Re: Is "gatereloaded" a Bad Exit?

["Aplin, Justin M" <jmaplin@xxxxxxx>]

On 2/14/2011 4:49 PM, John Case wrote:
> On Mon, 14 Feb 2011, Aplin, Justin M wrote:
>
> > Although I've been keeping out of this argument for the most part, 
> > and even though I'm leaning towards seeing things Mike's way, I just 
> > wanted to comment that I've actually been in an environment like this 
> > several times, once at my previous university, and once working for a 
> > local government organization. As asinine as such reasoning is on the 
> > part of the network administrator (or the person who signs their 
> > checks), I can see why the *ability* to run strange exit policies 
> > could be a good thing, and should be preserved in the software.
>
>
> Thank you for this anecdote.

You're welcome, I'm sure there are plenty more out there.

> > However, I see no reason why providing an anonymous contact email 
> > would be so hard. Certainly if you're going out of your way to avoid 
> > [insert conspiracy of choice] in order to run a node, you have the 
> > skills to use one of the hundreds of free email services out there? I 
> > don't think asking for a tiny bit of responsibility on the part of 
> > exit operators is too much to ask, and I'm amazed that "allow them to 
> > continue to function as middle nodes until they explain why their 
> > node appears broken or malicious" is continually being turned into 
> > some kind of human-rights violation.
>
>
> Please chime in here if you have ever set up a _real_ nym to use under 
> a real threat ?  I mean, wore a hoodie and sunglases to the market, 
> bought a burner, got online anonymously, cultivated a persona (in 
> about 10-15 mins), and then threw out the phone.
>
> I can tell you that:
>
> a) transaction costs and time overhead for this are extremely high - 
> really, really terrible
>
> b) it is VERY VERY quick and easy to nym-leak, even for smart people, 
> even when they are trying hard
>
> c) this strategy is an all or nothing one - either you get it 
> completely airtight, end to end, every time, or you walk away from the 
> identity.  You don't just sit on your couch and surf over to the 
> remailer site.
>
> Why am I boring you with this ?  Because you keep rationalizing this 
> policy with these off the cuff, throwaway remarks about "just do 
> this", or "I would just set up ..." when in reality you have NO 
> FUCKING IDEA what you are proposing or suggesting.  It's not easy to 
> create or maintain these structures in real life, and people that need 
> this are in literally life or death (or at least free or jail) 
> situations.

If you recall, I never suggested a nym, as I have no idea how such a 
thing would be constructed. The idea, however, was that if one were 
under this sort of threat, requiring constant vigilance to avoid, don't 
you think that running an exit node full of unsecured traffic would 
attract *far more attention* than one would want? We're reaching pretty 
far into left-field as far as this argument goes, but seeing how exit 
operators are *asked* (not required) to *volunteer* their time and 
bandwidth in order to help *others* (and not themselves, except as an 
incidental increase in obfuscating traffic) who need the network for 
*exactly* the sort of life/death, jail/freedom situations you're 
describing, how is it not reasonable to ask that these operators be 
contactable?

> Why don't we just tell people to get a half-rack and a gigE port at 1 
> Wilshire and be done with it ?  That's what _I'd_ do, after all.

Just a thought; if you have any interest in being taken seriously and 
aren't just trolling the list, sarcasm and expletives may not be the way 
to go.

~Justin Aplin

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/