The end goal is probably to get you to do what you did, which is shut down the exit node. If they make it painful to run a Tor exit node, they make Tor harder to use.
Exactly. Which is not as obviously an unethical approach as some here would think—if you are standing between law enforcement and a bomb threat, "I'm intentionally ignorant of the activities of the people that I'm shielding" is a morally dubious place to stand. The law allows law enforcement to subpoena records related to an investigation like this, and I honestly think it's fair to force Tor exit node operators to handle those subpoenas every time, even if the answer is always the same.
To have some sort of automated process in place to deflect blame allows an exit node operator to ignore the real damage their work can do. They may still decide that the good that they're doing outweighs the bad, but forcing them to see the negative consequences of shielding anyone who wants a shield has value.
Your right to knowingly run a service that is used by people to kill other people while never having to interact with the consequences of that decision?
I'm not suggesting people shouldn't be able to run a Tor exit node. I'm suggesting that people who run Tor exit nodes should occasionally have to a deal with a subpoena that says "your exit node was used by a criminal to hurt people in ${these ways} and we require any information you have to help apprehend the attacker."
I don't want to deprive anyone of the right to make a moral decision, but I do want them to feel the weight of the full import of that decision.
> Your right to knowingly run a service that is used by people to kill other people while never having to interact with the consequences of that decision?
Can you name a product or service for which this is not the case? Militaries use general purpose software to design weapons. Murderers use vehicles and transit systems. We don't expect the government to harass the makers of cutlery because they provided a product used in a mugging.
I think that any creator of any tool should be faced on a regular basis with the harm that that tool causes and have to make the call on a regular basis if it's still worth it.
So steel workers should get a subpoena they have no effective means to respond to on a regular basis because steel is used to make all manner of weapons and machinery that gets used by bad actors?
I'm honestly not sure what distinction you're trying to draw between them. Clearly any ordinary product can be used for nefarious purposes.
The distinction some people try to draw is when a higher proportion of a product's users are nefarious, but that doesn't really work either because who uses something can change over time.
If you have a society where nobody has window blinds or locks on their doors because it's a rural area and there is no one around to invade your privacy then locks will be disproportionately used by neerdowells "with something to hide", and then busybodies will claim that anyone with nothing to hide shouldn't be concealing their private spaces and anyone selling or using any privacy technology should be pressured to stop. Which sustains the status quo through external pressure even if someone does start invading everyone's privacy.
And that's what's been happening on the internet. Surveillance is the default, Cloudflare et al block Tor users as a matter of course and that drives normal people from Tor and similar technologies even though they would otherwise benefit from its use. People are told that it's the dark web where there are criminals and they shouldn't use it -- it being Tor Browser, the thing that keeps ad networks from tracking them across the internet.
Then after dispersing the normal users who would otherwise benefit from using it, people say that it has a lot of nefarious users to justify the continued harassment of anyone who does. But that's just path dependence, and there are parties interested in leading us down the garden path to mass surveillance.
I believe you are right. I have heard OP's argument many times before, it is almost akin to the "you only need privacy if you have something to hide" and whatnot; same kind of mentality.
Everything could be used for nefarious purposes, and I do not think that is why we should "stop having nice things".
By their logic, we should get rid of encryption, too, completely.
You apparently read what you thought I was going to say and not what I actually wrote. This does not even begin to approach an accurate assessment of what I said or meant.
I'm saying that too many people in this forum are too comfortable completely ignoring the harm that Tor causes, and in order to make a good judgement call about whether to run an exit node the harms need to be surfaced. Full stop.
Everything else that you and others in this thread read into my comment is on you, not me.
Tor does not inherently cause harm, though. Similarly to how E2EE does not cause harm, nor do platforms (or programs) where you are allowed to exchange messages. Do you agree with the first statement or not? If not, what are the differences between Tor and IM software with E2EE?
> If not, what are the differences between Tor and IM software with E2EE?
I would never run an IM software with e2e encryption either, for the same reason. I don't want to be paying to move data that is being used to hurt people, no matter how many people I'd be benefiting in the process.
If other people come to a different decision that's entirely reasonable as long as they're cognizant of the harms caused and not in denial.
> not sure what distinction you're trying to draw between them
Cost versus benefit. Steel has massive, obvious benefits. That makes its costs worth it. On the other hand, several toxic compounds have no known benefits and are tighty regulated.
You're trying to argue Tor's costs are worth its benefits. But that requires being clear-eyed about both. You can't build buildings and spaceships out of Tor. But neither can you fashion it into a gun. Unless you're arguing for solely action-based regulation, never access-based, which is its own idiotic can of worms.
You are talking into a void following this line of reasoning. There is no logical consistency in the context of a state and all the myriad of terms and concepts in its wake. That's by design and everyone that's brought up under it from a young age is taught to embrace that, as a feature. Your words are foreign invaders and every core of these smart people's beings will fight you with their ridiculously smart and well trained antibodies.
Not trying to single out the person you're responding to, but I've seen this play out many times and engaged in it previously to no effect.
You've questioned existence of such "bad policy". I pointed out that there are such policies. I neither supported nor opposed them.
I won't be surprised if there were something in US criminal code with supreme court precedents that specifically dictate the government harass in timely manners the makers of cutlery used in a mugging. There _are_ always laws. _Everything_ is regulated. Most of those regulations are reasonable.
Tor exit nodes don't have any information to identify the end user. They don't know who it is, so there is nothing to subpoena or turn over. Subjecting low-resource entities to a known-futile legal process is a form of harassment.
Exactly: They intentionally built their transit system without cameras. Who benefits from that, except criminals? Oh yeah, sure: North Korean dissidents, Saudi LGBTQ people, etc, etc.
Yes, quite noble. But: How many of those are there using it, and how many criminals? It's mind-boggling how people so adamantly insist on seeing this only as black-and-white, and refuse to admit that there even exists something to weigh against each other.
It's not known-futile. A misconfigured Tor node could be storing all sorts of useful traffic data. Besides, there's also the possibility that the exit node operator themselves could be the actor; since the trail stops at them, they're under suspicion.
If it is moral for the US government to create Tor, it is moral to use it. Sure, it may be it’s a tragedy of the commons, but there’s no individual moral accountability or responsibility for those running Tor because of things other people do or don’t do on it. That’s outside anyone’s ability to control anyway.
