Hello, I have a different question, not a technical issue but a legal one. Unfortunately, no one could answer the question correctly in the context. Currently, I operate two exit nodes and I want to expand. Therefore, I would like to block DNS requests to websites that are clearly used for copyright infringement, by redirecting them to 127.0.0.1 via DNS. This means that the user would simply need to refresh to get a new exit node that is not mine. I will not restrict access to sites like YouTube, Twitter, or others, but at most 15 websites in order to avoid legal consequences. I know that technically Iām not obliged to do so, but since there hasnāt been a clear ruling in Germany, I donāt want to be the one who receives a legal warning. I can handle regular abuse emails and understand the importance of Tor. So, my actual question is, will my exit nodes be flagged if I do this? Thank you in advance. (I cannot block these websites by IP because they often use Cloudflare.) I kindly request that you refrain from making irrelevant comments, as I consider this to be a serious matter. It doesnāt matter to me if you donāt do it in your situation; I simply want to know for my own situation. I would be very grateful for any information.
I want to make it clear that I donāt have a general fear of lawsuits, but I also want to show that I actively oppose copyright violations. I would even be willing to accept a lawsuit if I were forced to block WikiLeaks, but my intention is to reduce abuse requests related to copyright.
As far as i know you are not allowed to do DNS hijacking because this measure will be against the scope of ToR. Who are you to tell ppl what sites to enter or not.
This were my two cents. Still donāt count my answer, there are others more entitled to give an answer. @NTH
@SirNeo not sure why Iām mentioned in this, Iām for sure not the most qualified one on this topic, but Iāll give it a try anyway .
@AlexanderāRelevant" part of my comment:
As far as Iām aware, censoring your exit relays could indeed be a reason for a BadExit flag.
āIrrelevantā part of my comment:
And indeed this is a serious matter. On a more principle level I donāt think itās a great idea to censor Tor by running blocklists on your DNS resolver[1]. The primary purpose of Tor is to circumvent censorship. The way I view it you wouldnāt run Google Analytics on your site if you wanted to protect your users/visitors from corporate and commercial tracking. And similarly you wouldnāt use Tor for censoring the internet[1].
Based on your post Iāll assume you are based in Germany, but this applies to most countries in the European Union really.
First of all visiting the type of website you refer to isnāt illegal in Germany. Depending on the specific data directly downloading and/or uploading the data may be illegal for citizens of Germany, but merely visiting a website is something else entirely.
But even if it was illegal in Germany, then it still wouldnāt be illegal to visit those sites from other countries. Tor is a international network with access to the world wide web, not a censored German version of the world wide web.
As far as I am aware, your national copyright act applies to official providers (and not Tor operators). This means you donāt have to adhere to court ordered blocks that apply to ISPās. But someone with more experience with the German situation could probably give a better answer in this regard.
So in short I think itās not beneficial to run censored exit relays. Guard/middle relays might be more useful then.
Slightly offtopic: despite this, I feel you have a valid concern about legal steps taken by either a government, a data protection authority, some copyright representative body or some foundation to troll Tor operators. that is not really mitigated within the Tor community right now. I think a lot of people (and maybe TPO) are willing to help with time/advise and financially when something like this should happen to a Tor operator. But as far as I know itās not really made explicit, let alone guaranteed. This might scare off smaller operators that donāt have limited liability legal structures to safeguard them as natural persons. This might be something to talk about some more with operators maybe? The peace of mind that such a āsafety netā would bring might convince more people to run exit relays as well.
[1] To give a bit more nuance as a side note: I feel itās proportional to (temporarily) block IP addresses, ASNās and/or domains when you are either under a attack/being hacked or when your infrastructure is actively being used for large scale attacks/hacks. I donāt think anyone at the Tor Project would object to this, but please chime in if this is the case @TPO.
I also believe that many people would personally host exit nodes if there were a clear regulation, but as far as I understand my legal situation, it would only take a decision overnight that tor exit node admins are also network operators and I would be responsible for everything what happens and is very deterrent is that you do not know 100% if you will really be supported in a legal dispute.
What you also have to understand is that most of the nodes are run by e.v. clubs that are not liable with their private assets, but itās also bad if 4 clubs operate all German exit nodes.
Iām trying to find a way to be able to prove that Iām personally against something like this and can also prove it, but I would never falsify user data.
An āe.V.ā (eingetragener Verein) is a registered association in Germany. It is a legal entity formed by a group of individuals who come together for a nonprofit purpose. The members generally have limited liability, meaning they are not personally responsible for the associationās debts.