back to article Brazilians waxed: Uni's Tor relay node booted after harvesting .onions

A university research project in Brazil has had its Tor relay node banned after it was caught harvesting the .onion addresses of visitors. Marcus Rodrigues, a junior researcher with the University of Campinas in São Paulo, claims he and others were working to create a tool that could tell malicious hidden services from benign …

  1. This post has been deleted by a moderator

    1. Ole Juul

      Re: "malicious"

      It does look like this was less research and more trying to prove a point. The fact that he didn't make the effort to read the rules would also indicate a lack of professionalism.

    2. DavCrav Silver badge

      Re: "malicious"

      "He is making that call.... that is why he was blocked, the idea is that maybe some people think drug websites are all that malicious and the TOR network is where we don't have a million people moralising for us.... fuck off you stupid student."

      To be fair, it's not just him that is making the call that drug websites are malicious, it's every single legal jurisdiction in the world. You(and indeed I) can decide that drugs aren't all that bad, but research into just how much of TOR contains illegal activities is a reasonable project. Maybe you wouldn't like the answer, especially if it's 1% people trying to exercise free speech and 99% crime. But not liking an answer does not mean you shouldn't ask the question.

    3. Anonymous Coward
      Anonymous Coward

      Re: "malicious"

      You could have made your statement without the name calling. Why was that necessary?

      1. Androgynous Cow Herd

        Re: "malicious"

        Because sometimes, nothing says it better than a hearty "Fuck off"

        1. Anonymous Coward
          Anonymous Coward

          Re: "malicious"

          > Because sometimes, nothing says it better than a hearty "Fuck off"

          Yeah, but face to face and to someone who is in a position to challenge your insult, should they wish not to ignore it, not to a kid half a world away over the internet.

          It is *especially* because you're semi-anonymous behind a monitor and keyboard that you want to behave civilly, otherwise it's just giving an excuse to every government with control freakness tendencies to strip away what is left of our privacy, online and offline.

          1. Anonymous Coward
            Anonymous Coward

            Re: "malicious"

            He's not a "kid". He has a Masters and does research at a university.

            1. Anonymous Coward
              Anonymous Coward

              Re: "malicious"

              > He's not a "kid". He has a Masters and does research at a university.

              Must be totally all right to slag him off from behind a screen then, eh?

              1. Androgynous Cow Herd

                Re: "malicious"

                "Yeah, but face to face and to someone who is in a position to challenge your insult, should they wish not to ignore it, not to a kid half a world away over the internet"

                Actually, the invitation to fuck off is a suggested course of action, not an insult.

                As a result of his actions, the TOR network has now assisted the researcher in fucking off, by kicking his stupid, unethical, nosy, TOS violating ass right off the damn network.

                The fact that he states that his ethics violating "research" will continue does lead me to want to insult him, as I just did. From a logistical standpoint, making those insults face to face is impractical currently, so I must use this imperfect medium. Should he and I find ourselves in the same room, meeting, or conference, I could express myself more clearly and directly.

                This is the sort of research that has potential to directly harm the subject of said research. Many do value anonymity for many reasons other than scoring dope on line. . Many have come to the realization that true anonymity is getting very difficult, and this "Research" is about as ethical as mauling wings off of houseflies to find out it they walk differently. Problem is, there are lots of houseflies, but only one TOR network.

                So, yes, the researcher should, indeed, fuck off.

                1. Anonymous Coward
                  Anonymous Coward

                  Re: "malicious"

                  >From a logistical standpoint, making those insults face to face is impractical currently

                  What with Brazil now a failed state I can understand not wanting to make that trip. Maybe the kid should tackle some of the rampant crime and corruption close to home off line first.

                2. Anonymous Coward
                  Anonymous Coward

                  Re: "malicious"

                  > The fact that he states that his ethics violating "research" will continue does lead me to want to insult him, as I just did. From a logistical standpoint, making those insults face to face is impractical currently, so I must use this imperfect medium.

                  This medium is not so imperfect that it prevents you from revealing your real identity and professional / academic affiliation, in the interests of fairness. Since you are valiant enough to throw a public insult (and accusations) to a private person the identity of whom has been disclosed, no doubt you will find it reasonable (nay, necessary!) to apply the same level of disclosure to yourself.

                  Or doth the gentleman protest too much?

                  1. asdf

                    Re: "malicious"

                    Whatever you say AC lol. Wasn't the original poster you got in beef with but you seem to be protesting quite a bit yourself.

          2. This post has been deleted by its author

    4. The Man Who Fell To Earth Silver badge
      FAIL

      Re: "malicious"

      Yet another person whose "cause" is so important & righteous that they are above knowing & following the rules they agreed to. i.e. Another "the ends justify the means".

      One has to wonder where these guys will set up a new node violating the same rules.

  2. Anonymous Coward
    Anonymous Coward

    Self-important little pricks

    "Now, Rodrigues says, his group is unable to bring its Tor relay node back online, and so far nobody from the project has given them any indication that the ban will ever be removed. Still, he says, the research will continue."

    In other words, Tor's ethical guidelines don't apply to them.

    1. Chris King

      Re: Self-important little pricks

      "In other words, Tor's ethical guidelines don't apply to them".

      Sadly, AC is right. Some researchers need to learn that The Internet Is Not Your Chew-Toy.

      "Doing Research" does not give you the right to be a dick towards other people on campus or elsewhere on the internet. There have been times where I've had to pull the plug on research projects that have accidentally DDoS'd other sites, or attempted to access traffic that was not intended for them. There have also been times where I've had to firewall off projects that were in danger of being attacked/misused themselves.

