On 5/7/19, nusenu nusenu-lists@riseup.net wrote:
juanjo:
Tor relays are public and easily blocked by IP. To connect to Tor network users where Tor is censored have to use bridges and even PTs. But, what happens on the exit? Many websites block Tor IPs so using it to access "clearweb" is not possible. Should we allow and start using "exit bridges"? In I2P we have not this problem since there is no central IP list of relays.
there is no need to extend to one more hope to achieve this
https://lists.torproject.org/pipermail/tor-dev/2018-March/013036.html
https://lists.torproject.org/pipermail/tor-relays/2019-May/017273.html
It's possible to augment such outbound solution offerings even further by running an OpenVPN termination service so users can transport UDP between clearnet as well. VPNGate.net project has an idea there too. Even large regional IPv6 pools could be bought and shared by operators and rotated through.
More tor relay operators should consider some of the above options, whether as a requested "bridge" service mechanism, or listed in the consensus "contact" field, or as more of a standalone VPNGate support, or "ExitGate" project sort of arrangement.
Using only tor right now, a user needs to use a clearnet service that does not scrape consensus, or one not fronted by services doing similar to CloudFlare's spiteful default tor blocking policy, or find a lucky exit within whatever geolocation game the clearnet service uses, or get lucky through traditional vpn or proxy.
But those are only fun statistical hacks, not real long term solutions to the underlying problem.
It's unfortunate that such braindead blocking, stupid policy regimes, sites refusal to developing creative solutions [1] for so many world's users legitimate privacy, info risk, anonymity needs... often results in users accounts being locked out and escalated into forcing disclosure of users private info and ID to sites to unlock them, thus exposing users to ongoing long term fraud, cost, and stress when that info (in most cases truly unnecessary to collect) is eventually shared misused and stolen by both sites and criminals... or outright auto deletion of user's valued account, built up social networks, etc... all for doing nothing wrong, and harming no one or thing. Death by DriveByExit :( And really shameful to deny world's users the right to simply read a website, be it social, commercial, information, etc or even sadly their own tax-theft funded governmental public sites doing this blocking too.
There are some related projects, best practice, as well...
https://trac.torproject.org/projects/tor/wiki/org/projects/WeSupportTor https://trac.torproject.org/projects/tor/wiki/org/projects/DontBlockMe https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-access
Positive outreach and direct engagement by Tor community is key here, and perhaps not enough of that is happening, at least not publicly. It's a big enough issue that it really needs a dedicated, active, allied, and even funded subproject... a MegaProject that needs to happen.
[1] Such as forfeitable cryptocurrency and mailed-in cash deposits refundable in time, increasing account priviledges and features based on account age and activity, community moderation and behaviour support within the sites, opensource third party tracking-free local SecurImage style captcha throughout a sites features, privacy preserving non-SMS non-Google/Apple pure TOTP authenticator protocols, PGP recovery, letting users simply *read* websites without any hindrance, while utilizing these methods only for *write* operations, etc and so many more ways you can envision...
Cc'd for awareness and inclusion. *Please remove tor-dev and tor-relays, and move this to tor-talk or tor-access for ongoing discussion and progress. Thanks.