Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Tor - The Yin or the Yang?

Zonk posted more than 9 years ago | from the watch-the-shadows dept.

Security 139

An anonymous reader writes "Whitedust is running a interesting article on Tor, The Onion Router project sponsored by the EFF. Tor aims to offer anonymous internet use. Once sponsored by the Naval Research Lab with support from DARPA, it is now managed by The Free Haven Project. Although Tor claims to improve safety and security, the article goes into detail on how Tor can be used as a anonymous attack platform."

Sorry! There are no comments related to the filter you selected.

Google fight: (1, Funny)

Anonymous Coward | more than 9 years ago | (#13139772)

yin yang wins over ying yang

Re:Google fight: (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#13139972)

Fuck Slashdot.

Just have to say it... (1, Informative)

Anonymous Coward | more than 9 years ago | (#13139774)

it's yin, not ying, you insen.... blah. :)

Re:Just have to say it... (1)

uberdave (526529) | more than 9 years ago | (#13139809)

So, what you're saying is that it is the yang?

Cultural Idiots (2, Informative)

jvagner (104817) | more than 9 years ago | (#13139776)

It's "yin or yang". Good going, Slashdot.

Re:Cultural Idiots (3, Informative)

atteSmythe (874236) | more than 9 years ago | (#13139805)

Messup is [sic] from TFA.

Re:Cultural Idiots (1)

jvagner (104817) | more than 9 years ago | (#13139946)

Doesn't mean they can't correct it.. right?

Re:Cultural Idiots (1)

atteSmythe (874236) | more than 9 years ago | (#13139965)

Yeah. Prolly should've used the [sic] tag or changed the title. Blame for everybody!

Re:Cultural Idiots (1, Insightful)

Anonymous Coward | more than 9 years ago | (#13139820)

Ying referes to an aspect of the male anatomy... So is this slip up a foreshadowing that Tor will eventually get the shaft?

Re:Cultural Idiots (3, Informative)

EnronHaliburton2004 (815366) | more than 9 years ago | (#13139857)

Actually, isn't it a mistake to try to seperate the two?

It's the "Yin and Yang", or the 'Yin-Yang' as I understand it-- two opposite pieces of the same energy, both integral and complementary to each other. They cannot be removed from the whole, or the whole is destroyed.

Using the word 'or' actually distorts the original meaning-- 'or' imply two different pieces, the Yin OR Yang-- with we're really talking about one thing.

Yes, this sounds pedantic, but I think it's actually an important difference.

Re:Cultural Idiots (2, Insightful)

loopback_127001 (695885) | more than 9 years ago | (#13139912)

It would be a very important difference, if you were right.

Yin and Yang are opposites. They are two separate concepts that, together, balance one another out. If one or the other is too out of balance, you see problems, according to the theory.

But the fact that yin or yang energy can be out of balance would indicate they are, in fact, two different things. Look at Chinese medicine, some substances are considered to have a strong 'yin' value, others to be primarily 'yang'.

In short, you're getting it right that the two opposing forces are both necessary to create a 'whole', but you're getting it wrong to say that something can't be yin or yang. Although I suppose if your point is really that there is no such thing as a pure-yin or pure-yang object in the universe, that is technically true. but damn, that's even more pedantic than I thought you were being. =)

Of course, this is all needless wanking around an article that thinks 'yin or yang?' is a clever way of saying 'good or bad?' And, as has already been pointed out, can't spell 'yin' right in the first fucking place.

Re:Cultural Idiots (1)

PakProtector (115173) | more than 9 years ago | (#13140091)

It should be 'Yin and Yang' never 'Yin or Yang,' and upon looking at an actual picture [tk421.net] you may see why.

You cannot have good without evil, or hot without cold, because if something is relative, you always have to have something to measure it against.

Also, a much better arguement, in this particular case, is that the Yin contains the seed of the Yang, and the Yang the seed of the Yin. One never exists without atleast a little bit of the other.

Re:Cultural Idiots (1)

tclout (315237) | more than 9 years ago | (#13140284)

The parent post is entirely correct. It is Yin and Yang. Yin contains the seed of Yang. Yang contains the seed of Yin. The Tao is inseparable. To do so is a misrepresentation and would therefore not be the true Tao.

Look at the picture homeboys.

http://en.wikipedia.org/wiki/Taoism [wikipedia.org]

Re:Cultural Idiots (0)

Anonymous Coward | more than 9 years ago | (#13140674)

your comment image got /.ed amazing but then again, not so much

Re:Cultural Idiots (0)

Anonymous Coward | more than 9 years ago | (#13140573)

Is it a more important difference than that between "yin" and "ying"? Definitely not.

