revise the abuse faq based on comments from kevin and chris
Roger Dingledine

Roger Dingledine commited on 2005-06-30 03:07:16
Zeige 1 geänderte Dateien mit 38 Einfügungen und 38 Löschungen.

... ...
@@ -51,22 +51,15 @@ break laws, they already have lots of options available that provide
51 51
 <em>better</em> privacy than Tor provides. They can steal cell phones,
52 52
 use them, and throw them in a ditch; they can crack into computers
53 53
 in Korea or Brazil and use them to launch abusive activities; they
54
-can spread viruses that take control of literally millions of Windows
55
-machines around the world. </p>
54
+can use spyware, viruses, and other techniques to take control of
55
+literally millions of Windows machines around the world. </p>
56 56
 
57 57
 <p>Tor aims to provide protection for ordinary people who want to follow
58 58
 the law. Only criminals have privacy right now; we need to fix that. </p>
59 59
 
60
-<a id="Tradeoff"></a>
61
-<h3><a class="anchor" href="#Tradeoff">Isn't it just a tradeoff: accepting the bad uses for the good ones?</a></h3>
62
-
63
-<p>No, we don't think that's how it works in the case of Tor. </p>
64
-
65
-<p>There are lots of ways to get anonymity on the net, some legal and
66
-some illegal. As we explained above, many of the illegal approaches
67
-can provide stronger anonymity than Tor can provide, because they can
68
-control literally millions of computers via spyware, viruses, and other
69
-techniques. </p>
60
+<p>Some advocates of anonymity explain that it's just a tradeoff ---
61
+accepting the bad uses for the good ones --- but we don't think that's
62
+how it works in the case of Tor. </p>
70 63
 
71 64
 <p>Criminals and other bad people have the motivation to learn how to
72 65
 get good anonymity, and many have the motivation to pay well to achieve
... ...
@@ -98,10 +91,6 @@ for every byte that the Tor network will send to your destination. So
98 91
 in general, attackers who control enough bandwidth to launch an effective
99 92
 DDoS attack can do it just fine without Tor. </p>
100 93
 
101
-<p>And if this argument doesn't convince you, go try Tor and see how
102
-much aggregate throughput you can eke out of it, then come back to us
103
-if you're still worried. </p>
104
-
105 94
 <a id="WhatAboutSpammers"></a>
106 95
 <h3><a class="anchor" href="#WhatAboutSpammers">What about spammers?</a></h3>
107 96
 
... ...
@@ -113,8 +102,13 @@ allow outgoing mails; but that individual could just set up an open mail
113 102
 relay too, independent of Tor. In short, Tor isn't useful for spammers,
114 103
 because nearly all Tor servers refuse to deliver their mail. </p>
115 104
 
116
-<p>The complex answer: Even if the above were not true, spammers are
117
-already doing great without Tor. They
105
+<p>Of course, it's not all about delivering the mail. Spammers can use
106
+Tor to connect to open HTTP proxies (and from there to SMTP servers),
107
+to connect to badly written mail-sending CGI scripts, and to control
108
+their botnets.
109
+</p>
110
+
111
+<p>The better answer: Spammers are already doing great without Tor. They
118 112
 have armies of compromised computers that do their spamming. The added
119 113
 complexity of getting new software installed and configured, and doing
120 114
 Tor's public key operations, etc, makes it not economically worthwhile
... ...
@@ -129,8 +123,9 @@ policies are propagated to the client via the directory, so clients
129 123
 will automatically avoid picking exit nodes that would refuse to exit
130 124
 to their intended destination. </p>
131 125
 
132
-<p>This way each server can decide the services he wants to allow
133
-connections to, based on abuse potential and his own situation. </p>
126
+<p>This way each server can decide the services, hosts, and networks
127
+he wants to allow connections to, based on abuse potential and his own
128
+situation. </p>
134 129
 
135 130
 <a id="HowMuchAbuse"></a>
136 131
 <h3><a class="anchor" href="#HowMuchAbuse">Does Tor get much abuse?</a></h3>
... ...
@@ -153,10 +148,11 @@ currently. </p>
153 148
 
