New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
At the end of the day your in let with lowend providers, If your spending $100+ sure the provider will be a little more happy to deal with the problems it creates however if your paying $4-$7 a month it can soon become unprofitable with the time it takes to deal with the likely additional problems.
Just out of interest, Although providers say no to nodes, What about tor aware websites ? eg xxxxx.onion allowed ?
I don't think that will be an issue, as it won't get any sort of abuse complaints coming in.
Non-exit nodes dont get any abuse, but they are still not allowed.
I think this needs really open-minded ppl that look at the facts first and see there have been no Tor seizure nor any legal issue concerning providers in many years now and that the law-enforcement is mostly aware of Tor these days.
One day we will have providers that openly offer Tor packages (minimal memory, disk,cpu and medium-high bw), that forward automatically abuse complaints and/or have a policy regarding which (if any) ports are allowed for exit. In my experience, only allowing some ports (443, 80, 110, 995 etc) does not trigger DMCA bots (never had one in years) and those are the bulk of the problem if ISP cant afford to read the law or seek advice and fears them.
Saying we dont allow Tor non-exit node because ppl will abuse it and put exit ones is like saying we dont allow httpd because ppl abuse it and host kiddie porn. Just shut down the perpetrators they can be found in publicly available lists, dont have even to spy on the traffic and stop using this excuse, make some better ones or say you dont allow period.
M
In the Open Source world, the general consensus is that if you want a feature, you add it yourself.
Why don't you start a VPS company that allows tor? From what you're telling us about your crusade here, you should be able to retire a billionaire within a few months.
Can you give me some reference for that? I don't understand why non-exit nodes would be an issue.
In an open minded world, it should be general consensus that I can run services on my box that I want - as long as I do not abuse someone else.
We used to allow non-exit nodes, but as a good number of our clients are either ESL or don't speak English at all, we've had issues with the "but you said Tor is allowed I didn't know about exit nodes" way too often. When dealing with those got to the point that it was interrupting my regular duties, it was time to just eliminate the problem at the source.
Yeah, what a great mission!
@Aldryic: Just for clarification, if I take a look at your FAQs / AUP how should I know that hosting a Tor (middle or exit node) is prohibited?
You don't say anythink about Tor, not even about proxies.
Like @Damian4IPXcore said, it's the provider's choice. You're always welcome to start your own VPS company that allows Tor :P
You don't say anythink about Tor, not even about proxies.
Apologies, that's an outdated document. The TOS/AUP that our billing system references (and directs clients to read upon signup and purchase) is located at http://frantech.ca/tos.php and http://frantech.ca/aup.php , respectively.
So when i know what i'm doing, can i run a non-exit node?
Not anymore, sadly. This is one of those cases where the few can ruin things for everyone, and I already have my hands full with fraud prevention and billing to have to babysit another service group as well.
@xonion can you stop? You seem to be like Naruto, just trolling around... Get over it, you will never use Tor on BuyVM nodes.
Apologies, was not my intention.
I am not going to run Tor on a Box where it is seen as an undesirable risk. I'll go by the rules, but nonetheless it should be possible to talk about it.
I agree completely, and have no problems discussing why we have certain rules in place. And I must admit, it's very nice to discuss the issue with someone that does more than "providers are dumb for not allowing it", so thank you for that :P
You are welcome!
But a delicate topic, apparently. It simply does not match, as so often in life, that black / white scheme and some people are going to take it personal. That's weird, but LET - I think.
@aldryic Would BuyVM let someone host a .onion site, As it still needs tor to run.
What im asking really is you dont process watch for tor ?
Running an secret service within the network would be fine assuming you aren't acting as an exit node. If users wanted to act as a middle relay i'm personally fine with that, though i'm not sure how that would work with @aldryic's 'no TOR' policy.
Francisco
Not anymore, sadly
We'll take the topic up under consideration tonight.
Providers, please just consider how much Tor (or other anonymizing tech) has helped with freedom of speech for those poor folks in Iran. There's is a place for such tech. Thanks!
Consumers, please just consider the costs involved with running a business and the losses involved with dealing with abuse in the hosting field.
Consumers, please just consider that it will require dozens of clients to pay for a single hour of legal representation (even if we did nothing wrong and the law is on our side).
