# Which vps hoster allows tor hidden services?



## peterw (Sep 10, 2013)

I read some AUP and TOS and I did not find any section about tor hidden services. Is this a good or a bad sign?

What do providers think about tor hidden services?


----------



## HalfEatenPie (Sep 10, 2013)

Most providers don't have any issues with entry relays and transit relays.  It's the exit relays that many people do not allow and it's the exit relays that contains the biggest risk.  

Some providers would prefer to stay away from that headache all-together and therefore could ban the use of TOR in general.  

Personally, I find it's applicability and it's reasoning, but I feel that it's abused way too much that I'd prefer not to support it.  But hey awesome for those who do!


----------



## terafire (Sep 10, 2013)

As long as it's not an exit node, I' m okay with it. As Half Eaten Pie was saying, this is pretty much standard for most hosts. Although it does bring on a whole new set of possible abuse that would normally not be there.

Some providers will allow TOR, but not IRC, go figure.


----------



## rm_ (Sep 10, 2013)

No one outside of your VPS knows it's hosting a hidden service.

(but of course it's still a VPS, so the provider can dig in and find out).

E.g. a web server HS will typically consist of:

1) a web server listening on 127.0.0.1 only, on a random port of your choice, for example 8080

2) Tor configured in *client* mode (i.e. *not even a relay*, and certainly not exit)

3) couple of lines in torrc.

https://www.torproject.org/docs/tor-hidden-service.html.en
 

From outside there is no weird network activity of any sort from/to your VPS, what the world sees is just another end-user machine connected to the Tor network.

There is no reason whatsoever for providers to forbid the set-up described above, that's why you find nothing about it in TOS/AUP.


----------



## VPSCorey (Sep 10, 2013)

Tor was written by the US Government (Navy) and people trust it to keep them anonymous.  Irony.


----------



## Aldryic C'boas (Sep 10, 2013)

Considering how easy TOR has been to compromise lately, and the hosts taken down simply for (knowing and unknowingly) hosting .onion sites.. I'm surprised more providers don't have issue with allowing hidden sites.  Aye, at the moment we only specifically prohibit exit nodes;  but I've been putting some pressure on Fran to have the .onion sites prohibited as well.


----------



## Cloudrck (Sep 10, 2013)

Aldryic C said:


> Considering how easy TOR has been to compromise lately


What are you talking about? Hope you aren't referring to the Firefox exploit



FRCorey said:


> Tor was written by the US Government (Navy) and people trust it to keep them anonymous.  Irony.


And the DoD funds roughly 40% of the money TOR receives.


----------



## nunim (Sep 10, 2013)

Cloudrck said:


> http://rt.com/usa/tor-anonymity-easily-compromised-researcher-537/
> 
> What are you talking about?
> 
> And the DoD funds roughly 40% of the money TOR receives.


Exploit - http://arstechnica.com/security/2013/08/attackers-wield-firefox-exploit-to-uncloak-anonymous-tor-users/

The government provides 60% of Tor's budget - 2012-TorProject-Annual-Report


Rob Graham, the CEO of penetration testing firm Errata Security, told Ars Technica that he ran a “hostile” exit node on Tor and found that 76 percent of the nearly 23,000 connections he tracked used a form of the 1024-bit Diffie-Hellman key.
http://rt.com/usa/tor-anonymity-easily-compromised-researcher-537/

A book I read on the Conflicker worm said the NSA would have no trouble decrypting a 4096-bit private key for controlling the botnet, so I wouldn't put 1024 with weak encyption past their super computers.


----------



## rm_ (Sep 10, 2013)

Yeah let's pile up meaningless unrelated facts together, maybe it'll somehow make sense, and equally uneducated people even start clicking "thankies".

1) Exploit in Firefox, not Tor. Nothing to do with soundness of Tor itself.

2) Government grants are a part of the Tor's funding. And...? It's not developed behind closed doors and then you get a binary and that's it. Nope, the full source code is open, and with this being "the" most high-profile anonymization network and with people using it for _serious_ stuff (and others trying to deanon them), do you honestly think any on-purpose backdoor would survive for long.

