On Sat, Aug 31, 2013 at 12:27:22AM -0400, grarpamp wrote:
On 8/30/13, Andrea Shepard andrea@torproject.org wrote:
On Tue, Aug 27, 2013 at 11:08:34AM -0500, Jon Gardner wrote:
Then why have exit policies? Exit nodes regularly block "unwelcome" traffic like bittorrent, and there's only a slight functional difference between that and using a filter in front of the node to block things like porn
There's a considerable functional difference: an exit policy is a defined list of specific hosts and ports to accept/reject, and it's advertised in the exit's descriptor. Your client can just pick a different exit node if the connection it wants to make is not permitted by a given exit's policy. A "porn filter" is inherently fuzzy and unpredictable, so couldn't be implemented without breaking clients trying to use that node. Filtering traffic other than as declared by your exit policy should and will get your exit the BadExit flag.
This is why we need to implement extended exit flags for exits that want to run post-exit filtering/enhancement policies, say for example "noporn" that way we can get all the religious groups dumping their tithes into not just beaming reruns of the 700 club around the world, but a pile of uber fast exits too.
What a disastrous notion; the exit policy system works because clients can predict in advance whether an exit will pass a given connection; it depends only on the destination host/port. That could never be the case for any of these.
And how about "novirus" delivered by microsoft "doublesyourcoins" propped up by the donations of fools "trusted" run by legit governments
Oh, please, do tell where you expect to find a 'legit' government and why one should 'trust' it?