Consumers, please just consider that it only takes one client to impact every other client.
I think the main issue providers have with Tor is that it would allow the clients to actually max out and use all their bandwidth... which is oversold of course.
shamelessly stolen from @KuJoe
Consumers, please just consider you are in my house, my rules. You did not buy my equipment, I did, you did not sign the contracts for service, I did, your name will not be on any lawsuit, mine will be.
When you did nothing wrong and the law is on your side, the plaintiff will have to pay all your expenses.
Just hope that they are not a turnip, as a judgement is as useful as the opponents ability to pay.
As @miTgiB said, in an ideal world that would be perfect but in the real world it is far from the truth. The real world doesn't work the same as it does online, it's a sad truth people fail to realize until they start losing money out of their pockets.
It costs a big corporation a few dollars to take somebody to court but it costs hundreds of dollars for a small company to defend themselves from permanently losing everything (while temporarily losing everything in the process).
@Aldryic
"The issue here is this.. if you colo a dedi from a company, you can likely have the IP range named to yourself, and you can receive and handle all of your abuse complaints to run your happy little network."
That's a valid point. The large exit node operators get the SWIP records changed so the abuse contact points to them. Basically as long as the upstream providers don't see the robot notices, they are fine with it. And for the most part, the robot DMCAs go nowhere after you reply with an EFF-recommended form letter of your own.
"VPS providers can't do this. We have thousands of clients, tens of thousands of IPs... so our choice is, Do we hire extra staff solely to put up with the additional headache an exit node will cause? Or do we simply tell folks that, if they want security, to run a VPN?"
Also a valid point. I'm not saying that every hosting provider has the technical ability or a moral responsibility to support exit nodes. But I honestly see no technical or pragmatic problem with allowing non-exit nodes. If someone "accidentally" makes their relay an exit, surely that's so uncommon that it can be dealt with, without straining the resources of even a LEB provider.
(Also: https://blog.torproject.org/running-exit-node
https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates)
@Maounique
"Some ppl send bombs through mail, we should close it down or force mailmen to open every enevelope, because might contain anthrax spores, some ppl use the money for crime, we should disallow cash, shops should not take huge risks accepting it, after all, there were thousands of shops closed (servers seized) in the last 3 years and that is a huge risk for shops (ISP) that wont risk their hard earned -cash- (plastic money) for such a thing, even more, will turn down and report their customers to uphold their righteous stand in front of the law-enforcers."
This argument has been going on for 20 years, probably longer. We all know that criminals are enabled by cars and cell phones and email. In fact, cars, boats and planes have revolutionized the global drug trade in the last hundred years. Obviously we don't want to ban those technologies, and we accept the drug trade as collateral damage for the benefits that modern transit provides.
Some will argue that a higher percentage of Tor users engage in criminal activity than those who use cars and cell phones. That's true, but cars and cell phones enable orders of magnitude more criminal activity than Tor. So that argument goes both ways.
It's also a fact that major criminals don't need Tor. They engage in identity theft, hack servers, and spread malware to infect millions of PCs. They make millions of dollars and will continue their trade without Tor. If anything, Tor enables some of the dumber, less technically savvy criminals. But it also enables many technically naive people who use it for legitimate purposes (I will reiterate that Iran is #2 in directly connecting Tor users). People who run relays have made that calculated decision and believe the trade off is worth it.
Back in the 90s, a guy named Phil Zimmerman invented a technology called PGP. Immediately it was criticized for "enabling pedophiles and terrorists". He had some smart lawyers on his team, including a guy named Eben Moglen, and they eventually won in the courts -- not just for PGP, but encryption in general. At one time it was a legitimate question whether encryption should be allowed at all, and the main argument against it was that it enabled criminals. Zimmerman's victory was a good thing, because encryption on the wire has enabled billions of dollars in internet commerce, which nobody at the time predicted.
Encryption on the wire, and anonymity systems like Tor, have also enabled activists in Egypt, Syria, Bahrain, and most notably Iran. We have seen revolutionary changes in some of those countries, enabled in part by these technologies. That's why some of us are so passionate about defending Tor. Despite the abuse, that's why it's worth it.