Re: Tor and network security/administration

[Jeremy Chadwick <nanog () jdc parodius com>]

On Wed, Jun 21, 2006 at 05:02:47PM -0400, Todd Vierling wrote:
> If the point of the technology is to add a degree of anonymity, you
> can be pretty sure that a marker expressly designed to state the
> message "Hi, I'm anonymous!" will never be a standard feature of said
> technology.  That's a pretty obvious non-starter.

Which begs the original question of this thread which I started: with
that said, how exactly does one filter this technology?

"You can't" doesn't make for a very practical solution, by the way.
The same was said about BitTorrent (non-encrypted) when it came out,
and the same is being said about encrypted BT (which has caused
some ISPs to induce rate-limiting).

I'm also left wondering something else, based on the "Legalities"
Tor page.  The justification seems to be that because no one's ever
been sued for using Tor to, say, perform illegitimate transactions
(Kevin's examples) or hack a server somewhere (via SSH or some other
open service), that somehow "that speaks for itself".

I don't know about the rest of the folks on NANOG, but telling a
court "I run the Tor service by choice, but the packets that come
out of my box aren't my responsibility", paraphrased, isn't going
to save you from prison time (at least here in the US).  Your box,
your network port, your responsibility: period.

-- 
| Jeremy Chadwick                                 jdc at parodius.com |
| Parodius Networking                        http://www.parodius.com/ |
| UNIX Systems Administrator                   Mountain View, CA, USA |
| Making life hard for others since 1977.               PGP: 4BD6C0CB |