cross-posted from: https://links.hackliberty.org/post/285435
When a private sector company blocks Tor, I simply boycott. No private entity is so important that I cannot live well enough without them. But when a public service blocks Tor, that’s a problem because we are increasingly forced to use the online services of the public sector who have gone down the path of assuming offline people do not exist.
They simply block Tor without discussion. It’s not even clear who at what level makes these decisions… could even be an IT admin at the bottom of the org chart. They don’t even say they’re blocking Tor. They don’t even give Tor users a block message that admits that they block Tor. They don’t disclose in their privacy policies that they exclude Tor.
Just a 403 error. That’s all we get. As if it needs no justification. Why is the Tor community so readily willing to play the pushover? Even the Tor project itself will not stand up for their own supporters.
The lack of justification is damaging because it essentially sends the message: “you Tor-using privacy seekers are such scum we don’t even have to explain why you are outcast. We don’t even have to ask permission to exclude you from participating in society” This reinforces the myth that Tor users are criminals and encourages non-criminal Tor users to abandon Tor, thus shrinking the Tor userbase. The civilized world has evolved to a point of realizing the injustice of #collectivePunishment. At best this is a case of punishing many because of a few. I say “at best” because I’m skeptical that a bad actor provokes the arbitrary denial of service.
When the question is publicly asked “why did service X start blocking Tor” answers always come as speculation from people who don’t really know, who say they were probably attacked.
Because even among the very tech savvy, Tor is only used by a tiny fraction of the computer-using population and there’s no reason a public service would support it actively?
Most sites only support Tor access because it’s harder to block it than to ignore it until it becomes a problem.
Small groups are indeed easy to marginalize. Cloudflare is doing most of the work in keeping the Tor population small. I’m not convinced this fully answers the question. Are you saying the Tor community is so small that it does not include activists? Why does EFF & Tor Project itself neglect to stand up against oppressors?
I must say I don’t accept the trope of saying Tor users need “support”. This phrasing implies misunderstanding. When a website is deployed it automatically supports all TCP/IP connections including those coming from Tor exit nodes. Blocking Tor is a purposeful act following from a conscious decision to exclude a demographic which requires an effort proactively configure the site to deny service. This assumes we’re talking about conventional self-hosted 403 and 462 errors, contrary Cloudflare or Siteground which flip things around so naïve users running with defaults unwittingly block Tor & must take an action to correct the permissions.
Because most malicious connections come from Tor end nodes.
I have seen a few, but I would hardly say “most” come from tor. Most of the issues I have seen come from legitimate hosting companies that don’t care if their customers instances are turned into bots.
If I were to say most drive-by shootings come from cars, would that be a good reason to ban cars?
In this example, it’d be cars without license plates, which is what we do
Making license plates optional would not lead to most people doing drive-by shootings. Anonymity does not make you criminal. Most people would not bother with a license plate if it were optional. And a vast majority of those anonymous drivers would not be committing drive-by shootings. Note as well that cyclists (who have no registration in most of the world) are not doing drive-by shootings despite their anonymity.
You’re speaking to the choir here, I even donate to the Tor project and think it’s an essential human right. I’m just offering a sys admin perspective. For them, it’s an easy one click option to block a lot of malicious connections. If their job is to protect a network, it makes sense.
The problem with their job is not being defined as protecting the network while at the same time ensuring availability to legit users. When the naïve sys admin excludes legit users, there’s no push back. No one protesting. Most people are incompetent and it’s normal for sys admins to be reckless in their blocking. The problem lack of counter actions. EFF’s silence & inaction is deafening. EFF & Tor Project are extremely close, yet EFF makes no mention of Cloudflare when CF should be at the center of EFF’s criticism. Tor Project pulled back on Cloudflare criticism after Jacob Appelbaum left. TP has deleted many of their anti-cloudflare essays & resources. CF is the most absolute nemesis to TP yet TP has neutered themselves.
deleted by creator
That’s Cloudflare propaganda talking. If cars were used almost exclusively for drive-by shootings, then the analogy would be a false analogy.
Most Tor users are legitimate users. Cloudflare mislabels legitimate traffic as malicious, then uses that misinfo deceive the public.