Religion, cultural references... (1)

Spy der Mann (805235) | more than 9 years ago | (#13139871)

Wasn't Thor part of the Norde mythology? What's Taoism got to do with it?

Of course, i could be wrong, and the yin / yang mentioned by the submitter is just out of topic.

Re:Religion, cultural references... (1)

Ulven (679148) | more than 9 years ago | (#13140006)

Thor was, yes. Tor is 'The Onion Network' and has no mythological origins whatsoever.

The Ying-Yang is emphasising the fact that it can be used for good or bad, just like every other tool ever invented.

Re:Cultural Idiots (0)

Anonymous Coward | more than 9 years ago | (#13140052)

Maybe they ran it through Google for spell-checking, or used the Google spell checking API. That would explain why they got it wrong, since Google did, too. [google.ca]

Not if he means "Up Yours" (1)

winkydink (650484) | more than 9 years ago | (#13140063)

which I have always heard descibed as ying-yang

A little sensitive? (0)

Anonymous Coward | more than 9 years ago | (#13140208)

Every Slashdot article since the beginning of time has had at least one typo. I've seen Slashdot editors misspell the word "the". That doesn't make them cultural idiots.

My 1000th post! (-1, Offtopic)

EnronHaliburton2004 (815366) | more than 9 years ago | (#13139795)

I just want to point out that this is my 1000th post [slashdot.org] .

I want to thank all of you for your support. Especially the Republicans, for being such easy targets as you drag our Country down the sewer.

Some day I may get arrested for sedition and dragged off to the camps, and on that day I will definately regret not using Tor.

Take care!

Re:My 1000th post! (1)

it_flix (808213) | more than 9 years ago | (#13139834)

Congrats.
Now please give your home address and telephone no, so we can come and arrest you.
Sincerely,
The Governmint

WOW... (1, Offtopic)

Doc Squidly (720087) | more than 9 years ago | (#13139867)

...You have no life.

Mod me as Troll, I don't need Good Karma.

anon attack platform? yup! (5, Insightful)

Lumpy (12016) | more than 9 years ago | (#13139801)

It's already being used this way. Friends still in IRC have been fighting Tor attacks by crapflooders that require 15-20 bans to get rid of the jerk. and the IP's line up with Tor proxies.

It's not hard to modify the client to do nasties for you. hell it can be used to attack any web forum easily without modification.

unfortunately the kiddies discovered it useful for attacking already.

Re:anon attack platform? yup! (4, Insightful)

dgatwood (11270) | more than 9 years ago | (#13139954)

This just tells us what we already knew--online forums and chat mechanisms and other similar technologies should always be designed to require registration.

IRC is a relic from the ancient design museum, a reminder that once, when the internet was young, everyone who could run a server on the 'net could be trusted. SMTP is the same way, along with a number of other fossilized protocols. These protocols, if they are to continue to be useful in the new age of IP spoofing, dynamic IPs, and wormhole routing, need to be redesigned with a modicum of security built into them.

Most people aren't willing to create an account with their real email address to post crapfloods. The few who do can be easily banned by email address.

I know, I know, I'm posting on the world's biggest counterexample for my opinion. Such is life.

WHICH real email address? (2, Insightful)

mph_az (880372) | more than 9 years ago | (#13140054)

One of my 8 yahoo ones, or one of my 10 gmail accounts, or my 4 hotmail accounts or the mailinator account I'm about to make up for the next online form I come across that requires a 'valid email address'?

Or do you mean the 'real' email address that belongs to one of the more obscure web-based email services?

Real authentication is impractical in large numbers; this is why it has never been implemented. It barely worked when you sent a photo copy of your drivers' license in to your local BBS; but now, in the age of instant graticication and an international scale (how *can* you tell that ID from istanbul is fake or not?) it's flat out of the question.

To repeat the point; when it comes to the internet, real authentication is impossible.

Re:WHICH real email address? (1)

dgatwood (11270) | more than 9 years ago | (#13140942)

The point is that an extra layer of authentication makes it harder. Nothing makes it impossible, but at some point, it becomes hard enough that most people planning to do stupid things (crapfloods, spam, trolls, etc.) won't bother unless they're making a lot of money doing it.

Re:anon attack platform? yup! (2, Informative)

FooAtWFU (699187) | more than 9 years ago | (#13140305)

A note that some IRC networks (well, Freenode) automatically detect Tor connections and assign them a hostmask of the form whateverwhatever.tor, and it's easy enough to ban or ignore *.tor from there.

