undefined | Better HN

0 pointsnonrandomstring4y ago0 comments

> I'm not clear from the article how having an onion address helps website operators who receive abusive traffic through Tor.

No, it's not clear. Also "abusive traffic" is vague. Are you mainly concerned with shitposters, trolls, DOS attacks?

> What am I missing?

Maybe you're not missing it, but essentially it's a behavioural/social rather than technical challenge. Most abusers, ones that technical changes can address, operate at scale over HTTP/S and use Tor simply as a free VPN via regular exit nodes to hide their IP. The author calls this the "Wheat/chaff problem". Viewed this way, it's easiest for a site owner to just block all of Tor and kill all legitimate users too.

Most of those bulk abusers cannot be bothered to deal with marginal cases like using an overlay network with .onion addresses whereas those who _need_ Tor are highly motivated.

Other kinds of abusers, like persistent troll posters, are better dealt with by other means even if you're using HTTP/S.

0 comments

3 comments · 1 top-level

mst4y ago· 2 in thread

Back when I was staff on (pre-madness) freenode providing an onion address was pretty much the only way we could afford to support tor at all given the moderation resources available.

Smaller networks often (usually regretfully) end up blocking tor entirely if they don't have the capacity to set up such infrastructure.

tempestn4y ago

So you'd offer an onion address, but then block Tor traffic that didn't use it?

mst4y ago

That's how we did it and so far as I'm aware is the most common answer to "How do we keep Tor while keeping the abuse mitigation efforts required within the resources available?" for services in general.

j / k navigate · click thread line to collapse