Andrew Lewman <andrew <at> torproject.is>
2013-04-18 20:17:22 GMT
On Thu, 18 Apr 2013 15:34:21 -0400
grarpamp <grarpamp <at> gmail.com> wrote:
> My main issue with sites that are Tor aware and then take action
> against Tor nodes specifically, is that most seem to say
> they get attacks, spam, illegal stuff from Tor. While true, that
> is a drop in the pond when compared to from the internet at large.
> Yet they don't block the internet, the coffee shops, the cable
> ranges, Romania, etc. It's the being dumb about the net and the
> kneejerk and the push to privacy destroying phone based auth.
Right. They only look for the attacks and not the 99% of traffic which
is non-attack. If they looked at total traffic from Tor, they'd likely
find the normal usage vastly overwhelms the attack traffic.
Getting some real data here would be interesting. I'm constantly told
by "network security" people with more letters after their names than
years of experience that "everyone knows tor is bad traffic", but when
you push them on it, they have no idea why or even where their traffic
originates at all. And "everyone" turns out to be companies selling
products or their certification instructor.
Protecting networks or hosts based on rumors and hearsay is a pretty
poor way to protect anything. Empirical data should rule the decisions.
Cloudflare, google, akamai, and others would have a pretty good view of
how much traffic from Tor exits can be classified as good or bad. If
only they'd share the data or summarized results. I'm interested in the
answer, no matter what it is.