Re:anon attack platform? yup! (1)

sillybilly (668960) | more than 9 years ago | (#13140427)

Literary authors in the past authored quite a few creations under artistic names. It's especially nice to use names like sillybilly on slashdot, where you can let it go and voice your opinions and abuse your right to freedom of expression to the limit, without having to fear someone disliking a single sentence of yours and hunting you down for it. I mean it's not impossible, nothing's impossible, but it adds an extra fence, extra layer of safety. I don't think I'd like to know everyone's real names here, because I'd get to read much less honesty and there'd be a lot less spicy posts. I like the truth shoved in my face, from both extremes. If there is truly a real problem, the authorities can still jump the hoops, issue the warrants and track somebody down based on ip-address/isp/time of logon/phone#/witnesses.

Re:anon attack platform? yup! (1)

PerlDudeXL (456021) | more than 9 years ago | (#13140448)

on our irc channel we had a problem with a single jerk who always used a different nickname. so the channel was set to require a nickserv registered nick. didn't stop him. he registered his 20+ nicks and continued to annoy us.

IRCops (0)

Anonymous Coward | more than 9 years ago | (#13140615)

Most networks only let you register a handful of nicks. You should have gotten an IRCop to K-line the guy. #services, #help or similar

Re:anon attack platform? yup! (1)

Ex Machina (10710) | more than 9 years ago | (#13139967)

Of course since the directory of Tor nodes (not client nodes, but endpoints) is public, it would not be hard to make a script that klines (or +b or eggdrop bans) all the Tor exit points.

Re:anon attack platform? yup! (1)

phntm (723283) | more than 9 years ago | (#13140044)

nix irc [nix.co.il] already blocks all tor proxies using the tor.dnsbl.sectoor.de dnsbl wich i recommend you all to do.

Re:anon attack platform? yup! (0)

Anonymous Coward | more than 9 years ago | (#13140750)

[Disclaimer: this isn't directed at the parent, but rather the "friends" of the parent.]

Well... if it ain't the ole' pot calling the ole' kettle black. IRCers complaining about crapflooding?

WTF. Seriously. That's all IRC has ever *been* about: building the best botnet to get ops on as many channels as possible. If anybody ever tells you different, they're lying or really have no clue what IRC is used for (in which case, tell them to go find a mud or a talker instead).

I say negative outweighs the positive. (2, Informative)

dewc (700281) | more than 9 years ago | (#13139815)

While I do see some valid uses for it, I've only seen it abused on IRC by people who are using them to flood. I know, IRC isn't the center of the online universe.

Re:I say negative outweighs the positive. (0)

Anonymous Coward | more than 9 years ago | (#13140735)

I see plety of uses for it: Boss can't discover that some surf pr0n at work; admin doesn't know about info passing; that woman who WILL be my wife doesn't know where the emails and such come from; etc.

Actually, I do use it to give me an outside address for testing our system. The normal internal address may produce invalid results (depending on what I'm looking for). And I do use it for sucuring my identity when I'm at home surfing for the fun of it. It slows me down, but I like it. Ya gotta take the good with the bad.

MST3K Geek Out (-1, Offtopic)

robocrop (830352) | more than 9 years ago | (#13139818)

ThE MaSTeR WouLd Not aPPrOvE

Proxies too! (0)

Anonymous Coward | more than 9 years ago | (#13139825)

Proxies can be used for good or bad too, why is this news? I think the freedom of persecuted people to read and write what they want takes precedence.

Re:Proxies too! (1)

mottie (807927) | more than 9 years ago | (#13139920)

open proxies are harder to find. you can't simply click "next next finish" and be good to go. if you think using your ISP's proxy is anonymous you're very naive.

Re:Proxies too! (0)

Anonymous Coward | more than 9 years ago | (#13139956)

Hey, if you want to verify it: There is always these guys [whatismyproxy.com] . ISP's probably aren't going to be willing to turn over too many logs too easily, it just becomes a giant timesink.

Of course it can be abused (5, Insightful)

Brad Mace (624801) | more than 9 years ago | (#13139837)

For a society to be free, it MUST be possible for people to do things that are against the law. That's just how it works. If people do something illegal then you can punish them, but only an extremely facist government could hope to prevent crimes before they occur.

Re:Of course it can be abused (3, Informative)

ckimyt (159096) | more than 9 years ago | (#13140056)

For a society to be free, it MUST be possible for people to do things that are against the law. That's just how it works. If people do something illegal then you can punish them, but only an extremely facist government could hope to prevent crimes before they occur.
But you don't just want a free society, you want a just society. When people can commit crimes anonymously, there is no punishment.

So avoid facism, but retain your ability to punish those to actually do break the law.

Re:Of course it can be abused (1)

PakProtector (115173) | more than 9 years ago | (#13140206)

Seriously. I've recently started a website that has an online forum (what, you were expecting a link? I'm not eager for a /.'ing) after a schism with another online forum, and I've gotten wave after wave of trolls coming over and wrecking the place.