3) Users are careless and their various software (which they choose to use over Tor) uses outdated short keys. Again, zero relation to any characteristic of Tor itself.


----------



## Aldryic C'boas (Sep 10, 2013)

rm_ said:


> 1) Exploit in Firefox, not Tor. Nothing to do with soundness of Tor itself.


There was an exploit in Solus, not in CVPS's nodes (supposedly)... but that didn't make the mass wipe any less effective.  In this case, TOR was indeed vulnerable due to a tool used to access it.  Just because that FF hole was the actual exploit didn't make a difference to the end result.

That's also only a single exploit - assuming there are no others would be rather foolhardy.


----------



## Cloudrck (Sep 10, 2013)

Aldryic C said:


> There was an exploit in Solus, not in CVPS's nodes (supposedly)... but that didn't make the mass wipe any less effective.  In this case, TOR was indeed vulnerable due to a tool used to access it.  Just because that FF hole was the actual exploit didn't make a difference to the end result.
> 
> That's also only a single exploit - assuming there are no others would be rather foolhardy.


TOR wasn't vulnerable, only an old firefox version if you were using Windows. And I fail to see the point of your analogy.

It makes every difference, the hole was in a piece of software running on a specific OS, none of which is required to use TOR.

Example, Using any broswer on OSX/Linux and the exploit wouldn't have worked. So how is it a TOR exploit?


----------



## drmike (Sep 10, 2013)

I conceptually like ToR.  But the funders aren't exactly the pillars of humanity, freedom and privacy.

No one has mentioned the lacking number of exit nodes and those nodes potentially being rogue, monitored, etc.  Especially where an organized entity controlled enough of those exit nodes.  Still relative? I suspect it is.  SSL on ends going to keep folks secure, umm yeah, expect that to be back doored at official issuers.  Unofficial self generation, well if using open source, maybe secure.  Commercial closed certs, compromised.

Something here, obviously older:

http://www.theregister.co.uk/2007/11/23/tor_abuse/

I like the dialogue on this topic, even if we don't all agree.  All bound to learn something new.


----------



## Cloudrck (Sep 10, 2013)

If you want to talk about TOR exploits, I'd look into correlation and Sybil attacks. I'm not to worried about javascript browser exploits aimed at Windows.

http://wwwcip.informatik.uni-erlangen.de/~spjsschl/i2p.pdf

I still have an issue with the DoD having their hand and who knows what else in TOR.


----------



## Aldryic C'boas (Sep 10, 2013)

Cloudrck said:


> And I fail to see the point of your analogy.


Point of the analogy is, regardless of the method of entry, services that were supposed to be 'hidden' and 'secure' were not.  To simplify - if your apartment door is barred, but someone gets in through the window, your apartment was still compromised.  I never said TOR was responsible for the hole - I said it was affected.



Cloudrck said:


> I still have an issue with the DoD having their hand and who knows what else in TOR.


That statement alone should completely counteract any claim you can make to TOR's security.  Related reading: www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security - specifically the following:



> Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.
> 
> "Eventually, NSA became the sole editor," the document states.


----------



## Cloudrck (Sep 10, 2013)

Aldryic C said:


> Point of the analogy is, regardless of the method of entry, services that were supposed to be 'hidden' and 'secure' were not.  To simplify - if your apartment door is barred, but someone gets in through the window, your apartment was still compromised.  I never said TOR was responsible for the hole - I said it was affected.
> 
> That statement alone should completely counteract any claim you can make to TOR's security.  Related reading: www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security - specifically the following:


Yes, but saying it was the front doors (Tor) fault would be insane, when it was clearly due to negligence of the window security (firefox/windows). Give credit where credit is due, and don't pass false blame, it usually leads to FUD and avoiding the real issues.


The issue isn't with TOR, but with people not understanding that Tor is meant for anonymity, security is still the respobility of the user. Tor is one tool that should be used in conjunction with other methods. Ditching Windows, and disabling Javascript, etc.


