cross-posted from: https://links.hackliberty.org/post/285435
When a private sector company blocks Tor, I simply boycott. No private entity is so important that I cannot live well enough without them. But when a public service blocks Tor, thatâs a problem because we are increasingly forced to use the online services of the public sector who have gone down the path of assuming offline people do not exist.
They simply block Tor without discussion. Itâs not even clear who at what level makes these decisions⌠could even be an IT admin at the bottom of the org chart. They donât even say theyâre blocking Tor. They donât even give Tor users a block message that admits that they block Tor. They donât disclose in their privacy policies that they exclude Tor.
Just a 403 error. Thatâs all we get. As if it needs no justification. Why is the Tor community so readily willing to play the pushover? Even the Tor project itself will not stand up for their own supporters.
The lack of justification is damaging because it essentially sends the message: âyou Tor-using privacy seekers are such scum we donât even have to explain why you are outcast. We donât even have to ask permission to exclude you from participating in societyâ This reinforces the myth that Tor users are criminals and encourages non-criminal Tor users to abandon Tor, thus shrinking the Tor userbase. The civilized world has evolved to a point of realizing the injustice of #collectivePunishment. At best this is a case of punishing many because of a few. I say âat bestâ because Iâm skeptical that a bad actor provokes the arbitrary denial of service.
When the question is publicly asked âwhy did service X start blocking Torâ answers always come as speculation from people who donât really know, who say they were probably attacked.
Youâre speaking to the choir here, I even donate to the Tor project and think itâs an essential human right. Iâm just offering a sys admin perspective. For them, itâs an easy one click option to block a lot of malicious connections. If their job is to protect a network, it makes sense.
The problem with their job is not being defined as protecting the network while at the same time ensuring availability to legit users. When the naĂŻve sys admin excludes legit users, thereâs no push back. No one protesting. Most people are incompetent and itâs normal for sys admins to be reckless in their blocking. The problem lack of counter actions. EFFâs silence & inaction is deafening. EFF & Tor Project are extremely close, yet EFF makes no mention of Cloudflare when CF should be at the center of EFFâs criticism. Tor Project pulled back on Cloudflare criticism after Jacob Appelbaum left. TP has deleted many of their anti-cloudflare essays & resources. CF is the most absolute nemesis to TP yet TP has neutered themselves.