I had most of them banned, and the ones with static IP addresses banned by the IP, and then one of them brilliantly discovered the use of proxies and anonymous surfing sites (it was brilliant for a bunch of trolls, atleast), and I was back at square one.

I'm rather cynical about Government, being a Rational Anarchist (and no, it's not an oxymoron, thank you,) but you do not want people to do things without the possiblity of reprisal. That's the whole reason the law works -- bad things can happen to you. And as anyone who has ever had a website defaced or completely ruined and valuable data and off-site backups (off-site from your home, that is) lost, you'll see why.

However, the problem isn't with Proxies -- they're just a tool, and like any other tool you can use them for good or evil. You can use a hammer to build a house, or to bash your best mate's skull in. That doesn't mean we should ban hammers.

The Problem is with People. And the problem is so prolific on the internet because you can do things on the internet that in real life would get the crap beaten out of you.

After all, if you walked into a bar and started calling everyone in it faggots, you'd probably wind up with a cracked skull. And since these people called 'Trolls' can't do these things in real life, they do them online.

This problem, this use of things in wrong or evil manners, will not change until humanity itself changes, and the more and more I age the more and more I learn about Humanity, and the more and more I realise that this change will most certainly never come about willingly, or easily, because I've learned that the vast amount of people are a) lazy, and b) unconcerned with personal betterment.

That, and they just don't care.

Re:Of course it can be abused (1)

SiliconEntity (448450) | more than 9 years ago | (#13140612)

The Problem is with People. And the problem is so prolific on the internet because you can do things on the internet that in real life would get the crap beaten out of you. After all, if you walked into a bar and started calling everyone in it faggots, you'd probably wind up with a cracked skull.

You need to distinguish between someone who provides unpleasant information and someone who engages in physical assault. Calling people names is not grounds for cracking skulls or any such response. "Sticks and stones may break my bones, but words can never hurt me."

It is one of the strengths of the Internet that thugs can no longer beat people up because they don't like what they say. The fact that you are unhappy about this reflects more on you than on users of Tor.

Re:Of course it can be abused (1)

Flower (31351) | more than 9 years ago | (#13141119)

Oh bull. You're entirely missing the point.

The negative to anonymity is that immature or socially maladjusted individuals can destroy the signal to noise ratio in a forum with impunity. The criteria you are "distinguishing" by isn't even relevent in the example shown. The hypothetical tool crying faggot to everyone is not providing unpleasant information. He is purposefully inciting the people around him. Mr. Tool is abusing his freedom of expression and in the non-anonymous setting a variety of social pressures can be applied against him to correct or remove his behavior ranging from ostricizing him, publically deriding him, kicking him out of the bar and, yes, up to the afore mentioned cracked skull whether warranted or not. The social group our hypothetical example has entered can choose to deal with him. This is normal. It's real life and in the example provided I would say it is fair. He isn't providing any "information" and it isn't like he can pretend there are no consequences to his actions. Just because the GP used an extreme example of a consequence doesn't mean his point isn't valid.

One of the strengths of the Internet is that actual oppressed populations can get their story out to the world. The price we pay for this currently is that an extremely vocal minority of maladjusted people abuse this ability to inflate their level of self-importance. The fact that you seem to twist this abdication of responsibility for self-gratification as "providing unpleasant information" speaks volumes.

Re:Of course it can be abused (1)

Locke2005 (849178) | more than 9 years ago | (#13140261)

Absolutely! Those fascist laws against my killing someone who is just asking for it should be abolished! The government is infringing on my right to bitch-slap anybody that pisses me off!

While I agree that fewer laws would be better for society, I can't agree with your statement that "it MUST be possible for people to do things that are against the law". If people do things that harm other people, they should be punished in proportion to the harm done and the probability of getting caught. If nobody is harmed by the action, then there should be no law against it. I simply can't condone any action that harms another human being. As a philisophical ideal I personally beleive that people have a right to harm themselves, therefore there should have been no law against using Orkut to conduct this business in the first place. Well meaning others may disagree about the right to harm oneself, and therefore feel selling drugs should rightfully be illegal.

Re:Of course it can be abused (0)

Anonymous Coward | more than 9 years ago | (#13140313)

Absolutely! Those fascist laws against my killing someone who is just asking for it should be abolished!
Really? How many laws out there prevent you from killing someone (as opposed to punishing you after the fact)? Reread the OP's post, then feel stupid as you realize you're agreeing with him.

Re:Of course it can be abused (0)

Anonymous Coward | more than 9 years ago | (#13140632)

I see... so that fact that it is illegal in the US to say "I'm going to kill the president!" is prima facia evidence that the US has "an extremely facist government", because obviously they are trying to prevent a crime by sending the Secret Service to knock on your door...

