[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] Fox News bans my Tor Browser



"Joe Btfsplk" wrote:

>But what I find happens - more than a few times, when a 
>site doesn't like an Tor exit (it's IP, or it's location), using New 
>Identity often selects another circuit *very* similar to the
previous; 

Yes, Tor attempts to reuse known good exits from the past hour.
>It's because they 
>block specific countries, IPs - or ranges of them.  Torbutton "New 
>Identity" doesn't handle this very well, - from the aspect - of
getting 
>you connected to a site that blocked exits from specific countries.
>I'm not sure of a better solution for this.

Not entirely handled badly. A failure (on a clean circuit) to connect
to a site because the exit is blocked should trigger closing the
circuit and reattempt connection on a new clean circuit. A potential
solution might be to explicitly attempt a country disjoint from (say)
the previous 2 failures for a site. That or explicitly exclude the
country associated with the past 2 failures for a site.

>Just one example:  Say,  https://ixquick.com/ (or Startpage),
requires a 
>captcha.  Getting a new identity *often* doesn't remove the captcha 
>requirement - but sometimes does.
>I started looking at possible reasons why.

This is tricky. A site which asks for a captcha hasn't failed to
connect. Detecting and evading arbitrary captcha would likely compound
the problem by making the site block more exits. You and the entire
Tor network might be better off just to answer the captcha. That's
what I try to do anyway. Just saying.

>I notice the same thing using  "New Identity" button (while observing

>countries, relay names, IPs, etc. of the old & New Identity).
>Repeatedly getting a New Identity often doesn't fix the blocking or 
>presenting captchas.  On many sites.  I'm guessing it's often because

>the exit relay locations (countries) and / or IPa ranges, etc., are
too 
>close to the last one.

>Often, if I Torbutton  new identities enough times in a row, that 
>through ? luck of the draw?,  the exit relay geo-location and / or
IPa 
>range changes significantly, the sites then work fine.

A possible cause is that Tor only considers building a new circuit if 
30s have past since the last new identity. So if you click new
identity a  few times in a row nothing may happen. Another factor is
that if a  clean circuit exists Tor may ignore the request to build a
new one until  (up to) 10m have past or the existing circuits become
dirty.

>Five successive, 
>new identities - all w/ exits in "XYZ-stan(s)" countries may never
allow 
>access to a site.  Then work  immediately on getting an exit in
Germany, 

Detecting geolocation based blocks might be addressed by looking at
the location (suffix, registration, ip) of the site itself or the
language.

>Reading those command descriptions, sounds like they're useful mainly
if 
>you "must" access a site w/ Tor, but don't care so much about
anonymity?

If a site wants to track you they'll figure out a way. Even if you use
different exits, new identities. Those options just provide a way to
access sites that might block your access if your exit changes during
use. You're right about risks though. The exit could be malicious. A
site could provide you an address including dot notation to select
your exit.

-- leeroy
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk