Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How can I block this? For reals. I have no desire to run a Tor proxy and be shafted with CP charges.

Edit: my understanding is that this can be put into any web page and then make anyone visiting that page a Tor exit node.



It makes me extremely sad - and somewhat angry - that a lot of people just associate Tor with CP and criminals. Tor enabled and helped carry out fucking revolutions. Hundreds, if not thousands of (not only) chinese dissidents use it to communicate safely. It protects lives. Tor is a blessing upon humanity, and a big, fat, thorn in the side of every oppressive government on this planet.

The fact that some individuals use Tor for accessing child pornography is sad, but that constitutes a miniscule amount of its entire traffic. Stop looking at the few bad apples and look at the big picture.

Oh, and if you're at it, watch Jacob and Roger's talk at the 29c3 as soon as it is available. They explained this awesome piece of software a bit more in detail there, amongst all the other amazing projects related to the Tor Project.


> The fact that some individuals use Tor for accessing child pornography is sad, but that constitutes a miniscule amount of its entire traffic.

Do you have a citation for this? Specifically, that illegal activities in general are a minuscule amount of its traffic?


I agree with you about how awesome Jacob Appelbaum makes Tor sound, but you could still make a case about not wanting your computer to be used without your consent for stuff like that.

For example, as much as cancer research can benefit from extra computing power, I wouldn't want web sites to start including secret javascript code meant to "reap the spare cpu cycles" available when I visit their site.


It's equally debatable whether it's okay to put stupid advertisements or tracking technology on your website - which have infinitely less positive benefits for humanity than Tor.

Anyways, my answer wasn't about Flash-Proxy at all (which is, polemics aside, indeed debatable). I was pissed about the attitude that Tor == CP, which is a dishonest fallacy thrown around by supporters of surveillance and spying.


There are at least three actual possibilities there:

1. People afraid of being tracked down and prosecuted because someone used their exit node for criminal behavior

2. People concerned about limiting criminal behavior

3. People who want to stop free speech

Assuming #3 seems like a stretch even if it is easy to conclude that people pushing for constraints on free speech for the sake of limiting criminal behavior under-appreciate the vital importance of vigorous anonymous public discourse, even in countries without dictators.


>1. People afraid of being tracked down and prosecuted because someone used their exit node for criminal behavior

Again, Flash Proxy is not an exit node, it's a bridge. It merely helps people to access the Tor network, and does not relay traffic back out (which, as far as I know, is not even technically possible). There's zero risks involved. Also, why are you not running at least a relay, anyways?

>2. People concerned about limiting criminal behavior

Limiting criminal behavior is fine, but never at the cost of essential liberties and rights. This is inarguable. People rallying against Tor for "criminal behavior" are the very same people we need Tor to protect ourselves against.

>3. People who want to stop free speech

I you[1] are such a person, I hate you and you more than deserve to have your browser turned into a powerful weapon of the very thing you want to stop.

[1] This is the general you, I'm not talking to the parent poster specifically.


I agree about the debatable status of the stupid advertisements running without my permission. As you're pointing out, the worse aspect of them is that they're involved in a large-scale tracking scheme. It wouldn't be as bad if you got your ads and nothing else (no tracking on top of the ads).

The "Tor == CP" reasoning is as absurd as saying "Free Speech == Rampant Nazi Propaganda". =)


You are not an end node, so nothing but encrypted data is passed between a Tor user and another Tor node. These bridges help people in countries who block access to the tor network enter the Tor network. They don't use you to access any actual content.

That said. Don't go to websites that put the iframe in if you don't want to be one. It's not like it's going to be a common practice to throw that on your webpage.


the traffic does not exit the tor network via this method. You are simply fuctioning as another intermediate node.

websockets have no ability no function as an exit node.


While OP is wrong about this specific implementation, is there anything stopping someone from modifying it to make you an exit node?

While the authors clearly have good intentions, the basic idea of my browser relaying traffic transparently that I am not aware of is indeed disturbing.


No, I'm pretty sure that is not technically possible.


Same way you'd block downloading CP in general: only visit trusted sites.


Use NoScript.


Seconded




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: