Is running a TOR exit node (TOR over VPN) discouraged?

[itsmeprivately 14]

I would like to help the TOR community by running a TOR exit node over VPN.

 

I have, however, read some comments in other forums that discourage doing this from one's home computer, since the node can be abused for crime.

 

If I understand this correctly, then "consequences" of any abuse would first reach AirVPN, since this is the IP which the world sees for connections coming out of the node.

 

So, how does AirVPN think about this? Are AirVPN users discouraged to run TOR exit nodes, are they encouraged, or is it all the same to AirVPN?

 

Thanks for any info about this topic.

[Staff 9972]

Hello,

 

we don't see any point in our Terms of Service which would forbid that. If there's some problem, you will soon (2-3 days) receive an opinion from our legal advisors, please hold on.

 

Kind regards

[hashtag 151]

One regional Dutch police woman told us that they know how to check if it's a Tor exit IP, but sometimes they do the raid anyway "to discourage people from helping Tor." I later told that statement to one of the national police, and he was shocked, said that was illegal, and said he'd look into it.

 

https://blog.torproject.org/blog/trip-report-tor-trainings-dutch-and-belgian-police

 

 

Tor exit node raids are illegal in the Netherlands and probably in other countries too if challenged in court. They are nothing more than an intimidation tactic used by LEA to discourage the growth of the Tor network.

[itsmeprivately 14]

For clarification, please correct me if I'm wrong....

 

The way I understand it is as follows: If I run a TOR exit node (over VPN), then other TOR users can connect to the internet through my computer. Because I am myself connected to AirVPN, this means that this internet activity first tunnels through the AirVPN servers, and then to the outside world.

 

So, if there are any abuses of my node (cyber-attacks, bomb threats, child pornography, etc.), the outside world would see them coming from the AirVPN IP, and AirVPN would see them as coming from my computer. If I understand this correctly, such exit node traffic would not be sent from my PC as a TOR packet (even though the request for it originates from TOR), but leaves my PC toward the AirVPN server in the exact same way as my own personal traffic does. That's why it is called an *EXIT* node.

 

If there was indeed any abuse through my TOR exit node, it could happen that I have already disconnected (or renewed) my AirVPN session before the abuse is reported/discovered. In this case, I think everything would be fine for me, since AirVPN does not log, and is not required to do so. So AirVPN would not know which PC/customer the abuse came from. In this case, the question if this was my *personal* traffic or traffic from the TOR exit node would be irrelevant.

 

But suppose that I am still connected to AirVPN while running the node, and suppose there is a notification of any abuse from the outside (or a raid on an AirVPN server because of the abuse) while I am still connected. In this case, does AirVPN have a way to determine that the abusive traffic is not my *personal* traffic, i.e., can they see that this traffic originates from a TOR exit node on my PC? I believe that AirVPN can generally detect that I am running TOR from the packets that my PC sends/receives, but can they detect that I am running an exit node, and can they distinguish any traffic leaving my computer through the TOR exit node from my own personal traffic?

 

It would be good for me if AirVPN could distinguish this (but I doubt that they can), because then, AirVPN could just reply to any authorities that this was a TOR exit traffic, and that raids on TOR exit nodes are illegal (or something like that).

 

But if AirVPN canNOT distinguish this, then AirVPN might think that the abusive traffic (some types of which may NOT comply with their terms of service) comes from me personally, and this would probably bring me into trouble with AirVPN (which I don't want because I highly appreciate their service). And of course this could also bring me personally into trouble with authorities, if AirVPN cooperates with them regarding the abusive traffic (for example, if the abuse violates the AirVPN terms of service).

 

So, the big question is: If I run a TOR exit node (over VPN) and if there is abuse from TOR-users through the node, what happens....

 

1) ... in case I am still connected to AirVPN while AirVPN is notified of the abuse (or raided)

2) ... in case I am not connected anymore to AirVPN while AirVPN is notified of the abuse (or raided)

 

Naturally, I am most interested what happens TO ME in both of these cases, since I want to help the TOR community, but not go to jail (or have my home raided) because of some criminal idiots abusing my node.

 

I might be paranoid, but from what I read on other forums, if someone runs a TOR exit node for extended times (months, years), then some abuse is invariably bound to happen. If it is serious abuse (cyber attacks, child pornography, bomb threat, botnet control, etc.) it's good to know beforehand what the legal situation would be in this case.

