Slashdot Mirror
Tor Named One of the Year's Best Products
Iorek writes "PC World lauds Tor, an anonymous Internet communication system, as better than its paid competitors, and one of the best 100 products of 2005. The Electronic Frontier Foundation, which is supporting Tor development, has a press release as well."
How does slashdot get away with publicly lauding Tor as the great application that it is, while simultaneously blocking over 90% of the nodes from posting to slashdot? Try it now, it took me thirty tries to post a comment to slashdot using Tor the other day.
Making the moon less necessary since 1998.
These lists will become more and more common as people figure out what Tor is.. it's a nice idea but..
Even freenode has banned known tor connections. But that's what happens when you give 12 and 13 year old uber el3et linux hax0rs more power than they deserve.
I have been a Tor users for a very long time and, to a certain extent, the fact that it is not very well publicized has kept the system relatively free of the possibilty abuse. When I say possibility of abuse, I am talking about the media saying that Tor is a way to do anonymous torrents of copyrighted material, transferring child porn, etc. As Tor becomes more publicized, will I have to deal with articles from self-proclaimed experts accusing Tor of being a vehicle for such activity? Will I then see some politician try to pass legislation against anonymizer type software? Maybe I'm being alarmist, but these days anything is possible.
Anyone know if there is (or will be) a Linux Tor binary for NAT routers? I have a Linux router, and I'd like to use it as a client in the Tor network but a server for local computers (behind the router).
There are many reasons. Yes, it can be abused, just as a stick or a rock can be abused.
KOA
Giant Missile Defense Radar Sails
I don't get why so many people put letters in envelopes, what have they got to hide?
Why not write on the back of postcards so everybody can make sure they're not hiding illegal words..
It's a slippery slope. Encryption is useful.
It's a simple fact that People like privacy and place a non zero value on it. The phrase "what are you trying to hide" is the last refuge of the voyeur.
"Cursed is he who rises early in the morning..." Isiah 5:11
This isn't even an insightful question. "That much encryption?" What the hell does that mean? If the encryption is easily cracked it's not worth doing, you might as well just be doing your banking over something like ROT13 encoded connections, huh?
.de domain and you're doing anything to interest the FBI.
I've been wondering why the hell the network has been getting slower and slower and slower over the last weeks. I guess now I know.
Why is an anonymous network needed? Well for one thing it's not anonymous regarding the type of uses the critics like to trot out i.e kiddie porn and cracking, since a good many of the connection nodes originate in the US or Germany, two of the most monitored countries in the world. Your connection can go through a hundred drops after that it won't matter at all if you make that first hit straight to MIT or some
What it IS useful for (that is before it became so terribly overloaded every click ends up taking thirty seconds or more to respond) is surfing without worrying about your local "community standards" enforced ISP looking over your shoulder or the bazillions of admonkies being able to snoop. Tor is commonly packaged with privoxy, the two together make moving about the net a lot nicer (even slashdot).
And the problem with onion routing is that it is neither high-bandwidth or low-latency - just anonymous. Sharing files over Tor is a blatant misuse - but tracker comm over it is perfectly valid (Azureus already has a plugin - though I like dht better).
Interestingly, I2P calls them Garlic routers (the pun is not lost on some of us).Quidquid latine dictum sit, altum videtur
I don't understand why you would need tor to hit here. Just put slashdot on the "exception list" in your proxy config and it works great. The ads still get killed (if you are using privoxy) but the content is fast and complete.
You might also trying setting up your tor config file. You do not HAVE to use the "trusted gateways" for the final drop, that is only how it is configured OOTB. Add "exit" to the untrusted gateway nodes permissions - heck you can even remove "exit" from the "trusted nodes" permissions. Now you're not connecting via those "known tor nodes."
BTW it ain't just slashdot. Lots of sites still use IP information instead of session variables and it will drive you nuts trying to post to one of them or even stay connected without having to log in again every two minutes. Simple solution is to just add those sites to the "don't proxy these sites" list. May not be the solution you want if it's a "controversial" site that could lead to leagal attention, but if you're really worried about that sort of thing you're a fool for using tor for it anyway.
Are you still convinced that a network of potential "illegal" uses is such a bad thing?
"BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
Do you even think for one nanosecond that the EFF would be supporting it if it were closed???
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
It seems one of the first companies to jump on the Tor bandwagon is VPM. They are selling a Linux desktop on a 128MB USB stick with everything preconfigured to connect using Tor. Sounds like a neat idea even though you could make it all yourself without paying $45.
Tor very happy to win award. Make Tor happy. Tor not smash now.
Read my blog.
>>In some places, it's verboten for women to bare their necks or ankles (much less anything else) in public....
Well where I live it is illegal for my wife to bare her naked breasts in public. I demand her freedom!
But seriously they have their laws and we have ours, you cant really compare human rights with laws regarding decency. Dont get me worng I am all for emancipation but please choose your battles better.
On a interesting side note , in the UK I believe we do not have a freedom of speech. CAn someone confirm this?
"Community standards" had nothing to do with it; the standards were set by a fairly small group of lunatics who happened to have a lot of guns. The same can be said of places like North Korea, Iraq, Sudan, and (dare I say it) perhaps even the United States. The FCC, backed by the federal government, which happens to have a lot more firepower than you or I, decides what is or isn't OK on television. As in several other above-listed states, the relatively small group with the superior firepower are the ones who set the rules, communities be damned.
Community standards are hogwash, anyway. I live in the deep south, the Bible belt. I know people who are staunch conservatives, or republicans, or Bush-Frist voters, or whatever you want to call them. These are the guys who go to that annual rally (I forget what it's called) where they profess their faith to God and their wives, and denounce pornography and infidelity. Yet I run into these guys at the strip clubs, at the liquor stores, you name it. All of the "sins" they're supposedly dead-set against, they more often than not participate in themselves.
