A week ago i asked them about it, I told them about a situation or problem that we had in mind. DesdeLinux with certain users who, making use of the anonymity provided by the Tor network, could harm both us as administrators and the site and its content. The objective of the previous post was to know the opinion of you as readers, as users, also to look for an alternative that was not simply denying access to all Tor users, to see options, suggestions and ideas that you give us, so that the end result is as accommodating for everyone as possible.
The conclusion and temporary result (as it does not have to be final) we reached is something that many mentioned in the previous post: Allow full access to site content from any IP, regardless of whether Tor is used or not. Now, the thing does not end here. We deny uploading data from Tor IPs. In other words, and explained more simply, if someone uses Tor, they will not be able to comment on the site, they will not be able to login to the site.
As some may know, anonymity networks like Tor are frequently used for cracking attempts, for 'pranks', annoying, etc. By denying the upload of data (POST method) it can be said that we are "safe" from a large number of attacks, both offensive comments that only seek to annoy or worse, such as cracking attempts to the administration panel, etc.
I repeat, from any IP you can access our content, everyone can read the articles without any problem. Our articles, our tutorials, our content is free, it is not correct to deprive anyone of this information, closing access to knowledge is not our intention. It took me a few days to fine-tune the code to achieve this, but I hope it is well received.
Any doubt or question, complaint or suggestion is always welcome.
Greetings and thanks for understanding.
I agree with the decision.
Not Because They Use Tor They Are Crackers & Hackes Most Are People Who Only Mind Want To Maintain Their Anonymity & Leave No Trace Of Them That Is Not Illegal It Is The Right To Privacy. 😉
And nobody is taking away that right to privacy, they can enter the site without any problem, they simply will not be able to interact with other users.
How do you know that most use it just to leave no trace? Did you read the previous post and the reasons why this conclusion was reached? why you write like that?
Don't Feed the Troll, bro.
Surely it must be that same impostor who posed as Courage.
As well. I still don't use Tor to enter here, but I liked the staff proposal better.
same, I don't use TOR to navigate.
I think that way everyone will be happy.
First of all, the idea behind the Tor project is that people can post content on the internet without fear of being tracked. Limiting Tor to GET access is equivalent to disabling any practical use of it.
On the other hand, I do not understand why request the opinion of users on a certain policy, since once they are contrary, it is implemented with a small twist. This is part of a pattern that is repeated with surprising frequency on this blog.
We should see in the other post the% of users who said Yes and the% of users who said No. I think they were quite even.
On the other hand, nobody prevents you from creating content from Tor, this blog simply does not support it from this network. You have to see things a little more from the point of view of the blog administrators: our names are not behind the blog, yours are. Putting ourselves in the worst case scenario, because of comments like those made from TOR can close the blog, and that is something that none of us wants. In selfish terms, you let in who you want into your house. And that's what applies here. In my opinion, this blog gives many more freedoms than others, since anyone who wants to can create content. Even from the TOR network, nobody prevents you from sending an article to the editors for publication. I'm sure that if it meets a minimum, it will be published.
The day people are responsible and know what comments are appropriate for a free software blog, these measures will not be necessary. Meanwhile, it is a lesser evil for the benefit of the blog itself.
Don't get me wrong, I am in favor of freedom itself, but I believe that hiding behind the anonymity of the Internet to boycott a free software blog and / or harm its administrators is a 5-year-old attitude.
A greeting!
@You're here
The article says they came out in favor of allowing TOR.
It's obvious. And it was before all this discussion.
That was exposed at the time of consulting the users.
Nobody disputes it.
Right. However, we talk about a measure related to access to the web.
That should have been resolved at the time of consulting the users.
In sum. My point remains there: Limiting TOR to POST accesses is the same as disabling TOR, and considering that users spoke (so the article says) in favor of allowing TOR, it is obvious that there is a contradiction.
I clarify that I am neither in favor nor against the measure. I am not interested in elaborating on it, but on the forms.
Anyone can come to my house, but only those I trust enter. Thus, perhaps the postman is a good person, but the peddler turns out to be a disguised thief; so if I don't know their identities, I'm not going to risk having my house torn down. Unfortunately, one always opts for the lesser evil. I don't know if the analogy is understood. Best regards.
Unless you live in Iran, North Korea or some other Arab country, there is no reason to enter with tor, unless you want to go trolling, which is more normal.
@Ankh:
The idea behind TOR is to protect the user, give him anonymity but there are a couple of weaknesses, like everything. The idea of the knife was to be able to chop food better and you see, millions of murders with this tool.
I do not think that DesdeLinux It is precisely one of the sites where it is necessary to use TOR, what's more, many users who want privacy hand over their data to Facebook and Google and do not protest.
I say it openly and publicly: DesdeLinux It does not offer its users' data to anyone, therefore, it is not necessary to use TOR here. Anyone who tells me that they use it because they can't from work, I give them 3 solutions: Webproxys, VPN, SSH. Choose the one you want.
Where have I seen comments like this? Ah yes, in this same blog, and many times from users who like pigeons, like to receive food but do not contribute anything.
As Tesla says, we are the ones who lose, the ones who run the risk of losing a project that has cost us so much work, and although I am not going to your house to say what you have to do, please do not come to the ours, which has always had the doors open, which does not mean that we let in anyone who only wants to disturb.
+ 1!
Hi Gaara.
It seems to me that this decision is appropriate. Those who use TOR to protect their identity on the network are aware that their data is at risk due to companies and hackers who traffic in said information. On the other hand, in the context of free software and in Desde LinuxI wonder, who of the administrators is going to undertake this task of stealing data from site visitors?
With this decision, the free expression of readers is not being restricted. But these in turn must also be aware that this space is for the discussion of issues related to software, not politics. Those who make the comments about the country where the administrators live are obviously malicious people such as hackers who are dedicated to damaging many people's WordPress.org websites.
I hope that with this action you will prevent further attempts to damage the reputation of Desde Linux through comments out of context. Greetings.
Will they be able to share how they filter access from tor? I am interested in the technical part of sysadmin, thanks!
With great pleasure. In the next few days I will leave a post on how to do something like this for Nginx (which is what we use in DesdeLinux), and maybe for Apache too.
regards
Thank you very much!
I was going to join the same request, although I do not know if it could serve me. In my case it is for a website that I am building from scratch in PHP, and an extra security would not hurt.
On the other hand, the existence of users who force them to make this type of decision only means one thing, that the blog is very successful and that there is a lot of envy out there.
I comment little, but I read you from the feed, so I am aware of everything. Greetings and continue forward 🙂
It seems like a very good idea to me and I think it can be interpreted as a definitive solution: D.
Good! Something had to be done on the subject ...
I think we made the best decision.
Hug! Paul.
Look at the wonders of anonymity ¬_¬
http://www.fayerwayer.com/2013/11/crean-primer-sitio-de-asesinatos-politicos-por-crowdfunding/
I read the news and I am perplexed… anyway, I can't help but think of certain personalities 😀…. just kidding ^ _ ^
For the haters of Ubuntu, Shuttleworth, and Canonical, here's your chance to get rid of the Ubuntu ringleader (although I don't think they will do so from a sheepish source).
So according to your perspective, when there is a traffic accident we must blame those who use the car !!!
Everything was unfortunately created for an end if you want "good", but humans as always use it for "evil".
I fully understand your situation, the only thing I want is to make you realize how inappropriate your comment is against the possibility of using anonymity on the Internet, a possibility to which we all have rights.
Generally (and notice I say generally), when a car accident occurs, yes, it is the fault of some of those who used the car. The fault is not with the car, but with who uses it in the wrong way.
The same goes for Tor, their aim will be very liberating and all that, but they use it for other intentions. I repeat again:
DesdeLinux does not use its users' data for ANYTHING. Neither the data of registered users, nor those NOT registered... That is why I ask: What is the need to use TOR to access a blog that deals with Free Software?
If someone can make me understand that it is necessary to use TOR to access DesdeLinux, I will be the first to raise it with the Administrators team.
@elav you don't use that data but what would happen if DesdeLinux out somehow hacked?
Just one question that came to mind.
Mmm... well, the same thing would happen that has happened when large companies or services have been hacked. But, only registered users would be vulnerable in a certain way, since they access using username:password. Most of the readers or commentators of DesdeLinux They are not registered on the blog. 😉
@elav I agree with you on everything. In fact, the solution you have taken seems good to me, especially when you have counted on the readers even though you are the owners of the site. I take off my hat for your concern and your effort.
It is true that the Tor network is used with very bad intentions and that can affect you. I think that you are the first and you should not take risks to write a blog. However, I think there is one thing that escapes you. Assuming that someone will not need to use the TOR network to access a free software site (or any other topic) is a mistake. I don't think anyone is able to guess what the conditions and context of a user are going to be (country, job, environment, etc).
It is true that it is an extreme case but I wanted to clarify it. It seems to me that you are taking the subject with great detail and spinning very fine and it seemed appropriate to say it.
I repeat, I think it's very good what you have done and continue to do. I just wanted to give another point of view.
The really important thing is not the tool, it is who is going to use it and how to know how to handle it.
I see that until now, they have not understood any of that.
Unfortunate comment.
This has nothing to do with anonymity.
The paid murder (the real one, not the almost joke like what that scam site proposes) has existed since before money was invented.
Perhaps because of the geographical situation it has not touched you, but at least in my country, on any page that deals with local politics, you read comments from people fed up with their situation, who propose (some more seriously others more jokingly) things like those on that page, they don't care if they do it through TOR or directly with their Facebook account, wonders of freedom of expression ...
It is true, it has nothing to do with anonymity, but they use TOR and others to be able to say anonymously what they are afraid to say up front. 😉
Like the internet, it will have to be banned. XD
That is no excuse ... that anonymity is used for that does not mean that everyone uses it that way.
It is not the best option that they have taken, whether they want to or are not censoring.
Well tH0r, unfortunately that's what it is. We will not lose DesdeLinux.net by 1 idiot who just wants to bother. And it's not an excuse, it's pure reality.
I do not know, but nowadays it is fashionable to do very restrictive things = p), instead of preventing eg cameras to spy on citizens with the excuse of dealing with thefts, clearly it is not a preventive action but an intrusive and restriction, but I understand that it is more difficult to prevent.
But in this way we get further and further out of the way. Wanting to be anonymous does not mean that there is a desire to set up a drug trafficking network or hit men or whatever, more than anything I mean that by saying that it is an excuse.
As for censoring Tor users and well what is going to be done, the day they destroy the internet we make a new one !!!
\OR/
Good argument on the subject of cameras, but let's look at two simple examples.
One goes down the street and says: They are watching me, they are not respecting my privacy, take them away now! And well, let's say they remove them. Then another day, on that same street, they rob you (or a relative), they assault you, or worse, and that's when we say: If there were cameras this would not happen: at least there would be proof of what happened..
That's when we enter into the dilemma: Cameras to spy or cameras to protect? It just depends on how you use it.
@Elav
"If there were cameras this would not happen, ..."
This is a false argument ...
"At least there would be proof of what happened .."
This, despite being true, is not necessarily relevant, since the assailant's testimony is itself evidence of what happened.
The problem with this logic is that we have to remember that there is also the possibility of someone entering our house and attacking us while we are bathing or sleeping, so we should let the police put cameras in our bathrooms and bedrooms.
I really freak out with some commentators.
It turns out that in DesdeLinux, where we had never censored any comments before, where The Community is invited to publish articles, now we are bad for wanting to take care of our blog, for wanting there to be control.
I do not understand what they complain about .. Can they have anonymity in other blogs that use Disqus or comment systems that involve authentication?
Ah no, but it is easier to come to disturb where we receive them with open arms. No?
Well you know what?
1- I will not approve any offensive comment, neither to a user, nor to an article, nor to an editor, as some of this type are arriving on a recurring basis.
2- I will not approve comments from users who use as email sdsfaaee@aol.com.
And I'm saying it from my position. I'm not speaking for KZKG ^ Gaara, nor for Pablo. I am not going to allow, under any circumstances, that everything that we have fought so hard for is ruined by some people who don't care about our effort and just want to annoy and troll.
This is a site where free, open information is offered, to be shared among all and for everyone to know. There is nothing to hide here.
Right.
I can barely make a joke with my other email using my real name in a humorous way, but I'm not going to make such a fuss over a mere comment spilled to cause annoyance.
the truth is that Disqus doesn't even come close to what the WordPress Jetpack can offer you. It's simply not as versatile as the WordPress Jetpack.
They are within their rights, and I understand them, I just think that moderating the comments was enough, without blocking tor users (from my point of view, I don't know everything they will open to avoid reaching this situation).
If they get so upset by the comments then why open them up for debate? They asked for the opinion of the community and there you have it, we are simply raising our point of view. I think the opinions expressed in this post are for the good, and whoever does it for the bad, then moderate it.
regards
Hello Malayat,
The point is that once a user comment is approved, they can continue to post without moderation. Luckily or unfortunately, we have a life, a job and we can only access the internet normally between weeks. You can imagine that we do not always have time to be aware of what everyone publishes. 😉
If it's complicated, then if I can't propose something better I'll shut up, but no way, hopefully soon a mechanism can be implemented that takes gandals offline without blocking tor users.
regards
+1 ad infinitum to your decisions.
@elav and @KZ do it at the digital Thermopylae !!! : D: D
I applaud people judiciously.
Now it turns out that you can only give your opinion freely if you access it with tor. From what I understand, reading is not prevented, only writing is limited. I was horrified at such a loss ...
Sometimes I wonder how we are able to get caught up in Byzantine discussions to achieve miserable Pyrrhic victories. And another round of topics at the expense of freedom ...
Not exactly, freedom is access with tor, without tor, desde Linux, Mac, windows, safari, Firefox, chrome, midori, etc... really whatever you want, and if it is a great loss not to be able to comment due to this blockage, unfortunately that is how it has been decided, hopefully until another solution is found, and yes that is how we are , beings of debate and discussions, especially issues, political, libertarian, religious, etc., as long as they are discussed without offending or trolling because I think they are fine.
regards
Sounds good to me. It is one thing to have Tor to safeguard the freedoms that are being cut from us and another to have it to make the canelo.
Despite having almost no free time, I couldn't help but read this, and ... hahahahahahaha
I remember that at first I asked elav about the rules, but he said no, it was going to be a different place.
If it is, and that is what the trolls take advantage of, if I owned the blog, I would remove total access to whoever uses Thor, if they get upset, to cry somewhere else, it's my house, period.
I know, they are going to cry (or maybe not) for my comment, but at the end of the month only that, crying.