I agree that people shouldn't be punished because they probably will commit a crime in the future, but at some point the probability of them creating a crime becomes high enough that you probably should infringe on their rights to protect others from harm. By your logic, even if the government had advance warning that Timothy McVeigh was going to bomb a federal building, they still should not have arrested him until after he set off the bomb, since he hadn't yet killed anybody...

Re:Of course it can be abused (1)

groman (535485) | more than 9 years ago | (#13140659)

They shouldn't have had the power to arrest him, no. The very thought that 99.9% of the population of the world thinks that "intending to commit a crime" should be a crime is chilling. They can still prevent him from doing so by killing him and then going to jail for it. As long as no government resources are involved, what's the problem?

oh my gosh... (-1, Redundant)

dR.fuZZo (187666) | more than 9 years ago | (#13139841)

That's "yin," not "ying." It seems kinda bad when you don't even run the title of your article through the spellchecker.

Re:oh my gosh... (1)

Nom du Keyboard (633989) | more than 9 years ago | (#13139987)

That's "yin," not "ying."

Maybe it's "Xing".

Oh, sorry, that's an MP3 encoder.

Re:oh my gosh... (1)

TCM (130219) | more than 9 years ago | (#13140366)

Oh, sorry, that's an MP3 encoder.

No, it's not. It's an atrocity claiming to be one.

RBL tor nodes? (4, Insightful)

blueskies (525815) | more than 9 years ago | (#13139842)

If it becomes a large enough of a problem, i can see people firewalling based apon a list of tor nodes.

Re:RBL tor nodes? (1)

TheTomcat (53158) | more than 9 years ago | (#13140114)


Like this [sectoor.de] ?

S

Fantastic! (3, Insightful)

Anonymous Coward | more than 9 years ago | (#13139859)

Let's all demonize useful technology before it gets out of the gate! Next year we can all mourn the loss of Sourceforge when it's 'determined' to be a repository for terrorist software development. Oh god, won't somebody help me off of this slippery slope?!

mod parent funny! (0)

Anonymous Coward | more than 9 years ago | (#13139950)

The content of parent post is, of course, quite serious but I just died laughing at the irony of your post itself taking the form of a slippry slope fallacy.

Re:Fantastic! (3, Insightful)

Jeff DeMaagd (2015) | more than 9 years ago | (#13139955)

Oh god, won't somebody help me off of this slippery slope?!

Just as well. Slippery slope is a logical fallacy anyway.

Re:Fantastic! (1)

poopdeville (841677) | more than 9 years ago | (#13140421)

It's also an accurate empirical observation regarding human nature.

Give people anonymity and... (2, Insightful)

RUFFyamahaRYDER (887557) | more than 9 years ago | (#13139862)

Give people anonymity and of course they are going to do bad things with it. The net is as anonymous as it needs to be. I see this only causing more trouble and headaches...

Penny Arcade explains it all (0, Troll)

crimethinker (721591) | more than 9 years ago | (#13140027)

Normal person + anonymity + audience = Total Fuckwad [penny-arcade.com]

I guess we're seeing here that the size of the audience doesn't really matter, if at all.

-paul

Re:Penny Arcade explains it all (0)

Anonymous Coward | more than 9 years ago | (#13140155)

Shut your face, shitcock.

Off Topic (0, Offtopic)

PakProtector (115173) | more than 9 years ago | (#13140241)

In response to your .sig: What about those of us who realise that a .45 is better for stopping someone on PCP than a .22, but a .22 is better for a Mob-Style, back of the head, execution?

Not that I've ever done either of those. Oh, no.

What, you think I'm lyin'? You callin' me a liar?

/me draws his .45

You callin' me a liar, issat i-

/me puts his .45 away...

Er...

Re:Give people anonymity and... (1)

Keamos (857162) | more than 9 years ago | (#13140093)

Just more proof to John Gabriel's Internet Fuckwad Theory, the gift that just keeps on giving...

Re:Give people anonymity and... (0)

Anonymous Coward | more than 9 years ago | (#13140344)

Shaddup, asshole!

(j/k, for the humor-impared)

Can't be all good (2, Funny)

Neil Blender (555885) | more than 9 years ago | (#13139876)

Because the slashcoders worked overtime to ban posting to slashdot from as many tor servers as they could find.

You can't post to this page.

Directory Servers - the Achilles heel? (0)

Anonymous Coward | more than 9 years ago | (#13139895)

So if I am a Commie/Fascist dictator hell-bent on Internet censorship (think Hu Jintao) and I'm afraid of Tor, then all I have to do is block all IP access to the directory servers? That should solve the problem once and for all, right?