Your average Bible-belter will vote against gambling, but then you'll find him in the casinos in Tunica or Biloxi. He'll vote against a state lottery, but darned if you don't run into him buying Powerball tickets at the gas station. He'll write to the FCC complaining about Janet Jackson, but as you drive past the adult bookstore, you see his car parked outside. He set the so-called "community standards" when he voted, but he doesn't even follow them himself. That's your average "community standards" progenitor.
Look no further than the Parents' Television Council for evidence of this. The PTC - which as you may recall from prior articles here is responsible for some 98% of all complaints to the FCC - proudly hosts on their own website the offensive clips from television shows they complain about. Even (gasp) children can surf by and find the stuff that's so offensive, they don't want their children to see it. How's that for irony?
For several months they hosted a video clip at http://www.parentstv.org/PTC/clips/WithoutaTrace_
Earth to Parents Television Council, your website is fully accessible to any child who has internet access, why are you hosting "extremely graphic and sexually explicit" content there? Fucking hypocrites.
A human being who has tasted freedom, who knows about life without oppression, who understands the value of the right to read and speak freely, and who hates seeing women all covered up.
"BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
I'm British but I live and work in China. Many websites are unreachable because of the censorship here (e.g.: news.bbc.co.uk).
Tor lets me surf those websites and find out what is going on in the world, and find out the things the PRC government doesn't want its citizens knowing about.
In short, it is my window on the world.
"Place me in the company of those who seek Truth, but deliver me from those who believe to have found it."
No - it should leave the ability to post anonymously, but only if you are logged in to an actual account.
Get your own free personal location tracker
I was banned within hours of settiing up Tor on my host.
Join Tor today!
page 1
if you want to surf anonymously without downloading and installing stuff, check out anonycat.
http://anonycat.com/
it's open source, so you can download and run it from your own computer if you want, but you can also just surfy anonymously from the main page.
it's pretty good for viewing slashdot, too, which you can't do with Tor.
"Is this just useless, or is it expensive as well?"
Every time tor is mentioned on Slashdot, the networks gains speed thanks to a surge in runnin server numbers.
'Once scientists, even the dim-witted social scientists, get muzzled, the Western Civilization is finished.' - oldhack
Because Tor works, apparently.
It's the same with any other internet service - give it a few days, and watch the abuse roll on in. Web, Email, Chat, they can ALL be used for great things but the perpensity for abuse lurks just around the corner, and Tor isn't an exception to this.
No, it's because Slashcode lacks support for anonymous use. Until someone adds said support, Slashdot will not be anonymously usable.
If everyone created an account, no problem.
The thing is that Slashdot's codebase uses blacklisting as part of its functionality (it's how they keep abusers from flooding the board). Blacklisting does not work in a pure anonymous environment (that allows abuse if many entities collaborate to abuse the system, which is the case for most systems) without "expensive IDs" (the use of some resource which one cannot produce en-masse to identify onesself). Slashcode treats IP addresses as "expensive IDs", intending that those wanting to abuse the board have a limited set of IP addresses available to them, and those become blacklisted. Tor extends the availability of Tor-enabled IPs (expensive IDs) to anyone who wants. Slashcode cannot understand this. To make Slashcode work in an anonymous environment, support for expensive IDs that work in an anonymous environment must be added. There are many mechanisms for doing expensive IDs.
Slashcode currently uses both IPs (they can get banned) and accounts (they can get banned as well, and it takes a while to work up a high-post, low UIN account) as expensive IDs. IPs cannot be used in an anonymous environment. Accounts could, but probably must be boostrapped in a non-anonymous environment. That is, it would be possible for Slashdot to allow only registered users to use Slashdot from Tor systems (I could even register my IP as one that only allows registered use), but to prevent someone from mass-creating accounts, these accounts would have to be bootstrapped from a non-anonymous environment -- for example, perhaps an IP could only create an account a week, but once created, users could use their accounts on Tor systems.
Another popular expensive ID that saw some interest during the antispam discussion days is solved problems that require many CPU cycles. Generate a hard mathematical problem, to an anonymous user and the person has to burn 5 CPU-minutes of cycles solving a problem in order to post. They'll have a hard time flooding the board.
Another popular expensive ID is human time -- hence the OCRable letters that low-karma accounts and ACs have been seeing recently.
Another expensive ID is transitive trust -- allow accounts that have "trusted" accounts marking those accounts as, in turn, "trusted" (something like the friends system, but should not use the friend marking, which means something different) to use the board anonymously. If those accounts abuse the board, the abusing account loses his trust and the account that endorsed him loses some trust, transitively back to the source. This isn't *fully* anonymous (since the truster has to have some relationship with the trustee, even if it's nothing more than reading a Slashdot post made in non-anonymous mode).
Any other mechanism that uses expensive IDs that can function in an anonymous environment will also work.
I'm going to see whether or not open source solves this one. The Slashcode codebase is there, free, and open, and any number of people with crypto and security design experience read this board and presumably want to use Tor.
I don't really care much about using Slashdot anonymously, so I'm not going to do it. I'll probably take advantage of it if someone else adds support to Slashcode for working in an anonymous environment, though.
Any program relying on (nontrivial) preemptive multithreading will be buggy.
Uh, a US letter currently doesn't have to have a return address, much less a validated one. And a public mailbox in a big US city is pretty darn anonymizing. After all, they still haven't caught the folks who sent anthrax-filled letters to US government officials---and I'm guessing it's not for want of trying.
Tsk, tsk. You must be new here.
And remember kids: Never trust a computer you can actually lift.