----------



## drmike (Sep 10, 2013)

Aldryic C said:


> Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.
> 
> 
> 
> "Eventually, NSA became the sole editor," the document states.


That's security through obscurity basically.  It is far more commonplace than even the crypto experts know.  Follow the underwriting dollars through the standards orgs and universities.  It's all over the place.


----------



## Aldryic C'boas (Sep 10, 2013)

Cloudrck said:


> Give credit where credit is due, and don't pass false blame, it usually leads to FUD and avoiding the real issues.


Not sure how much simpler I can make it for you.  Best suggestion I have is to read what people post more carefully rather than make assumptions of what they mean.


----------



## wlanboy (Sep 10, 2013)

Let's talk about how TOR is working.

Even if a single entity controls both the entry as well as the exit node for any given connection through the Tor network it doesn't matter.

There _are_ bad guys running Tor nodes, some have been discovered in the past but noone can fully monitor _all_ Tor connections _all_ the time.

Everyone speaking about TOR security flaws is talking about timing attacks from a globally aware scanner. You don't need to compromise exit nodes to do this, and thus it's not a problem with allowing anybody to run nodes.

If I visit a site, while someone owns the entry node and the exit node. The second communication (entry -> relay) is encrypted to the 2nd node's key. How does the entry node know the destination (what exit node is used)?

It doesn't.

If big brother owns entry and exit, it knows someone visited a site by using the _timing information, well out of the fact that__ TOR is a low-latency mixnet_. Getting information is possible if you can view the entire internet anyway.

The chance that at least _some_ Tor connections are compromised due to something other than simple software exploits is rather unlikely, but it can happen.

The fact that each single connection is compromised at any given moment is virtually impossible,

So back to the security theorem.

All our security, take GnuPG, ssh keys, SSL, ... is based on carefully selected functions where we do believe it is to complicated to build the inverse function. So cryptology is something like a religion where everyone believes that it is too expensive to guess the right key.

It is all about timing. In X years every laptop can crack up Y bit SHA2 keys.

Back to TOR:

TOR is save if a lot of people are using it. Out of two factors:

1. More nodes reduce the risk to go a bugged route through the TOR net

2. More nodes allow more bandwith and a higher number of routes (relay nodes)

3. More users generate more shadow traffic

Both sound nice, but it is all about making it more complicated.

Back to TOR hidden services:

Because hidden services do not need exit nodes it is even more complicated to trace them. Because you have to control the randomly choosen relay node (which is then the "exit" node) that is contacting the hidden service. It is all within TOR.

Best way to make TOR traceable: Fear.


----------



## KVChosting (Sep 11, 2013)

Why do you need hidden service?


----------



## peterw (Sep 11, 2013)

********** said:


> Why do you need hidden service?


If you want to leak information but don't want to go to jail? Or if you live in a country where making jokes about the president or the leading party can kill you.


----------



## Reece-DM (Sep 11, 2013)

Cloudrck said:


> What are you talking about? Hope you aren't referring to the Firefox exploit
> 
> And the DoD funds roughly 40% of the money TOR receives.


That;s the thing that makes me laugh, it was designed for them but criminals are using it. so In theory with the current situation of the NSA I'm pretty sure it's not so "Anonymous"

Sure it can hide your identity to most people, but I wouldn't trust the network itself from your government's.


----------



## raindog308 (Sep 11, 2013)

Speaking of TOR and botnets and hidden services...

https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients


----------



## clarity (Sep 11, 2013)

If you know that people are using this for wrong doing, why would you want to run one? I understand that anonymity part of it, but a lot of people are using this to view more than questionable things. Why support that?


----------



## HalfEatenPie (Sep 11, 2013)

dclardy said:


> If you know that people are using this for wrong doing, why would you want to run one? I understand that anonymity part of it, but a lot of people are using this to view more than questionable things. Why support that?