If so then Tor is only as good as the access to the directory servers for the hundreds of millions of individuals groaning under the yoke of the Commie-Fascist dictatorships all over the world.

Solution is obvious (2, Funny)

hobotron (891379) | more than 9 years ago | (#13139910)


Whitedust commented that the flaws in Tor could be fixed by moving away from the Onion network to an extended "Onion Ring" network.

the need (1, Insightful)

Amouth (879122) | more than 9 years ago | (#13139931)

tell me exactly what is the point of this tech if not the be bad with it.. any good thing doesn't require you to hide behind anything. personaly i think people should be fully accountable for what they do.. allowing them to remove that they will just move to doing bad things. i know it can be used for good but so can just doing it normaly.. i under stand the reason behind it - it is neet, but it is only going to be abused.

Re:the need (4, Informative)

Rosco P. Coltrane (209368) | more than 9 years ago | (#13140020)

any good thing doesn't require you to hide behind anything.

Well for example, it can be used by dissidents to safely express their political views, be it in the PRC, Burma or the United States...

Re:the need (1)

mph_az (880372) | more than 9 years ago | (#13140147)

It could be used for that, but it's mostly being used to harass legitamate internet users.

There's a huge difference between what it could be used for and what it is being used for; and what it is being used for isn't worth putting up with the 0.0001% legitimate useage.

Re:the need (2, Informative)

Rosco P. Coltrane (209368) | more than 9 years ago | (#13140374)

There's a huge difference between what it could be used for and what it is being used for; and what it is being used for isn't worth putting up with the 0.0001% legitimate useage.

Tell that Kin Yu Jong who's being at risk of being arrested any moment now because he dared write "uh, I dunno, but maybe Tiananmen wasn't so groovy after all" in his fanzine.

Only well-fed and wealthy people like you who live in relative safety in their countries have the luxury to think their comfort rates higher than the needs of the oppressed.

Mod parent -1 flamebait (0)

Anonymous Coward | more than 9 years ago | (#13140490)

Only well-fed and wealthy people like you who live in relative safety in their countries have the luxury to think their comfort rates higher than the needs of the oppressed.

For christ's sake PLEASE tell me you don't actually buy the shit you're shovelling there.

When the script kids bury the legitimate posts, your ficitious chinaman's post is buried right along with them. When they flood out an IRC channel, his message is flooded out as well.

Nice troll, however, kudos to ya.

Re:the need (1)

poopdeville (841677) | more than 9 years ago | (#13140453)

How on earth would you know? Reports like the one in TFA don't exactly give you a random sampling of Tor users.

Re:the need (0)

Anonymous Coward | more than 9 years ago | (#13140138)

tell me exactly what is the point of this tech if not the be bad with it

I know exactly what you mean. I certainly see no need to remain anonymous.

Re:the need (1)

Wizzmer (862755) | more than 9 years ago | (#13140498)

"tell me exactly what is the point of this tech if not the be bad with it.."

What is it good for? To surf the net anonymously. If you live in China, or soon in the EU, that can be a problem. The upcoming EU laws on data retention means that your ISP will keep track of what web pages you request, probably by forcing the customer to go through a central proxy. Some suggest that the ISPs should be allowed to use this information for commercial purposes to help offset their added costs. Now there's something that puts the GMail profiling to shame...

But hey, it will keep the tigers ... eh... terrorists away. Not.

Re:the need (2, Interesting)

An Onerous Coward (222037) | more than 9 years ago | (#13140629)

Complete accountability is wonderful in theory, but problematic in practice. First, even theoretically, it can only work if everyone is held accountable. If you're accountable to the police, but the police are not accountable to the people they serve, then anonymity might be required in order to report corruption and whatnot.

Now let's move on to practice. Say you want to do something pretty much harmless, but frowned upon by society at large, like lighting up a joint, having sex with your girlfriend, or killing a hobo with a ball-peen hammer. If society bans certain acts arbitrarily and irrationally, then you shouldn't have to be "accountable" to that sort of insanity.

RIAA Alert (1)

Nom du Keyboard (633989) | more than 9 years ago | (#13139969)

RIAA Alert
Tor
KILL
KILL
KILL

My thoughts on Tor. (2, Insightful)

Captain Scurvy (818996) | more than 9 years ago | (#13139970)

Tor is a good idea, and maybe even a step in the right direction, but it is by no means a "solution" for true Net anonymity and/or privacy. In fact, it is a better tool for attack anonymity than it is for privacy.

Call me paranoid, but I don't trust anyone other than the intended recipient to decrypt any sensitive data. The way I understand the program to work (correct me if I'm wrong) is that a "trusted" server on the end decrypts your packets and acts as the "proxy" between the tor network and the Internet. What if those trusted servers is compromised? Being so centralized, they make a good way to glean a lot of personal info.

Now, if you don't care about your data privacy, and just care about a hard to trace connection (i.e., for an attack, but there are plenty of other legitimate reasons), then Tor is pretty cool. However, since there are presently so few servers, and a lot of people DO seem to use Tor to crapflood IRC/forums/etc, it seems like more and more people are just banning the Tor IP addresses.

Trust anyone you like (1)

poptones (653660) | more than 9 years ago | (#13140134)

You can tell tor what type of nodes to connect to, you don't have to just use "trusted nodes." It comes OOTB like that, but all it takes is a quick edit.

If you are sending unencrypted traffic over tor and you really have a need for anonymity you are stoopid anyway and you will die. If you are doing something that could cost you your freedom you need more than one layer - and tor, no matter how big the onion, is still just one layer.

Re:My thoughts on Tor. (2, Insightful)

ahsect8 (880135) | more than 9 years ago | (#13140701)

You're misunderstanding the protocol. The purpose is to anonymize connections versus content.

An example scenario: a US intelligence agent may need to contact an agency server from within a foriegn country. Anyone sniffing packets would notice that a user is connecting to a server at www.someagency.mil, even if the content itself was encrypted. Tor anonymizes the connection, as the agent now connects to one of any number of Tor nodes. Tor uses encryption to protect route and address information, not content. It should be used in conjunction with another strong encryption protocol (SSL etc.).

Re:My thoughts on Tor. (1, Insightful)

Anonymous Coward | more than 9 years ago | (#13140974)

The way I understand the program to work (correct me if I'm wrong) is that a "trusted" server on the end decrypts your packets and acts as the "proxy" between the tor network and the Internet.

1) You don't have to use any particular node or nodes as "trusted". There is no centralization in architecture, only in default configuration.
2) The trusted node can be the intended recipient.
3) You should be using encryption anyway if you care about protecting your data.

Attack platform? Give me a break. (1, Informative)

Anonymous Coward | more than 9 years ago | (#13140012)

You have got to be kidding me. I can barely use Tor to surf for porn at work, its so damn slow. IRC? Ya, it crawls too. This is using US tor servers too - good luck if one of the routers in the route is in some high speed country like bangladesh. Tor is a great idea maybe, but as it stands right now is so slow its not even funny.

More spam (0)

Anonymous Coward | more than 9 years ago | (#13140026)

Whitedust are becoming quite the spammers. Posting several things to /. that have been covered before in a way that just advertises their site

Latency hurts, however... (4, Informative)

nweaver (113078) | more than 9 years ago | (#13140064)

A: Tor is a documented protocol. If you really REALLY want to block Tor on your network, configure your IDS to recognise the protocol setup, and kill THAT.

B: You can't quake through Tor. Tor only supports TCP, and it adds a fair bit of latency to boot.

Re:Latency hurts, however... (1)

Dark Coder (66759) | more than 9 years ago | (#13140907)

Wrong side of the equation. WTFA.

A> It is the proxy TOR that is sprouting attack packets. Not the TOR network itself. TOR is a carrier, AND a emitter of attack launch platform. You talk only of a stopping the carrier network which is usually beyond your reach.

B> Quake will works through TOR using port redirector and a IP tunnel that works perfectly fine across UDP/TCP boundary. (although why would ANY serious gamer want to do this)

Solves problems here and abroad (2, Interesting)

powerline22 (515356) | more than 9 years ago | (#13140085)

I live in the USA, and I use it all the time at my high school. Why? My high school thinks it prudent to block many sites such as hackaday.com and coxandorkum.com. I also used it when I was in china to bypass the great firewall to check my evil capitalist college email.

I think that if anyone is being blocked from visitng any site, anywhere, they should use this to show how stupid and ineffective filters are, especially in schools. Why bother to educate responsibility on the internet when you can force it on kids!

Re:Solves problems here and abroad (0)

Anonymous Coward | more than 9 years ago | (#13140255)

burglar/car alarms are also ineffective for people intent on taking your stuff, but for most criminals/opportunists it serves as a deterrant ie: its too much hassle to overcome for the risk of being caught

you might have the tech savvy to skirt round school filters but i would bet 90% of your school have neither the desire or capability to mess around with config files, proxies and other such tools just so they can visit bannedsite.net on a lunchhour

if people are determined enough they can evade any security measures, but for the most people dont, they just cant be bothered

Tor is like a bazooka... (2, Funny)

Anonymous Coward | more than 9 years ago | (#13140173)

...you can use it to protect your family from dangerous animals (deer, frog hoards, and spiders...I hate spiders), or you can kill people, which is wrong.

