Comcast Is Threatening To Cut Off Customers Who Use Tor, The Web Browser For Criminals

Discussion in 'privacy general' started by zmechys, Sep 15, 2014.

  1. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    471
    Location:
    usa
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    This has come up on tor-talk. What follows is a rehash of my comments on the thread.

    I suspect that this Comcast situation has been triggered by the hidden service PinkMeth. It's a revenge-porn site with a heavy emphasis on doxxing victims. One of the recent victims is a Penn State student. From the comments on her PinkMeth page, it appears that virtually everyone associated with her and her family has been deluged with abuse. That includes many clients of her family's engineering business, which were identified via LinkedIn. Also, some of the abusers have reportedly emphasized PinkMeth's supposed invulnerability as a Tor hidden service, and also their own supposed invulnerability as Tor users.

    Given that, it is plausible that a vendetta against Tor is developing at Comcast, which is a family-owned business in Pittsburgh, PA. But there is as yet no evidence whether its just a few rogue employees in support, who may know the victim personally, or whether it could become company policy. It's even possible that Comcast is one of the clients, and that its management received abusive messages about the victim.

    However, even in the worst case, Comcast would be less of a threat to its Tor users than the Great Firewall is to Chinese Tor users. There are no laws in the US against using Tor. And users can just connect to the Tor network through obfuscated bridges.

    Users could also use a VPN service to hide all Internet use from Comcast, and connect to the Tor network (perhaps via obfuscated bridges) through the VPN tunnel. In this case, a non-US VPN service would arguably represent less of a threat than Comcast does.

    In Tor's design document, there's this:
    https://svn.torproject.org/svn/projects/design-paper/tor-design.html

    I consider PinkMeth to be far worse, and far worse for Tor's public image, than anything I've seen before. It dehumanizes and exploits the women, of course. But it also corrupts and perverts its users, and puts them at risk, by encouraging libelous actions. While some onion sites are far more vile and depraved than PinkMeth at its worst, their potential audience is very small. PinkMeth, on the other hand, has potential to become one of the top onion sites.

    I would be thrilled if the site were taken down. I've been tempted to organize a team to do so using well-known malicious-relay attacks on hidden services. But that would be pointless, because mirrors would immediately appear. More importantly, it seems to me that any perception that the Tor community had attacked PinkMeth would also harm Tor's public image. That job must be left to police and private investigators.
     
  3. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Yet Comcast has such a large user base they can't possibly be trying to shut down every user using Tor. But if this was some sort of pseudo sting operation, would they really be as nonchalant to ask "So hey, what uh, what are you hiding from us anyway? :) " And how would they be targeting these users? Just from hitting the Tor download site?


    Not that I would put any of this beyond Comcast though.

    edit

    I don't know. I would more put it more on Comcast being Comcast (the SOPA supporting company) than some inside "this rich family knows this victim" or the like short of inside politics.

    Sadly, of all the many shady things that exist on .onion sites, PinkMeth would be odd for it to be the only cause.
     
    Last edited: Sep 15, 2014
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    All entry guard IPs are listed in Tor's public relay database. Unless Tor users are connecting through unpublished bridges (typically with protocol obfuscation) it's easy to identify them based on the Tor entry guards that they're connecting to. Comcast could easily identify all Tor users on its networks.
    Indeed.
    Yes, there are many other nasty (far nastier, for sure) .onion sites. But PinkMeth has a much larger audience. And, perhaps more importantly, the site culture encourages real world action, harassing victims and their families, friends, employers, and so on. That will be getting it a lot more attention than your typical CP site. Maybe even more than Silk Road.
     
    Last edited: Sep 15, 2014
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
  6. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594

    That is a reassuring letter. I personally hide TOR use from my ISP. Many here would argue or question why. As mentioned above in this thread TOR gets tagged with such a bad rep. I simply avoid disclosing its use as a safety precaution. MY .02
     
  7. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    https://www.eff.org/deeplinks/2014/...rackdown-users-should-continue-report-any-non
     
  8. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,096
  9. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Defending Tor: The Battle for the Dark Net
    https://www.youtube.com/watch?v=SzpG7nsNt28

    Check it out. It's short, so I'm thinking it might be just a trailer for a more in depth documentary. Maybe not.
     
Loading...