154 149
 <p>If you run a Tor server that allows exit connections (such as the
155 150
 default exit policy), it's probably safe to say that you will eventually
156
-hear from somebody. Abuse complaints can come in a variety of forms. The
157
-main ones so far have taken the following form: </p>
151
+hear from somebody. Abuse complaints can come in a variety of forms. Abuse
152
+complaints may come in a variety of forms. For example: </p>
158 153
 <ul>
159
-<li>Somebody connects to hotmail, and sends a criminal mail somewhere. The
154
+<li>Somebody connects to hotmail, and sends a ransom note to a
155
+company. The
160 156
 FBI sends you a polite email, you explain that you run a Tor server,
161 157
 and they say 'oh well' and leave you alone. [Port 80]</li>
162 158
 <li>Somebody tries to get you shut down by using Tor to connect to google
... ...
@@ -166,11 +162,10 @@ your ISP about how you're destroying the world. [Port 80]</li>
166 162
 himself. Your ISP gets polite mail about how your computer has been
167 163
 compromised; and/or your computer gets ddosed. [Port 6667]</li>
168 164
 <li>Somebody uses Tor to download a Vin Diesel movie, and
169
-your ISP gets a DMCA takedown notice. According to our lawyers
170
-(and this convinced the Harvard general counsel), your ISP can
171
-totally ignore this notice with no liability problems. See EFF's <a
172
-href="http://tor.eff.org/eff/tor-dmca-response.html">Tor DMCA
173
-Response Template</a>. [Arbitrary ports]</li>
165
+your ISP gets a DMCA takedown notice. See EFF's <a
166
+href="http://tor.eff.org/eff/tor-dmca-response.html">Tor DMCA Response
167
+Template</a>, which explains to your ISP why they can probably ignore
168
+the notice without any liability. [Arbitrary ports]</li>
174 169
 </ul>
175 170
 
176 171
 <p>You might also find that your Tor server's IP is blocked from accessing
... ...
@@ -180,12 +175,15 @@ exit policies. (If you have a spare IP not used for other activities,
180 175
 you might consider running your Tor server on it.) For example, </p>
181 176
 
182 177
 <ul>
183
-<li>Wikipedia is currently blocking many Tor server IPs from writing
184
-(reading still works), because they haven't figured out internally how
185
-to deal with the fact that they want to provide open access but they
186
-also have no ways to control abuse to their website. We're working with
187
-them to resolve this.</li>
188
-<li>It seems that SORBS is putting some Tor server IPs on their email
178
+<li>Because of a few cases of anonymous jerks messing with its web
179
+pages, Wikipedia is currently blocking many Tor server IPs from writing
180
+(reading still works). We're talking to Wikipedia about how they might
181
+control abuse while still providing access to anonymous contributors,
182
+who often have hot news or inside info on a topic but don't want to risk
183
+revealing their identities when publishing it (or don't want to reveal
184
+to local observers that they're accessing Wikipedia). Slashdot is also
185
+in the same boat.</li>
186
+<li>SORBS is putting some Tor server IPs on their email
189 187
 blacklist as well. They do this because they passively detect whether your
190 188
 server connects to certain IRC networks, and they conclude from this that
191 189
 your server is capable of spamming. We're working with them to teach them
... ...
@@ -252,11 +250,13 @@ to unblock exit nodes that have been blocked inadvertently. </p>
252 250
 
253 251
 <p>Even though <a href="#WhatAboutSpammers">Tor isn't useful for
254 252
 spamming</a>, some over-zealous blacklisters seem to think that all
255
-open networks like Tor should be boycotted. They don't understand how
256
-Tor works (e.g. that it has exit policies), and don't seem to care to
257
-understand it. If your server administrators decide to make use of these
253
+open networks like Tor are evil --- they attempt to strong-arm network
254
+administrators on policy, service and routing issues, and then extract
255
+ransoms from victims. </p>
256
+
257
+<p>If your server administrators decide to make use of these
258 258
 blacklists to refuse incoming mail, you should have a conversation with
259
-them and explain how Tor works. </p>
259
+them and explain about Tor and Tor's exit policies. </p>
260 260
 
261 261
 <a id="Bans"></a>
262 262
 <h3><a class="anchor" href="#Bans">I want to ban the Tor network from my service.</a></h3>
263 263