by IP addresses while b) allowing deniability of communication that's better than just giving up on one priority or the other?