Unofficial Tor Community

163 readers

2 users here now

Link to tor project (they made the icon I grabbed, and tor itself of course): https://www.torproject.org/

This is a community to discuss the tor project and your experience with tor, tor browser, etc.

Rules are generally: be nice, don't be bigoted, etc.

Only seems fair that an infosec instance should have a community about one of the most well known anonymity tools :)

founded 1 year ago

MODERATORS

[email protected]

(EU) How to penalize Tor-hostile companies (e.g. Cloudflare users) (infosec.pub)

submitted 8 months ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

I simply make a GDPR request. Write to a Tor-hostile data controller making an Article 15 request for a copy of all your data. Also ask for a list of all entities your data is shared with.

The idea is that if a website blocks Tor (or worse, uses Cloudflare to also share all traffic with a privacy offender), then they don’t give a shit about privacy. So you punish them with some busy work and that busy work might lead to interesting discoveries about data abuses.

Of course this only works in the EU and also only works with entities that have collected your personal data non-anonymously.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 8 months ago* (last edited 8 months ago)

Tor-hostility is an act of laziness. An admin decides they cannot be bothered to separate their publications from their contact page, or to just CAPTCHA the contact form. So they take the easy path and simply 403 all Tor users or they offload the effort onto others by proxying via Cloudflare.

Thus it’s in the interest of the Tor community to make the lazy option a path of greater resistance.

There’s also a cost apart from time. I just got a response to a GDPR request by registered letter. So the privacy-disrespecting data controller spent ~€10 in postal costs on their response.