Title: Suggestion: Stop logging Tor Exit IPs Post by: nullius on January 08, 2020, 03:37:02 AM Evidently, I can travel at the speed of light! https://bitcointalk.org/myips.php tells me that within a quite short time span, that I have connected from:
Code: Tallinn, Estonia Seriously, I suggest that by default (and without an option), the forum should automatically discard Tor IPs before the information even hits the “User IP logs”—or if needed, log access as “Tor Exit” without an IP address and city:
It’s probably a relatively low priority for forum improvement; but if you anyway must exclude Tor exits when performing account recovery, the functionality is needed. I suggest it’s better to do that at the source of data, and discard Tor IPs, rather than later, at the time of use. (* Of course, Cloudflare can still see all traffic sent through its own onions. At least their auto-onion feature takes a big load off Tor exit capacity, a perennial bottleneck due to the difficulty and risks of running an exit; and the metadata (time and IP) for connections via an onion cannot be seen by network spies who may watch traffic from Tor exits. In fairness, I will give them significant credit for doing a bit to help user privacy against adversaries who are not Cloudflare. In my book, is an offset against their terrifically larger debit for MITMing TLS for what seems like half the web nowadays. — I have observed, entities have an interest in protecting people from everybody but themselves. The NSA wans to pwn your crypto, but doesn’t want the Chinese to pwn your crypto. Google wants your connections to Google to be secure, so that only they will be able to buttfork your privacy. Facebook wants you to securely connect to Facebook (even through an onion!), so that you can privately destroy your privacy on Facebook. I think that Cloudflare is absolutely sincere in their desire to protect users against everybody except Cloudflare. Well, generally, intelligence data loses its value if others have it...) Title: Re: Suggestion: Stop logging Tor Exit IPs Post by: hacker1001101001 on January 08, 2020, 06:06:04 AM Your suggestions looks pretty much an effective way to curb the data storage related to IP logins to the forum. Theymos had already applied some IP retantion restriction (https://bitcointalk.org/index.php?topic=5136127.0) features recently. Another intend of theymos behind it could be reducing the data storage space of the user's who don't want to save there IP locations.
I agree tor exits data recording is of probably no use to the forum and not storing them would benifits in a way. Title: Re: Suggestion: Stop logging Tor Exit IPs Post by: Jet Cash on January 08, 2020, 08:48:30 AM I've got a couple of pages worth of IPs logged. All are from the UK, and most state that the city is unspecified. Where the city is specified, it is incorrect, and can be anywhere in England. Only one is correct, and that looks as if it was the result of my tethering through my mobile. I can't see any benefit to me or the forum from recording more than the last couple of IPs.
I'm using public WiFi rather than Tor. |