There is an 18-year-old record (updated in 2008!) about TekSavvy in Canada. The internet was different place back then. This info wouldn’t even relevant anymore as TekSavvy has since taken a business-centric approach in the interest of survival.
This list is fluffed up, without any checking for veracity. GIGO type of situation.
The life of the owner of archive.is is directly threatened by the people they are ineffectively attacking back, so I'm not sure I can really blame them.
The turfing with this topic is strong and needs to be called out. Reliable sources are crucial now more than ever. We cannot tolerate and promote botnets once they are uncovered.
archive.org outright removes large numbers of pages, including political content; archive.is has edited a handful of pages to redact the doxxing of the archive.is owners.
True. archive.org complies with removal requests from site owners [1]. The problem is that the content most worth preserving is exactly the content people try hardest to get taken down. If archive.is goes down, and between the FBI subpoena and the Wikipedia ban the pressure is real, archive.org becomes the de facto monopoly in web archival. A monopoly that honors takedown requests is not a reliable record of history.
The editing they do in self preservation is understandable, and far less wrong than having to kowtow to political pressure and private influence; archive.org is great, but unreliable in ways that archive.is et al are not. They're both very useful, in complementary ways.
I even think what archive.is did to their detractor was understandable - in poor taste, definitely black hat, don't do stuff like that, immature as hell, but hey, I get the human impulse that led to the bad decision, and I'm not gonna base whether I use the site or not on that.
Thank you for sharing this, I was previously unaware of this table. While I don't plan on running a Tor node on any VPS or residential ISP, an option to do so signals that they value their customers. I will cross reference this table when picking out my next VPS at the very least.
Not to mention, why on earth would I ever operate a TOR relay or exit node on my home internet connection? Maybe if I could guarantee that it could only be used by journalists or political dissidents, but everything else? No.
I don't need the authorities at my door every few weeks wondering why some of the most deplorable internet traffic of all time is coming from my house.
I agree with the concept. I should not be liable for the actions of others. If someone does something nefarious using my exit node (or the free wifi at my coffee shop) then that shouldn't be my responsibility.
After all, I have no way of knowing what they're up to. It may be good or it may be bad; I can't know. (I suppose I can set up a router to discard packets with the RFC 3514 evil bit set, as a show of good faith, but...)
So I think the risk should be low, but that's just, like, my opinion, man. My opinion doesn't mean that the risk is in fact low.
Has the risk of running an exit node ever been tested in court? Many people, myself included, simply can't afford to have that kind of experience even if we're reasonably sure that it will end up OK.
Yes, many times. Once you explain what a Tor exit node is, you can't be convicted of downloading CP or whatever the anonymous user did, because you quite plausibly didn't do it. However, a verdict of innocence only happens after your life was already ruined by the process of getting to that point...
Some countries like Germany have strict liability, where you must pay a fine for any copyright infringement that happens on your connection unless you register yourself as an ISP yourself. If you're not sure, consult a lawyer to make sure you're not in one of those places.
I appreciate the correction. It's been so long since I've looked at tor that I guess I forgot that relay nodes were a thing and conflated the two terms. Or maybe the coffee hadn't started working yet.
So with the correction, I agree completely: Running relay node (a thing that deals only with indecipherably-encrypted anonymized data) is not a meaningful risk.
IP addresses of relays are still known in the network, and IP reputation firms may flag your IP as potentially suspicious. This may or may not cause issues when dealing with orgs that filter based on "known bad IP address" lists. I've had it happen before, where everything was fine until a few days after running a tor relay (not an exit node, just a relay) everything suddenly wanted more verifications I was not a bot, some paid video services started blocking me, and a few other issues. Stopped running the node and later things cleared up.
>"If someone does something nefarious using my exit node (or the free wifi at my coffee shop) then that shouldn't be my responsibility.
Without even getting into the intricacies and ethics of pooling and providing Spartacus communal anonimty. Wouldn't lending tools that are used for a crime being an accessory, or an accomplice, or at least aiding and abetting?
It's even a bit ridiculous, "If someone does something nefarious with my gun, that's not my responsibility" Yes? Yes it is? Maybe that line is used for something more borderline, but that's definitely your responsibility, if you are allowed to do that at all it's only because of the difficulties of legal procedures and the pressumption of innocence, but that doesn't mean that it's ok to redistribute CSAM and leaked data.
It's murky AF, which is why I asked about precedent after stating [and justifying] my own opinion.
Intent has a lot to do with liability.
My intent with my hypothetical coffee shop is not to provide a dark corner for people to do illegal things online; it is instead my intent for smiling patrons to have a free slice of Internet to go with their not-free cup of coffee. It's just a service that I provide, along with a restroom and a place for people to gather. My options for monitoring it are limited, but if I do notice someone doing stuff that's NFG (whether on the internet or in person), then I'll turn off the taps and tell them to leave. They won't be my customer anymore.
That's not so dissimilar to my ISP's intent when they sell me a month of internet access at home. Their monitoring options are very similar: Observation is difficult (brought to you by NordVPN and https), but if they notice something that is definitely nefarious then I'm likely to be getting a sternly-written letter and/or disconnected.
Most people are generally good -- and most coffee shops (around me, anyway) have free wifi.
The precedent here is that it seems to work, and that we don't have a long and storied history of imprisoning owners of coffee shops and ISP networks.
---
Now, if a person were to hang up a sign on the front their coffee shop that says "FREE WIFI! GET YOUR CSAM HERE!" then that's... that's a rather different kind of intent, and in a fair and just world it wouldn't be too long before the person who hung up that sign would behind bars.
I think the hosts that Tor recommends against because there are already so many nodes hosted on them like OVH and Hetzner are perfectly happy with their (quite good) reputations.
I've run a personal mailserver from one of the "Don't use these ASN/Companies because there are already too many tor nodes" VPS hosts for 14 years (and going). They've had excellent service, I never had a problem with my neighbors on the shared hardware, and my mail deliverability rate has been on par with other services. Just one data point for you.
This list is fluffed up, without any checking for veracity. GIGO type of situation.
Given that archive.is is known to DDOS and alter archives (See all the recent HN posts about them)
[1]: https://help.archive.org/help/how-do-i-request-to-remove-som...
I even think what archive.is did to their detractor was understandable - in poor taste, definitely black hat, don't do stuff like that, immature as hell, but hey, I get the human impulse that led to the bad decision, and I'm not gonna base whether I use the site or not on that.
There are also many web sites that provide an onion address in addition to their clearnet address. For example, the BBC: https://www.bbc.com/news/technology-50150981
Public key obviously, not private.
Hosts that don't ban tor nodes probably don't have a great reputation.
I don't need the authorities at my door every few weeks wondering why some of the most deplorable internet traffic of all time is coming from my house.
After all, I have no way of knowing what they're up to. It may be good or it may be bad; I can't know. (I suppose I can set up a router to discard packets with the RFC 3514 evil bit set, as a show of good faith, but...)
So I think the risk should be low, but that's just, like, my opinion, man. My opinion doesn't mean that the risk is in fact low.
Has the risk of running an exit node ever been tested in court? Many people, myself included, simply can't afford to have that kind of experience even if we're reasonably sure that it will end up OK.
Some countries like Germany have strict liability, where you must pay a fine for any copyright infringement that happens on your connection unless you register yourself as an ISP yourself. If you're not sure, consult a lawyer to make sure you're not in one of those places.
So with the correction, I agree completely: Running relay node (a thing that deals only with indecipherably-encrypted anonymized data) is not a meaningful risk.
Without even getting into the intricacies and ethics of pooling and providing Spartacus communal anonimty. Wouldn't lending tools that are used for a crime being an accessory, or an accomplice, or at least aiding and abetting?
It's even a bit ridiculous, "If someone does something nefarious with my gun, that's not my responsibility" Yes? Yes it is? Maybe that line is used for something more borderline, but that's definitely your responsibility, if you are allowed to do that at all it's only because of the difficulties of legal procedures and the pressumption of innocence, but that doesn't mean that it's ok to redistribute CSAM and leaked data.
Intent has a lot to do with liability.
My intent with my hypothetical coffee shop is not to provide a dark corner for people to do illegal things online; it is instead my intent for smiling patrons to have a free slice of Internet to go with their not-free cup of coffee. It's just a service that I provide, along with a restroom and a place for people to gather. My options for monitoring it are limited, but if I do notice someone doing stuff that's NFG (whether on the internet or in person), then I'll turn off the taps and tell them to leave. They won't be my customer anymore.
That's not so dissimilar to my ISP's intent when they sell me a month of internet access at home. Their monitoring options are very similar: Observation is difficult (brought to you by NordVPN and https), but if they notice something that is definitely nefarious then I'm likely to be getting a sternly-written letter and/or disconnected.
Most people are generally good -- and most coffee shops (around me, anyway) have free wifi.
The precedent here is that it seems to work, and that we don't have a long and storied history of imprisoning owners of coffee shops and ISP networks.
---
Now, if a person were to hang up a sign on the front their coffee shop that says "FREE WIFI! GET YOUR CSAM HERE!" then that's... that's a rather different kind of intent, and in a fair and just world it wouldn't be too long before the person who hung up that sign would behind bars.