[itsmeprivately 14]

Since there is no lawyer that seems concerned, I assume it is ok with AirVPN to run a TOR exit node.

 

Nevertheless, I would be grateful to know what would happen to me if such an exit node is used for serious crime (that may violate AirVPN TOS). Please see me post directly above for examples.

 

If the answer is: "Then this is your problem, since it cannot be determined if the traffic originated from you personally (as opposed from somebody else through the TOR Exit node", then there is no point in running an exit node. Which would be sad, because generally it would be helping freedom of speech.

[Staff 9972]

Hello,

 

probably it's true that "balls of steel are needed to run a TOR exit-node". You must be ready to take into account necessity of legal fights and potential, serious annoyances if you really wish to help TOR with an exit-node.

 

The following links show some of the bad things that happened to TOR exit-node operators (essentially due to "authorities" lack of understanding of how TOR works and general incompetence):

 

https://lists.torproject.org/pipermail/tor-talk/2009-September/019511.html

http://www.techdirt.com/articles/20121130/07495221185/tor-exit-node-operator-charged-with-distributing-child-porn.shtml

 

etc.

 

On the other hand, we have never seen a telecom operator general manager charged with similar accusations, when "abuses" and "infringements" probably occur much more frequently on any telco network than on the whole TOR infrastructure.

 

That said, please read the Tor Project recommendations to run a TOR exit-node:

 

https://blog.torproject.org/running-exit-node

 

Kind regards

[itsmeprivately 14]

Thank you for the reply and the links!

 

Interestingly, these were some of the very same articles that I had researched earlier. In fact, reading those initially started my worries about running a TOR exit node.

 

For now, I'll just run a pass-through node to help the TOR community.

 

In case I decide to run an exit node at a later time, at least I'm happy that AirVPN does not forbid that by their TOS.

 

However, in this case I might dedicate a specific machine for the exit node, and tape a big "TOR EXIT NODE" on it, so that any overzealous authorities whose wrath I might incur know what PC to seize (and realize that there is absolutely nothing on it except the TOR program).

 

Most "infringements" would probably be bogus copyright claims anyway (and these, AirVPN would probably block by being non-cooperative), but a TOR exit node has the potential to be abused for more serious offences, as your links show...

 

Anyway, thanks again, and cheers!

[InactiveUser 188]

There is one problem that was not mentioned yet:

Some sites do block Tor exits, and if we start putting Tor exits through AirVPN, these IPs will get blocked too. 

I think that is something to consider.

[mage1982 15]

I would also like to urge people not to run exit nodes through Air, at least not without coordinating with staff first. Running a Tor exit means that your (exit-)IP will be listed as such, and many sites use lists like that to decide what addresses to block.

 

If Air's servers end up on block lists, that would make the service significantly less useful to me - and more importantly, Air is the only VPN service I know of that can give Tor users a "normal" non-Tor exit IP (using VPN-over-Tor). If someone gets Air on the exit node block list then all of that goes away, and that would be a huge disservice to the Tor community.

 

I would even go so far as to say that running exit nodes should probably not be allowed at all, since doing so will affect other users of the service adversely. But that is of course up to Air.

[Kim1337 6]

The VPN should never be used for that kind of stuff. There are thousands of websites that block TOR exit nodes. I got blocked out of my IRC just a day ago because of that.

[OpenSourcerer 1435]

The VPN should never be used for that kind of stuff. There are thousands of websites that block TOR exit nodes. I got blocked out of my IRC just a day ago because of that.

 

I too don't like to see you running a TOR exit node. You will be responsible for certain IP blocks; in the end you make the whole community "suffer". Try to avoid this.

[6501166996442015 35]

As above, please don't run TOR exit nodes.

 

This will flag the entire server as a "Public proxy" and get more and more IP addresses banned.

[JamesDean 10]

Agree. Sad as it may be, no Tor exit nodes please. I would rather donate money to orgs, so they can purchase more hardware to run Tor, and they have the experience to fight when challenged.

[OpenSourcerer 1435]

Yes, Mr. bubblebutt, don't listen to those who have been using AirVPN for at least some months - who know what's going on.
Troller inbound!

 

(Why is the username gone?)

[User of AirVPN 46]

Running a Tor exit node off of an AirVPN server would be a bad idea. Not because it will directly cause harm to you, but it may cause the AirVPN IP you are running the Tor node off of to be blocked on certain websites that block Tor exit nodes. Then, other users will also be blocked when they try to visit those websites.