See for many people it's supporting the free speech and protection of whistleblowers.  They look at the positives and say "you have to take the bad with the good" and supports the TOR Project to allow whistleblowers to continue/do what they believe is right (they value helping whistleblowers high enough that it justifies having to deal with abuse (e.g. CP distributors)).  

For others they just see the negative (not pointing any fingers but similar to what you just wrote as an example) and place that higher on their priority list than helping out the whistleblowers and people who wish to stay anonymous.  

It's a complicated situation, and while we would all love to have an idealistic world where we only get the positives (help the whistleblowers) without the negatives (distribution of CP), we currently haven't found a way to deal with it and therefore kinda stuck with the tools at hand.  

This is actually how politics work, because many politicians don't want to be labeled "that one politician who supports CP" and therefore immediately supports for restrictions on such services, but unfortunately most of these policies also contain many legitimate casualties, and on the website some of these websites are people's livelihoods.  For another example, this is VERY similar to how SOPA was worded (very broadly/generally that too many legitimate websites would fall casualty to the act and many people on the internet considered the "trade-off" was too high).


----------



## wlanboy (Sep 11, 2013)

dclardy said:


> If you know that people are using this for wrong doing, why would you want to run one? I understand that anonymity part of it, but a lot of people are using this to view more than questionable things. Why support that?


Because like a lot of technical things it depends on how humans are using it.



> Cars kill a lot of people - so let's ban all cars.


----------



## Shados (Sep 11, 2013)

I've got two points to make in regards to the arguments for/against Tor:


If you ban/restrict/criminalize Tor and equivalent systems, you leave no real legal means of anonymous internet usage, but you still leave plenty of illegal ones. In a world without Tor, or with Tor being illegal, criminals could and still would be able to get anonymous internet access, but people with legitimate, ethical need for it would not. People willing to distribute child pornography aren't going to be put off by the illegal and/or unethical nature of the other options, so you're only significantly restricting ethical people
In regards to issues of anonymity, secure/encrypted communications, etc. I often hear the claim that "If you aren't a criminal, you should have nothing to hide". Aside from the obvious ridiculousness of the statement (we are _all_ private creatures to one degree or another - there are always things you might not want to broadcast to the public), there's a pretty big problem with this: you generally have quite a lot of things you would rather criminals did not know - like your credit card or banking details. Anonymity can be used not just by whistleblowers under oppressive regimes, but by people who want to anonymously/safely report information about crimes they've witnessed, criminal organizations, etc.


----------



## Aldryic C'boas (Sep 12, 2013)

Shados said:


> If you ban/restrict/criminalize Tor and equivalent systems, you leave no real legal means of anonymous internet usage, but you still leave plenty of illegal ones. In a world without Tor, or with Tor being illegal, criminals could and still would be able to get anonymous internet access, but people with legitimate, ethical need for it would not. People willing to distribute child pornography aren't going to be put off by the illegal and/or unethical nature of the other options, so you're only significantly restricting ethical people


Gotta disagree completely there.  Completely ignoring all of the Free/Open VPN services (or the paid ones that accept bitcoin and care not what you put for your name), you can easily pick up a pre-paid phone with a data plan without submitting ID.  Head over to XDA, grab an Android ROM to flash that'll let you turn said phone into a wifi router.  (Or just hit the net from various hotspots.. McDonalds, coffee shops, etc). 

There are PLENTY of ways to use the web anonymously without breaking any laws.  TOR is not some saviour here to free us all from oppression - it's merely a single tool that can be used to reach a collection of websites unavailable without TOR or a gateway.  A tool that gets severely misused for very dirty purposes;  but defenders try to point out that people use it for good things, too.  Okay - so did anonymity and free speech not exist before TOR?  Hardly.  I personally dont support TOR because I see it as a black market of unethical pornography, drugs, and so forth - just with an optional feature of "anonymously" browsing.  Same reason I won't support organizations like the NAACP or KKK - sure, each organization does some honestly good things; but for the most part I want no involvement in the racism and divisionist ideals.


