Tor

Azareal

Azareal

Paragon
Joined
Dec 18, 2010
Messages
1,680
Reaction score
353
FP$
4,498
@Carlos X brought up Cloudflare being harsh on Tor in the XF2 thread, basically it presents them with a CAPTCHA to see if they're human every now and then, although it can be overriden by the administrator.

The problem with Tor, of course, being that someone can easily evade your bans and get up to mischief without you being able to track them down. Malicious bots also have a tendency of hiding behind it so that law enforcement can't go after them.

But, there's also the side of it being used for privacy which quite a few scream about whenever admins block Tor outright or otherwise cripple access to their sites from it.

I'm somewhat curious how you deal with Tor and what-not.
 
Blocking proxies isn’t really practical. Software isn’t able to detect them well enough. If someone blocks all proxies that they can identify, there is no way to know whether everyone else is using a proxy or not, because the ones remaining are the ones that can’t be identified.
 
Matt said:
Blocking proxies isn’t really practical. Software isn’t able to detect them well enough. If someone blocks all proxies that they can identify, there is no way to know whether everyone else is using a proxy or not, because the ones remaining are the ones that can’t be identified.
Click to expand...
Tor runs a list of all of the exit nodes, in other words, the IPs they could pop out of the Tor network at. Quite a few sites like Wikipedia, etc. use that to populate blocklists, although in Wikipedia's case it's to stop them from editing rather than viewing.

But, it is true that you can't stamp out every proxy in the world, however quite a few sites see a marked decrease in the number of troublemakers after blocking Tor.
The exit nodes themselves aren't too secretive about it either, as they don't want to be held responsible for the traffic passing through them.
 
Last edited:
Matt said:
Blocking proxies isn’t really practical. Software isn’t able to detect them well enough. If someone blocks all proxies that they can identify, there is no way to know whether everyone else is using a proxy or not, because the ones remaining are the ones that can’t be identified.
Click to expand...
You are admin of a xenForo site. (ForumPromotion is powered by xenForo.)

You can see IP's and investigate the IP address in question. I get a lot of Tor spammers, and a lot of proxies. I've suppressed a lot of those spammers.
Azareal said:
@Carlos X brought up Cloudflare being harsh on Tor in the XF2 thread, basically it presents them with a CAPTCHA to see if they're human every now and then, although it can be overriden by the administrator.
Click to expand...
Nonono. I didn't say that. I said, as a user, I SEE the CAPTCHA. I know what it's for, to block out the proxies, and Tor gateways. I just don't like the CAPTCHA there for each visit to my site.

My site (DestroyRepeat) used to be on https, and cloudflare. Each time I would go there as a user (I'm now administrator and owner), I would get the CAPTCHA screen. Today, when I go to a cloudflare site, I would see the error screen every now and then, it just proves to me why I never liked it before.
 
Last edited:
You know, if they're not up to mischief, they're probably not using Tor. I hate to say it, but it is the perfect app for michief making. As far as I gather, the whole idea behind it is to prevent tracking by law enforcement even more so than a VPN.

A VPN while anonymous to the sites you visit online is not anonymous to law enforcement in the event that you do something bad. At that point, your VPN is required to hand over all information that they have on you. I know because I traced a guy back to his VPN, contacted the VPN, got him banned from it and they told me that while they couldn't give out info, they would hold his info on record for 6 months in case I wanted to press charges against the guy.

So yeah, if this Tor was becoming a problem for me, I'd ban access. Not to prevent people from being anonymous, but to take away their ability to harrass your forum without any means to prevent it. It actually takes effort to log a free proxy every time they come to your site, so they'd eventually get fed up and go away.
 
Carlos X said:
Each time I would go there as a user (I'm now administrator and owner), I would get the CAPTCHA screen. Today, when I go to a cloudflare site, I would see the error screen every now and then, it just proves to me why I never liked it before.
Click to expand...
That usually happens when there are a lot of people up to no good, I think there's a setting somewhere to make it a little less strict.
 
DylRicho said:
Despite that, it's not exactly 100% foolproof. The government has ways. I'd never even consider using it.
Click to expand...
Isn't it largely funded by U.S. Government? I remember that being the case.

It's really just useful as a super VPN, if not for keeping up the pretence that they don't know anything, most likely to spy on their enemies and what-not, they would probably crack down on those criminals within weeks.

Also, the NSA has like a zillion zero day vulnerabilities, most likely in the JavaScript runtime, as they can do all sorts of attacks against it. I wouldn't even be surprised, if they planted spies in Google / Mozilla and got them to "accidentally" introduced security vulnerabilities in their browsers.

Outwitting them is nigh impossible.
 
You must log in or register to reply here.

About Us

Since 2007, Forum Promotion has specialized in providing advertising solutions to webmasters looking to promote their communities. We pride ourselves in being the bridge that connects forum administrators, bloggers, and more.

Sponsors

Affiliates

    Universal Gaming The Coffee House

Stay Connected

Back
Top Bottom