      If that relay node had been compromised, it would have made one hell of a "listening post" for pretty much anybody with an interest in intercepting Tor traffic - law enforcement, three-/four-letter security agencies, hostile foreign powers, criminals, take your pick.

      I've no sympathy for these guys, because there are clear guidelines for research ethics:

      4. Examples of unacceptable research activity

      It is not acceptable to run an HSDir, harvest onion addresses, and publish or connect to those onion addresses.

      Could they be any clearer ? Harvesting .onions is bad, mmmkay.

      1. Raumkraut

        Re: Self-important little pricks

        If that relay node had been compromised, it would have made one hell of a "listening post" for pretty much anybody with an interest in intercepting Tor traffic - law enforcement, three-/four-letter security agencies, hostile foreign powers, criminals, take your pick.

        What makes you think "law enforcement, three-/four-letter security agencies, hostile foreign powers, criminals" aren't already harvesting this exact same information? So long as a relay does its job as a relay, there's no way to know that it isn't also recording all the traffic.

        The only reason this research project got shut out was because they were honest and public about what they were doing.

        None of those other groups give two hoots about the Tor Project's ethical guidelines, and aren't likely to admit that they're running any relay or exit nodes, let alone what additional functionality has been added to them.

      2. DavCrav Silver badge

        Re: Self-important little pricks

        "Sadly, AC is right. Some researchers need to learn that The Internet Is Not Your Chew-Toy."

        TOR's ethical guidelines have no legal force. You can write whatever you want in your terms and conditions, but it doesn't mean that I or anyone else need to give a toss what you write down. Of course this applies to law enforcement in particular, but also to researchers. You don't get to shut all inquiry about your conduct down with a 'don't investigate me' line in your T&Cs.

        1. Chris King

          Re: Self-important little pricks

          You're right - the Guidelines have no legal force, but from the original posts it seems that they have banned this particular node for an action listed in those guidelines:

          https://www.mail-archive.com/tor-relays@lists.torproject.org/msg11947.html

          Not so much legal force, more like a community shunning someone for not following their rules ?

          1. Ole Juul

            Re: Self-important little pricks

            As for ethical guidelines, normally any university has an ethical review board which is required to pass all research projects. In this case either the university is not up to snuff, or the researcher made an effort to bypass the review.

            1. The Man Who Fell To Earth Silver badge
              FAIL

              Re: Self-important little pricks

              "As for ethical guidelines, normally any university has an ethical review board which is required to pass all research projects."

              Er, no. Don't know where you live, but that's not the case in the US for anything except a relatively narrow range of areas, such as biomedical research using humans or some types of animals (mainly mammals), or GMO stuff that will be allowed to grow outdoors, and maybe one or two other narrow niches. I know, I'm a US University researcher working on the border between the Physical and Biomedical Sciences. Our work has zero "ethical review" because the animals we work with are gene insertion viruses for optogenetics, cell cultures, worms & zebra fish, and/or our projects are developing chips & software. None of which ever are "ethically reviewed". The closest that we come to that is checking boxes on grant applications saying we are not using human subjects nor certain classes of animals.

        2. Anonymous Coward
          Anonymous Coward

          Re: Self-important little pricks

          > TOR's ethical guidelines have no legal force

          Would that be why they're called "ethical guidelines" and not, let's say "terms & conditions"? Asking politely tends to work better than throwing the book, anyway.

          1. Charles 9 Silver badge

            Re: Self-important little pricks

            Not from most people's experience. Kind words tend to be met with fingers, and once ONE starts cheating and spoiling all the fun...

            Perhaps TOR should instead recode their system such that relays and exit nodes CAN'T determine destinations. If there's no way to do that, they should just say so, declare there's no real way to be anonymous on the Internet, and drop the project.

            1. Graham Dawson Silver badge

              Re: Self-important little pricks

              There's a huge gap between a TOR node knowing what .onion has been requested and lacking anonymity. The node doesn't know who requested it, just that it was requested by a previous node.

              There wouldn't be much use in a router if it couldn't route traffic.

            2. Anonymous Coward
              Anonymous Coward

              Re: Self-important little pricks

              > Not from most people's experience. Kind words tend to be met with fingers

              Thankfully I appear to live in a different social environment than yours.

              1. Anonymous Coward
                Anonymous Coward

                Re: Self-important little pricks

                Problem is, yours is probably in the minority.

    2. Anonymous Coward
      Anonymous Coward

      Re: Self-important little pricks

      > In other words, Tor's ethical guidelines don't apply to them.

      Unless I missed something, he is quoted as saying "the research will continue". He makes no mention of by which methods they intend to do that nor of their conformance or otherwise to any policies, guidelines, or ethical principles.

      Putting words in someone else's mouth is not cool, especially when hiding behind a (thin) veil of anonymity half a world away.

      1. Androgynous Cow Herd

        Re: Self-important little pricks

        Oh crap...the needle just fell off my irony meter

  3. This post has been deleted by its author

  4. Roopee
    Pirate

    Legal vs Ethical

    In the big boys' playground, legal/ethical is irrelevant; who can shut down who is what matters, as ably shown by the Tor Project. It's the law and ethics of the jungle/world. Ask the CIA or Putin or the Mafia whose laws or ethics they care about...

  5. Tubz
    Big Brother

    Which 3 letter US agency is funding the research ?

  6. ZanzibarRastapopulous

    Tor and Ethics

    LoL

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020