----------



## Shados (Sep 12, 2013)

Aldryic C said:


> Gotta disagree completely there.  Completely ignoring all of the Free/Open VPN services (or the paid ones that accept bitcoin and care not what you put for your name), you can easily pick up a pre-paid phone with a data plan without submitting ID.  Head over to XDA, grab an Android ROM to flash that'll let you turn said phone into a wifi router.  (Or just hit the net from various hotspots.. McDonalds, coffee shops, etc).
> 
> There are PLENTY of ways to use the web anonymously without breaking any laws.  TOR is not some saviour here to free us all from oppression - it's merely a single tool that can be used to reach a collection of websites unavailable without TOR or a gateway.  A tool that gets severely misused for very dirty purposes;  but defenders try to point out that people use it for good things, too.  Okay - so did anonymity and free speech not exist before TOR?  Hardly.  I personally dont support TOR because I see it as a black market of unethical pornography, drugs, and so forth - just with an optional feature of "anonymously" browsing.  Same reason I won't support organizations like the NAACP or KKK - sure, each organization does some honestly good things; but for the most part I want no involvement in the racism and divisionist ideals.



Free/Open VPN services generally have known, individual organizations controlling them (making them susceptible to governments, coercion and probably corruption/bribery), limited/known points of failure & control (VPN providers generally have fairly small+stable set of servers they provide services out of), don't make you anonymous to the VPN provider/network (no onion routing through third party nodes or other solutions utilized), etc. They provide a _very_ limited form of anonymity, and honestly, do you really doubt such services aren't already covered under PRISM or similar projects? What well-funded, half-competent intelligence agency would let them slip by?

Hotspots and pre-paid mobile internet without provided ID are a little better, but aren't available everywhere (and the latter is becoming available in fewer places every year, sadly) but still have large risk factors in that they essentially provide decently specific time+physical location data, and usually places that provide wifi or prepaid mobile internet SIM cards have cameras, the combination of which is more than enough to identify you. This is (probably?) not much of an issue if you're concerned about criminal organizations tracking you, but represents an actual risk for people living under repressive governments, whistleblowers, etc.

And yes, you are right, Tor does get misused a lot. But the solution to the problem of misuse of technology is not to to severely restrict our outlaw it - you're just dealing with the symptoms, not the cause. And, again, while such measures would mean law-abiding persons wouldn't use it, the reality is that you'd just be creating a new black market - in anonymity. You'd inevitably get criminals selling access to botnet-backed onion routing networks and the like if you cracked down on anonymous web access hard enough... and if you're just cracking down on Tor, and there are "PLENTY of ways to use the web anonymously" then what's to stop criminals from just using those ways instead? What's the point of going after just one particular anonymity service?


----------



## raindog308 (Sep 12, 2013)

Aldryic C said:


> There are PLENTY of ways to use the web anonymously without breaking any laws.  TOR is not some saviour here to free us all from oppression - it's merely a single tool that can be used to reach a collection of websites unavailable without TOR or a gateway.


That's actually a side benefit to TOR, not the main or original purpose.  The main purpose is to defeat traffic analysis.  I suspect I'm telling you something you already know but pointing it out for others.  Without TOR, it's possible for a government to say "I don't know what you're saying, but I know who you're talking to".  With TOR, that's a lot harder if not impossible.

TOR offers:

(a) a way to defeat traffic analysis

(b) a way for people to communicate in a nontraceable way (though this is not unique to TOR - I believe you can do the same thing with FreeNet)


© a way for people to access content they couldn't otherwise access due to censorship (e.g., Great Firewall of China).  I'm not sure a TOR is much better than a private VPN in that case.

 


I completely understand your arguments, but I think freedom is always a double-edged sword.  That's really what this debate comes down to and both sides are reasonable.

 

I don't know what the ratio of Silk Road/Child Porn/terrorist activity vs. dissidents/don't-want-to-be-spied-on/hey-this-geek-stuff-is-cool ratio among TOR users.  No one really does.  I suspect critics would say 90:10 (though they're guessing).  Supporters would say without TOR, life for that 10% would be harder, while the 90% would go accomplish the same things using something else.  It is demonstrable that TOR has done good in the world and evil...like most technology.

