tl;dr - there are few exit nodes & they get used for some badness, but the legitimate usage over Tor is proportionate to the rest of the Net
This slide from Akamai is the smoking gun regarding the actual legitimacy of traffic from Tor:pic.twitter.com/Bn2zGypXfW
-
-
-
No, that's not what that charts says at all. That just shows that people use Tor for the same kind of attacks as non-Tor.
-
Tor is awesome, but denying it's being used for bad stuff more than non-Tor traffic isn't helpful at all to make it work better
-
(I'm not implying you're denying that, but there's a Pavlov response from many Tor users when someone points out the stats.)
-
I definitely agree re: the Pavlov response, have seen it "up close" so to speak. :-)
-
It's a tautology to say "Legitimate Tor Use Is Legitimate" but that's what I'm left with, and also the observation that:
-
…when N(legitUsersOverTor) is large, it's good to make some affordance for them. Because large number of legit users. :-)
- 1 more reply
New conversation -
-
-
Where can I get the full slide deck?
-
I got it from a tweet by
@jschauma - see further along in the thread. End of conversation
New conversation -
-
-
In other words, blocking Tor users from seeing your site is more than 98% ineffective as a security strategy.
@AlecMuffett@matthew_d_green - 1 more reply
New conversation -
-
-
@dotMudge we debated blocking Tor but after some internal analysis found a non trivial amount of legit trafficThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@matthew_d_green I’m as willing as anyone to give Tor shit, but this is not how one stats - 1 more reply
New conversation -
-
-
I'd expect this from network request aggregators like Tor exit nodes. Same number of bad actors compressed to fewer IPs.
-
kinda like saying "we trace more bad traffic to the freeway off-ramps".
End of conversation
New conversation -
-
-
@dotMudge I actually went on the record defending Tor traffichttps://www.deepdotweb.com/2016/04/15/cloudflare-says-94-tor-requests-malicious/ …Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@durumcrustulum I.e., most Tor malicious traffic isn’t very malicious.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
A 1.24% malicious req rate much more in line with observed 0.4% pillz spam + sql inject rate
@AlecMuffett@dotMudge cc@martijn_grooten -
I don't see 1.24% in that slide.
-
I typoed a 4 for a 6. Of malicious requests, Tor nodes accounted for 1.26%
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.