New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I am running Tor EXIT nodes for years. I run from home too.
Snooping around the dataflow is contrary to the Tor philosophy so I never did it, but, WikiLeaks receive most of their stuff from Tor, also Chinese and Iranian ppl use it on a regular basis.
Sure, one host shutdown one node because some idiot sent a complaint that my node was trying to crack the pass to their site... I mean, first, how braindead can be someone to put a complain against an IP that tries to crack a pass, second, how braindead can be a host to shut down a node for that...
Also, had a complaint someone obtained passes from webmail system at a university and was using Tor to send spam through the HTTPS port... Like it was Tor's fault they are careless with their passes...
I never had DMCA complaints, but I do run tight exit policy, such as 110, 443, 995, 465, 80, 8080, things like those only. My nodes need to facilitate freespeech and anonimity, not to infringe on DRM.
There were great hosts that had nothing against it and fabulous ones that even offered discounts and different subnet IPs and locations to facilitate multiple nodes in the name of freespeech.
There were also others that, while not blocking proxies, did object against Tor for the propaganda reasons, such as kiddie porn or the real reason behind that as DMCA.
Unfortunatelly, I dont have recent data right now because I mostly run the nodes at home since here BW is cheaper and more plentyfull than in datacenters (I live in Romania), but I am constantly looking here for providers that will have a good offer and no fear of government intimidation.
Tor IS legal, well, maybe not in China or Iran, but it is in US, EU and most countries around the world except the totalitarian and control freak ones.
Of course, each provider has the right to setup AUPs, ToSes and whatever they are confortable with, Tor will not die because of their fears, but I want to point out that it is not Tor that is a carrier of illegal stuff, it is Freenet that does that, ppl can run it from their homes, it is much more protected against snooping and it is the choice of kid molesters, terrorists, etc.
No ISP or state can block it, will simply adapt eventually to carry over TCP port 80 and UDP 53 if it comes to that, you must understand that no fears and threats will eliminate Freenet and the like, and it is Tor that takes the punishment instead. Why not shutdown Internet since it has porn in it ? Block encryption, assign IPs to individuals for life like SSNs, block any connection directly between end-users (P2P), block any non-governmental sites or major business ones, so on and so forth ? After all, why would 2 ppl connect directly if they are not doing something illegal ? Even if they play a game together, this MUST pass through a controlled server so the key on that game can be verified, nobody will play OS games nor use OS apps anyway...
I would like to know how many of the Tor bashers in this thread really bothered to read here: https://www.torproject.org/ ?
Propaganda and propaganda spreading will not stop Tor, will only frighten some ISP that will lose some customers, sure, the BW is not nice in Tor nodes, but the used space, memory and processor are really low, so a good ISP will spread around the nodes on hosts that have a lot of CPU usage, or storage space but not so much BW to achieve good overall performance and keep everyone happy.
ISPs are benefitting from safe harbour against DMCA abusers, the same way as Cogent or Telia-Sonera benefit since not even the Tor operator knows what is passing through and seizing the machine will also acomplish nothing since normally it has no logs.
Only uninformed ppl fear Tor, as usual, the fear of the unknown and rumours are working well, I really hope that, after reaserching the matter, they will become from Tor bashers, Tor fans.
Regards,
Mao
Except that the company the machine is seized from is out of one hardware node causing the company to take a loss and all other clients on that node to lose their data. Sure, the Tor operator is protected but that doesn't protect the company that let them host it. Look at it from the providers eyes, if Tor is prone to cause legal issues then why would a company even want to get involved in it?
This is a VPS we are talking about, taking the host away is a job only a braindead cop would do...
Like, if there was a crime in a flat in 50 flats building, the police will lockout the whole building... They can copy the image.
M
Dude, almost all cops are braindead.
Well, then, why host VPSes ? You cant monitor all of them all the time, I might put up Tor even if it is not allowed in ToS, for example, and you end up with the host machine confiscated anyway if it is so illegal and dangerous... Or I can put up copyrighted work or use as a proxy to break into CIA or NSA, I mean, the ISP should protect their rights themselves, if they are so afraid, they are in the wrong business.
M
False. A quick search shows it happening all over the world by various government agencies.
After your long post about privacy and not "snooping around the dataflow" now you condone hosts to actively spy on their clients? You can't have it both ways.
If anything, your argument is convincing me to add a new anti-TOR policy to our TOS because of the mentality I am seeing in TOR users as I do more and more research. Thank you for opening my eyes.
For legitimate users. I know it's hard to comprehend but there are some good people out in the world that don't always do bad things.
@Maounique - Any service can have a noble goal. But if I may make a comparison, look at Tor as if it were Napster or <insert service here>. Having noble intentions will not stop the majority of users from using the service for illicit means. Sure, there may be plenty of honest users that firmly believe in the noble intentions, and never deviate from that usage. But the vast majority will use the service for their own means, be that pirating, illegal porn, etc. And THAT is what providers want to avoid.
I remember ISP's claiming they are not responsible for what passes on their lines. But then they started trying to police their lines, and they lost all their protections as an ISP. You can't have it both ways. I think providers are better off not making rules.. since you can't possibly enforce them. At least when big brother comes knocking.. you can throw your hands up and say your a provider..
The rules are in place so that "big brother" does not come knocking. And most companies do enforce the rules.
That's easy to say because they aren't walking out with YOUR hardware.
Ahahahahahaha... That was cute :P
Let me tell you a little story. Some time back, one of our (now banned) clients was into some really shady stuff. Shady enough to warrant the FBI showing up at the DC to yank our hardware. Thankfully, because of just how strict we are, we had already caught and terminated the offender, and had a snapshot of his services ready to turn over once the feds passed over the proper paperwork. "Not possibly enforcing" the rules would've meant thousands, if not all, of our clients suddenly having no services if the hardware had been confiscated.
Moral: Providers, for the sake of your clients that don't stir up this kind of trouble, always keep enforcing your rules. It just may save your ass down the line.
So, do you enforce your rules ?
That's correct. For example, just last night I terminated an abuser that was involved in a rather pathetic SQL Inject against our Stallion panel.
How would you know about it, if it doesn't abuse the system ?
Do you spy on your customers ?
Yup. Ask anybody who has ever tried to use IRC on our service. We're even putting a firewall in place to block traffic that is against our TOS (mostly IRC and torrents).
We don't spy on our clients but we do monitor the network for abuse, we don't single out IPs unless we get a red flag somewhere.
That's a negative. Client confidentiality is absolutely essential.. we even require that clients state in ticket that we have permission to access their VPS if such lengths are required to fix an issue.
There's plenty of ways to monitor abuse without infringing on privacy. And on the billing side of things... well, NOBODY hides from Pony.
How would you know about those traffic ?
Do you block the ports of these services, what if I would run my own scripted service on one this evil ports ?
Do you do a DPI of my traffic ?
What would you do if the traffic is crypted ?
I think there are probably people out there more clever than most server admins, that could probably run things right under your(our, I'm an admin too, though not in VPS business) noses.
If I would deny ?
Then we would do what we can to ensure everything node-side is working correctly, provide any guides/google links appropriate, and wish you the best of luck :P
I am very pleased to hear that
According to the good and bad ISPs list the only LEB provider (by LET guidelines) is Netrouting (NL) US$6.50
But there are several ISPs in this list providing a VPS for US$8.00 to US$10.00
What if your ISP is using a transparent proxy? Setting a different NS won't help in this case.
@ SecureDragon
Show me where I said you should spy on your customers... This is the strawman argumentation, what I meant is that ISPs should fight the braindead cops and ask for damages. If you really want to stop Tor and obey all illegal searches under the pretext that "we dont have anything to hide and only criminals want privacy", that is your business, I cant deny most ISPs listen to government propaganda and fear justice instead of considering it an ally. Fortunatelly, there are many others that are bucking the trend and look at the facts first.
What I said about wrong business you are in, I meant that govt' and co can seize anything at any time and demand any data with or without proper cause and papers, if you are so afraid that you block legal software because you are afraid of the government, then, yes, you are in the wrong business, or, at least, in the wrong country. China maybe ? They do have dragons.
"For legitimate users. I know it's hard to comprehend but there are some good people out in the world that don't always do bad things"
Exactly my point.
@Aldryc Did you run some poll and have data about how much of the Tor traffic is legitimate and how much of it isnt ? Run a comparison with Napster, torrents, IRC... ?
