"Permanent" ban

Why?

It looks like you are connecting to the board via Tor. One of the Tor endpoints must have been used to spam this board in the past, and we banned its IP address as a result.

You are likely to find that access here via Tor (or any other anonymous proxy service) becomes steadily worse over time, as more spam comes in and more bans are issued.

EDIT: to clarify, nothing was done to your account - it’s purely a function of connecting from IP addresses that spammers also use.

I see. Indeed, I’m usually using a Tor gateway. Although I’m glad to hear it was not really related to me, maybe you could reconsider this policy? It obviously degrades the service/experience of regular users using such banning tactics and I doubt it will actually have a serious impact on spammers.

IP address bans are somewhat effective at stopping spam accounts, especially as we scale them up to cover subnets.

From our perspective, there’s no difference between a spammer using Tor and a spammer using a home internet connection. It’s not an anti-Tor policy, though if it were a simple matter to ban all Tor access, I would do it without hesitation.

Words fail me.

That is going to make it difficult to have a conversation about the policy.

Your reaction made it pretty clear that arguing against this policy is futile (as you would even like to extend it in the opposite direction). Like all my previous attempts to address accessibility issues here, this one is doomed.

You hate privacy?

I think bcressy is stricltly talking in terms of troublesome IP ranges, not privacy.

It’s an annoying problem. Tor is a useful privacy tool. But this is what makes it so appealing to spammers.

I don’t know how I would solve that problem without spending a lot of time on writing and modifying PHP code to do anti-spam heuristics.

I dislike Tor specifically, as I consider it a network for distributing child pornography that has somehow acquired a veneer of respectability. It’s often painted as a tool for aiding dissidents in repressive regimes, which is disingenuous and somewhat dangerous: any regime that can criminalize speech can just as easily criminalize Tor access.

A lot can change in nine years but in the early days it was understood that the overwhelming majority of content on Tor was CP.

Still, nice work jumping straight to the personal attack. I would say instead that my support for privacy stops short of any willingness to enable or extend the activities of pedophiles. I do not value my own privacy enough to use Tor. I wish there were better options for people who do. I am glad there are people who champion the ideals it claims to represent. I am comfortable not having my name on that list. If that’s equivalent to hating privacy in your eyes, so be it.

Yes, a spammer IP is a spammer IP. It’s not feasible to distinguish Tor spam from botnet spam. It is feasible to ban spammer IPs, and we do. It helps.

Just because Tor has been used to distribute child porn doesn’t mean that’s its only use. Bittorrent has been used for the same thing, and yet is also used by many reputable websites to distribute their perfectly legitimate and legal software. Heck, the British postal system has been used to distribute child porn but I think it’d be a bit extreme to swear off using it for that reason alone.

Wow. Just wow! At this point, I don’t really care anymore whether I’m banned or not. Being implicated to be close to the circles of child pornography traders does it. If this is the policy/opinion of the officials of this board, I will not be using it anymore.

Nothing I said was meant as a personal attack or a commentary on your use of Tor. I understand that privacy is very important to you and I respect that.

My opinion on Tor is only that: an opinion. It is not official policy. How I feel about Tor makes no difference.

I am sorry that banning spammer IP addresses has affected you. I am doubly sorry that my feelings on Tor have offended you. I understand that from your perspective it must look as though I am deliberately antagonizing you. That was not my intent and I hope we do not lose you as a consequence.

Huh. Never heard of the Tor/Child pr0n connnection. I always assumed people use Tor either because they just don’t like being tracked via cookies… or they are looking up illegal drug recipes. :smiley:

It was not meant as a personal attack, but as a semi-rhetorical question asking you to elucidate how you weigh privacy against other values. If it felt as an attack, I apologise; I should have written out my question in a more straightforward manner.

On the issue of privacy: in my opinion, people justify anti-privacy measures by appeals to child pornography far too easily. Such an argument is based on the premise that we should start by not trusting people, and perhaps give them the right to privacy if we think it cannot harm society; whereas, surely, we should start by trusting people and only invade their personal space when we have a reason to believe they might be engaging in criminal activities. (Also, it has always seemed to me that people downloading or watching child pornography is a relatively minor issue. The big issue are the people making it. This distinction is not carefully made in the discussions.) However, since there is no Tor-wide ban on the forum, perhaps this discussion doesn’t really belong here.

It makes a difference when you’re a moderator and you’re blocking people from accessing the forum because of that opinion.

Yes, but that is a hypothetical situation. (Given that the current IP ban is because of spamming, not because of Ben’s opinion about Tor.)

Back in the alpha days, it was not possible to use Tor without also running a node that routed traffic for others. Sort of like Skype.

It looks like there is a distinction between clients and servers these days, which probably explains why everyone else is more comfortable with it. It changes the equation if you are not required to act as a middleman.

I’ve slept over it and I don’t want to overreact. I understand that you’re thinking in different categories and from a different perspective here and I accept your apologies, bcressey. Just to give you some perspective on why your words struck a little too close to home: In 2009, there were very definite plans of my government to build up an Internet censorship infrastructure. The rationale the government gave was “battling child pornography”. Hundreds of thousands of people signed a petition against this bill, because it didn’t solve the problem itself, but rather tried hiding “unwanted” contents. And of course there were also already all sorts of plans to block many other things. Kind of similar to SOPA, PIPA and all, so no control of the measures by the judicative branch and so on and so forth…

I was also one of the signatories of the petiton which was worded very carefully. Amongst other things, it specifically demanded providers of child pornography to actually be persecuted (instead of just trying to hide their “product”) and shut down. That didn’t stop a minister of the federal gouvernment to make a public statement that he was shocked, appalled and disgusted that so many people would sign a petition in favour of child pornography. So suddenly, all these people were supporters of child pornography in the eyes of the country’s most popular politician as well as the right-winged press (who picked this up immedialtely, of course).

To say something on topic again, I simply believe you’re trying to tackle the problem on the wrong level. If you believe that you can stop spam (or at least keep it at bay) by banning accounts and IP ranges after the fact, I fear that you are fighting a losing battle. This board is registration only. So the point to tighten security is the registration of new users. Various ways, like having new users answer a couple of questions which are simple for human beings but hard for bots, have already been discussed. Likewise, it being possible to send posts of new users to a moderation queue first. Even Bayesian classification can work very well if trained effectively.

From the old discussions, I understand that due to lack of administrative access, it is hard or impossible to introduce such changes right now. But isn’t that (the absence of active administrators) rather a problem which needs to be solved anyways? With the current policy, the collateral damage will become quite severe at some point - because no matter whether it’s Tor-related or not, more and more people’s IP addresses will be caught in one of your filters eventually. To no fault of their own - that’s the nature of dynamic address allocation in IPv4.