Yin *and* Yang (1)

pedantic bore (740196) | more than 9 years ago | (#13140174)

To be pedantic... it's never a question of one or the other, since they are each others dual.

Anonymity conceals identity. People who commit crimes often don't want to get caught, so anonymity is something they desire.

Nothing to see here; move along.

obsessing on annonimity (1)

slashdotnickname (882178) | more than 9 years ago | (#13140328)

There's only two types of people that would bother with annonymous internet usage... those doing something they fear might get them in trouble, and those that fear being monitored regardless if they're doing anything bad or not... either way, annonymous internet usage is somewhat a product of fear.

Not saying there's anything wrong with acting on fear, but it can't be healthy to live always fearing "Oh no they might see me reading /." or whatnot.

Re:obsessing on annonimity (1)

frankm_slashdot (614772) | more than 9 years ago | (#13140449)

as much as some people might call that flamebate.. its still basically 100% accurate...

theres always the third group who "likes to be different" and test the boundaries of the law... but that group isnt really big enough to count....

it does suck though to live in land where the freedom was paid for with more deaths than id want to count... yet - where everyones getting the opinion that its ok to have some freedoms taken away if it makes you safer... which is basicallyk why people dont fuss about the little laws....

ie: its illegal for me to photograph pictures of my family on the verazano bridge because they're afraid that i could be a terrorist and ill use the photos for my evil plot. same thing when i took my family on their first speedline ride to the city.. the conductor was warning us about pictures being taken and that wed have them comfiscated at the next stop by police offercers...

i think things like tor are basically a way for those in that small margin (the ones we didnt count) (who are incidentally the driving forces) to feel like they can have at least a little freedom elsewhere.. one taken away, so build one that cant be taken away so easily.

i dunno.. its all a pretty lame argument that always boils down to the fact that our forefathers were commiting treason when they fought for their freedom and now anyone in the US who trys to carve out a little of their own freedoms are being labeled unpatriotic.... its sad..

tor countermeasures (1)

bani (467531) | more than 9 years ago | (#13140410)

an RBL populated with the tor master list.

a BGP feed of tor hosts.

anyone game?

Frost pi5t (-1, Troll)

Anonymous Coward | more than 9 years ago | (#13140433)

So what.. (1)

sillybilly (668960) | more than 9 years ago | (#13140493)

Any technology that empowers people can be used both for good and bad. Fire, knives, cars, gas, etc. Tor is not something that's likely to cause an end to the world, there are a lot more potent things to worry about.

Tor, or trust the US Navy with your privacy (0)

Anonymous Coward | more than 9 years ago | (#13140585)

Remember, Tor was made by the US Navy.

I wouldnt trust it with my privacy.

You have got to be kidding me. (1)

atomm1024 (570507) | more than 9 years ago | (#13141290)

Tor is completely open-source and peer-reviewed. The protocol is documented, and there is already at least one third-party implementation (JAP) that can access the same network. You really think it has evil Government spyware in it? Give me a break.

first open relays for smtp now this (0)

Anonymous Coward | more than 9 years ago | (#13140596)

I'm sorry I ever donated money to the eff. First gilmore refused to close his open-spam-relay claiming some political dissident might need to use it to get vital messages out and now we have the same crap at the TCP level. Who needs microsoft to write a virus-loving OS that is regularly abused by spammers and micreants when you have folks like the EFF writing *nix code that does the same darn thing? Whatever happened to the idea that good internet neighbors don't help urchins abuse the rest of the net?

a large and moving tor? (0)

Anonymous Coward | more than 9 years ago | (#13140625)

many shubs and zuuls knew what it was to be roasted in the depths of the tor that day I can tell you.

Product built using Tor... (1)

Afecks (899057) | more than 9 years ago | (#13140679)

If you want a complete all-in-one Tor platform, look no further, Tor Desktop. [virtualpri...achine.com]

The Tor Abuse FAQ (1)

Nick Mathewson (11078) | more than 9 years ago | (#13141123)

The Tor project has a FAQ about abuse, from the perspective of Tor server operators and other folks on the internet. Of particular interest are:

Also of interest on the main Tor FAQ is:

Basically, Tor goes through some effort in order to be easy to block, by making sure that you can easily get a list of exactly the Tor nodes that allow connections to your servers. If you don't think people who want privacy belong on your service, you don't need to support them; it's your service after all. (Some people have already written RBL-like tools, but I haven't seen any that I like so far; all the ones I've seen list all Tor servers, even the ones that do not permit outgoing connections and so cannot deliver unwanted connections.)

On the other hand, if you do think that privacy is a useful thing, there are ways to allow anonymous users without allowing unlimited abuse. See the first link above.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?