If the internet is used for child pornography, we should close it down ? When is that action needed, how much % must be illegal to warrant such action ? If money are used for bribes, weapon/drugs/crimes/prostitution, etc, and we all have an idea about how much of it is flowing illegally, should we stop using it ?
@rest Yes, you CANT police everything. Many ppl allow VPN and some ppl use nested VPNs, encrypted, some use freenet and other things on random ports, when will you stop a customer ? When you see traffic encrypted ? On non-standard ports ? When there are persistent encrypted connections to random IPs ? When the traffic is constant but within the allowed parameters still ? When there are daemons you dont recognise but you have some suspicion ?
Yes, most things can be detected, but ppl that know something about computers and programming cant. Therefore you are always at risk of hardware seisure, whether it is Tor, VPN, home-baked P2P client, whatever. Is it worth the risk ? Everyone is thinking they are well within the law and that cant possibly happen to them. Well, guess what, it is only a question of time, and instead of locking yourself out of the business, better prepare for when it will happen. Read the law, study the software, get a good lawyer. The State will do more infringing laws, EFF, ACLU and the like are fighting them, but the industry should also join the citizens and know their rights and learn to protect themselves.
M
We block content and scripts that we consider high risk. IRC, for example, is a perfectly fine and legal protocol that a lot of people use on a daily basis for completely legal uses. We still have a 0 tolerance for it, mainly because we hate downtime, paying for garbage bandwidth, and our data center does not allow it.
We operate our servers out of a government facility, we're not afraid of them but we are required to have higher standards and be diligent in the prevention of illegal content/usage if we want to continue receiving the security, network, and reliability that comes with it (and that our clients enjoy).
If we were a larger operation running our own data center where we could monitor our traffic 24x7 and prevent physical access to our servers then things would be different, but when the majority of our clients pay less than $3/month, we cannot afford to have our staff constantly monitoring for abuse so we attempt reduce the potential for abuse by not allowing those things that would cause us to constantly monitor our servers/network.
You're not talking to big corporations who are trying to keep the little man down, you're talking to the little man who is trying to make a few bucks to help pay his bills because I can assure you at $2/month we're not driving BMWs. Lawyers are great and if you can find one who's willing to work for free I'll be sure to hire them, in the mean time I'll continue to run my company in a manner that will provide the highest chance of success (which is not measured in $$$ by the way).
All great, you choose not to allow IRC because you probably are not in it for the money (as you imply) and that is a great thing.
You also probably dont have the BW for Tor also, as I am deducting further down the line.
There are many providers and all have different situations, even those renting in the same datacenter. Some nodes within a single company and datacented and same plan have some features in excess while others underused. Like some lack CPU, others RAM while having still some BW unused.
My point here is that ppl in general are not informed about what Tor is and, most important, what is not and fear is both keeping them from making a few bucks and also impeding the fight Tor volunteers are in.
I just needed to set the records straight, bring the facts into discussion and show that, even tho Tor does pose some risks to ISPs those are deffinitelly lower than most other threats to their business and putting Tor near Warez and child porn wont do any good to any legitimate party, but will help censorship.
http://cleanternet.org/
M
@Maounique the things that cost the most in this business are
1)Support
2)Power
3)Bandwidth
Not that there is a lack of bandwidth or support, just most companies would rather not have to hire more support and use more bandwidth for Tor.
Automatic abuse complaints forwarding will solve the issue. I had nice experience with quite a few hosts in the past, they had 0 problems as I was dealing with that myself.
Granted, not all operators can do that and keep everyone happy, however, if you do get a lot of complaints, you can band the "problematic" customers on one node. Nothing critical, I am the most lenient customer anyone can have.
M
"Aldryic", actually. There's an 'i' in there.
Considering I've done my fair share of torrenting, xdcc, filesharing, usenet.. etc, not to mention having been online for coming up on 20 years now... I'm not exactly blind to how the net works.
Nope, but honest providers will go to length to prevent that filth from being associated with their networks. Including placing prohibitions on the primary services used to access said garbage.
I strongly advise the same to you. You show up with absolutely no credibility to your name and attempt to make some holy crusade of this? Go back to the warez forums, please. We have enough hypocrites here as it is.