Jump to content
Not connected, Your IP: 35.171.146.141
itsmeprivately

Is running a TOR exit node (TOR over VPN) discouraged?

Recommended Posts

I would like to help the TOR community by running a TOR exit node over VPN.

 

I have, however, read some comments in other forums that discourage doing this from one's home computer, since the node can be abused for crime.

 

If I understand this correctly, then "consequences" of any abuse would first reach AirVPN, since this is the IP which the world sees for connections coming out of the node.

 

So, how does AirVPN think about this? Are AirVPN users discouraged to run TOR exit nodes, are they encouraged, or is it all the same to AirVPN?

 

Thanks for any info about this topic.

Share this post


Link to post

Hello,

 

we don't see any point in our Terms of Service which would forbid that. If there's some problem, you will soon (2-3 days) receive an opinion from our legal advisors, please hold on.

 

Kind regards

Share this post


Link to post

One regional Dutch police woman told us that they know how to check if it's a Tor exit IP, but sometimes they do the raid anyway "to discourage people from helping Tor." I later told that statement to one of the national police, and he was shocked, said that was illegal, and said he'd look into it.

 

https://blog.torproject.org/blog/trip-report-tor-trainings-dutch-and-belgian-police

 

 

Tor exit node raids are illegal in the Netherlands and probably in other countries too if challenged in court. They are nothing more than an intimidation tactic used by LEA to discourage the growth of the Tor network.

Share this post


Link to post

For clarification, please correct me if I'm wrong....

 

The way I understand it is as follows: If I run a TOR exit node (over VPN), then other TOR users can connect to the internet through my computer. Because I am myself connected to AirVPN, this means that this internet activity first tunnels through the AirVPN servers, and then to the outside world.

 

So, if there are any abuses of my node (cyber-attacks, bomb threats, child pornography, etc.), the outside world would see them coming from the AirVPN IP, and AirVPN would see them as coming from my computer. If I understand this correctly, such exit node traffic would not be sent from my PC as a TOR packet (even though the request for it originates from TOR), but leaves my PC toward the AirVPN server in the exact same way as my own personal traffic does. That's why it is called an *EXIT* node.

 

If there was indeed any abuse through my TOR exit node, it could happen that I have already disconnected (or renewed) my AirVPN session before the abuse is reported/discovered. In this case, I think everything would be fine for me, since AirVPN does not log, and is not required to do so. So AirVPN would not know which PC/customer the abuse came from. In this case, the question if this was my *personal* traffic or traffic from the TOR exit node would be irrelevant.

 

But suppose that I am still connected to AirVPN while running the node, and suppose there is a notification of any abuse from the outside (or a raid on an AirVPN server because of the abuse) while I am still connected. In this case, does AirVPN have a way to determine that the abusive traffic is not my *personal* traffic, i.e., can they see that this traffic originates from a TOR exit node on my PC? I believe that AirVPN can generally detect that I am running TOR from the packets that my PC sends/receives, but can they detect that I am running an exit node, and can they distinguish any traffic leaving my computer through the TOR exit node from my own personal traffic?

 

It would be good for me if AirVPN could distinguish this (but I doubt that they can), because then, AirVPN could just reply to any authorities that this was a TOR exit traffic, and that raids on TOR exit nodes are illegal (or something like that).

 

But if AirVPN canNOT distinguish this, then AirVPN might think that the abusive traffic (some types of which may NOT comply with their terms of service) comes from me personally, and this would probably bring me into trouble with AirVPN (which I don't want because I highly appreciate their service). And of course this could also bring me personally into trouble with authorities, if AirVPN cooperates with them regarding the abusive traffic (for example, if the abuse violates the AirVPN terms of service).

 

So, the big question is: If I run a TOR exit node (over VPN) and if there is abuse from TOR-users through the node, what happens....

 

1) ... in case I am still connected to AirVPN while AirVPN is notified of the abuse (or raided)

2) ... in case I am not connected anymore to AirVPN while AirVPN is notified of the abuse (or raided)

 

Naturally, I am most interested what happens TO ME in both of these cases, since I want to help the TOR community, but not go to jail (or have my home raided) because of some criminal idiots abusing my node.

