Attn: admins – Comments & questions about user privacy, free speech and Tor

[Azarius]

Thank you for that enlightening reply, all my questions have been answered, and none in a way that didn't correspond to my expectations. I would suggest you make available a privacy policy or something similar somewhere more obvious than this thread, as I believe those are rather important informations.

I'm looking forward to having the possibility to access Rizon via a Tor hidden service in the future. At the moment, I don't think any of the activities I plan to use Rizon for are critical or risky enough to warrant measures such as a VPS to insure privacy. My concern was essentially "philosophical". Consider me satisfied.

[Reikoku]

I honestly believe that allowing tor support is absolutely necessary for Rizon to be congruent to a free and open society. Yes, with tor comes some potential for abuse, but it's easier to manage this on a per-channel basis than by just flatly banning an open proxy (which really just shifts would-be miscreants to other open proxies -- and you're fighting a losing battle if you think you can ban them all) and shutting down potentially mission-critical use cases.

Best case for a would-be victim of oppression is that they simply can't access Rizon. Worst case is that they get caught accessing Rizon and charged for political dissidence or any other charges which can be brought against people. This may seem like a far-fetched nightmare, but in some countries this is just a way of life.

The solution you proposed, whilst very thorough, implies far more work than is actually required. All that Rizon developers would need to do to allow tor access is to import a list of tor exit nodes IP (you already have this, or you couldn't ban tor) and to apply a hostmask to all users from those IPs. This way, channel operators could choose to ban the entire tor hostmask if required. This is really an hour or two maximum of work, I'm not sure how it's not infinitely more desirable than just banning tor.

If more help is required, just let me know. I've done similar on private IRCds before.

I will also offer a 5 Bitcoin (~$50) or $50 Liberty Reserve donation to the Rizon network upon implementation of tor support, and encourage others with similar opinions to do the same.

[djahandarie]

I honestly believe that allowing tor support is absolutely necessary for Rizon to be congruent to a free and open society. Yes, with tor comes some potential for abuse, but it's easier to manage this on a per-channel basis than by just flatly banning an open proxy (which really just shifts would-be miscreants to other open proxies -- and you're fighting a losing battle if you think you can ban them all) and shutting down potentially mission-critical use cases.

Best case for a would-be victim of oppression is that they simply can't access Rizon. Worst case is that they get caught accessing Rizon and charged for political dissidence or any other charges which can be brought against people. This may seem like a far-fetched nightmare, but in some countries this is just a way of life.

As I said earlier, I do think tor support is important, it's just not at the top of our list. A proper implementation is key to avoid abuse of the service.

The solution you proposed, whilst very thorough, implies far more work than is actually required. All that Rizon developers would need to do to allow tor access is to import a list of tor exit nodes IP (you already have this, or you couldn't ban tor) and to apply a hostmask to all users from those IPs. This way, channel operators could choose to ban the entire tor hostmask if required. This is really an hour or two maximum of work, I'm not sure how it's not infinitely more desirable than just banning tor.

Setting up a hidden service is not hard, and we can lock down the ircd to tor fairly easily that way, as opposed to regularly pulling an exit node list (which technically is not fully accurate) and doing automated configuration changes&rehashes. It's just not viable to do this moment with the development staff we have available.

If more help is required, just let me know. I've done similar on private IRCds before.

Feel free to send mink@rizon.net an email if you're interested in doing any sort of development for Rizon.

I will also offer a 5 Bitcoin (~$50) or $50 Liberty Reserve donation to the Rizon network upon implementation of tor support, and encourage others with similar opinions to do the same.

Appreciated of course, but Rizon already runs in the red thousands of dollars a month, donations don't really make much sense for our cost model. I'd recommend funneling that money to your favorite charity if we get the job done.

[Reikoku]

I will e-mail mink.

Can I ask how Rizon does fund its servers, if not through donations?

[djahandarie]

Can I ask how Rizon does fund its servers, if not through donations?

The server admins pay for the servers out of their own pockets. Sometimes, when we have a contact at the datacenter the server is located at, they allow larger ports with small bandwidth commits and similar, so we can avoid large recurring costs but still have a good setup.