 

I might be paranoid, but from what I read on other forums, if someone runs a TOR exit node for extended times (months, years), then some abuse is invariably bound to happen. If it is serious abuse (cyber attacks, child pornography, bomb threat, botnet control, etc.) it's good to know beforehand what the legal situation would be in this case.

Share this post


Link to post

Since there is no lawyer that seems concerned, I assume it is ok with AirVPN to run a TOR exit node.

 

Nevertheless, I would be grateful to know what would happen to me if such an exit node is used for serious crime (that may violate AirVPN TOS). Please see me post directly above for examples.

 

If the answer is: "Then this is your problem, since it cannot be determined if the traffic originated from you personally (as opposed from somebody else through the TOR Exit node", then there is no point in running an exit node. Which would be sad, because generally it would be helping freedom of speech.

Share this post


Link to post

Hello,

 

probably it's true that "balls of steel are needed to run a TOR exit-node". You must be ready to take into account necessity of legal fights and potential, serious annoyances if you really wish to help TOR with an exit-node.

 

The following links show some of the bad things that happened to TOR exit-node operators (essentially due to "authorities" lack of understanding of how TOR works and general incompetence):

 

https://lists.torproject.org/pipermail/tor-talk/2009-September/019511.html

http://www.techdirt.com/articles/20121130/07495221185/tor-exit-node-operator-charged-with-distributing-child-porn.shtml

 

etc.

 

On the other hand, we have never seen a telecom operator general manager charged with similar accusations, when "abuses" and "infringements" probably occur much more frequently on any telco network than on the whole TOR infrastructure.

 

That said, please read the Tor Project recommendations to run a TOR exit-node:

 

https://blog.torproject.org/running-exit-node

 

Kind regards

Share this post


Link to post

Thank you for the reply and the links!

 

Interestingly, these were some of the very same articles that I had researched earlier. In fact, reading those initially started my worries about running a TOR exit node.

 

For now, I'll just run a pass-through node to help the TOR community.

 

In case I decide to run an exit node at a later time, at least I'm happy that AirVPN does not forbid that by their TOS.

 

However, in this case I might dedicate a specific machine for the exit node, and tape a big "TOR EXIT NODE" on it, so that any overzealous authorities whose wrath I might incur know what PC to seize (and realize that there is absolutely nothing on it except the TOR program).

 

Most "infringements" would probably be bogus copyright claims anyway (and these, AirVPN would probably block by being non-cooperative), but a TOR exit node has the potential to be abused for more serious offences, as your links show...

 

Anyway, thanks again, and cheers!

Share this post


Link to post

I would also like to urge people not to run exit nodes through Air, at least not without coordinating with staff first. Running a Tor exit means that your (exit-)IP will be listed as such, and many sites use lists like that to decide what addresses to block.

 

If Air's servers end up on block lists, that would make the service significantly less useful to me - and more importantly, Air is the only VPN service I know of that can give Tor users a "normal" non-Tor exit IP (using VPN-over-Tor). If someone gets Air on the exit node block list then all of that goes away, and that would be a huge disservice to the Tor community.

 

I would even go so far as to say that running exit nodes should probably not be allowed at all, since doing so will affect other users of the service adversely. But that is of course up to Air.

Share this post


Link to post

The VPN should never be used for that kind of stuff. There are thousands of websites that block TOR exit nodes. I got blocked out of my IRC just a day ago because of that.

Share this post


Link to post

The VPN should never be used for that kind of stuff. There are thousands of websites that block TOR exit nodes. I got blocked out of my IRC just a day ago because of that.

 

I too don't like to see you running a TOR exit node. You will be responsible for certain IP blocks; in the end you make the whole community "suffer". Try to avoid this.


» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post

Agree. Sad as it may be, no Tor exit nodes please. I would rather donate money to orgs, so they can purchase more hardware to run Tor, and they have the experience to fight when challenged.

Share this post


Link to post

Yes, Mr. bubblebutt, don't listen to those who have been using AirVPN for at least some months - who know what's going on.
Troller inbound!

 

(Why is the username gone?)


» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post

Running a Tor exit node off of an AirVPN server would be a bad idea. Not because it will directly cause harm to you, but it may cause the AirVPN IP you are running the Tor node off of to be blocked on certain websites that block Tor exit nodes. Then, other users will also be blocked when they try to visit those websites.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...