But hey, the government pays 80% of the TOR Project's funding, so it must be a good thing, right?


----------



## wlanboy (Sep 13, 2013)

And Tor is currently hosting a quite big botnet.

Can't believe that they just start to realize that Tor hidden services are quite good to host the control servers of a botnet.


----------



## Aldryic C'boas (Sep 13, 2013)

Shados said:


> Free/Open VPN services generally have known, individual organizations controlling them (making them susceptible to governments, coercion and probably corruption/bribery), limited/known points of failure & control (VPN providers generally have fairly small+stable set of servers they provide services out of), don't make you anonymous to the VPN provider/network (no onion routing through third party nodes or other solutions utilized), etc. They provide a _very_ limited form of anonymity, and honestly, do you really doubt such services aren't already covered under PRISM or similar projects? What well-funded, half-competent intelligence agency would let them slip by?


As opposed to a project designed and deployed BY an alphabet agency, right?  In all seriousness though - that's differentiating protecting who you are from protecting what you're doing. You can quite easily obtain a VPN to achieve both goals.



Shados said:


> Hotspots and pre-paid mobile internet without provided ID are a little better, but aren't available everywhere (and the latter is becoming available in fewer places every year, sadly) but still have large risk factors in that they essentially provide decently specific time+physical location data, and usually places that provide wifi or prepaid mobile internet SIM cards have cameras, the combination of which is more than enough to identify you. This is (probably?) not much of an issue if you're concerned about criminal organizations tracking you, but represents an actual risk for people living under repressive governments, whistleblowers, etc.


Quite right, public wifi can be risky. If you get traced back to it - keep in mind, my examples are partial concepts. Simply going to a public wifi hotspot does not grant you any safety; it's merely one step of several.



Shados said:


> And yes, you are right, Tor does get misused a lot. But the solution to the problem of misuse of technology is not to to severely restrict our outlaw it - you're just dealing with the symptoms, not the cause. And, again, while such measures would mean law-abiding persons wouldn't use it, the reality is that you'd just be creating a new black market - in anonymity. You'd inevitably get criminals selling access to botnet-backed onion routing networks and the like if you cracked down on anonymous web access hard enough... and if you're just cracking down on Tor, and there are "PLENTY of ways to use the web anonymously" then what's to stop criminals from just using those ways instead? What's the point of going after just one particular anonymity service?


I never said to go after TOR. Merely that I don't support it and have my reasons not to use it. Similar example: I happen to find marijuana rather disgusting; from the smell down to how some people act when high. But I've got some good friends (some here at VPSB too) that'll light up from time to time, and I'm not going to interfere with their lifestyle just because they partake in a recreational I don't personally care for.

Aside from usage issues, there's also a rather large problem people tend to blind themselves to - when's the last time any of you actually went through TOR's source? Or the source of any VPN/Proxy service? Can you honestly say you know 100% exactly what takes place when you use these services? For my VPN and Proxy daemons of choice, I can easily say 'yes' to this. I can't do so with TOR - and given its dubious origins (from a source I already have zero trust in), there's no way in hell I'd risk using it on the basis of "those guys on the internet say its secure".



raindog308 said:


> That's actually a side benefit to TOR, not the main or original purpose.  The main purpose is to defeat traffic analysis.  I suspect I'm telling you something you already know but pointing it out for others.  Without TOR, it's possible for a government to say "I don't know what you're saying, but I know who you're talking to".  With TOR, that's a lot harder if not impossible.
> 
> TOR offers:
> 
> ...


Quite true. TOR offers a few options that are positive, even if they aren't unique.



wlanboy said:


> And Tor is currently hosting a quite big botnet.
> 
> Can't believe that they just start to realize that Tor hidden services are quite good to host the control servers of a botnet.


I can't believe it took them this long to realize a good chunk of the C&Cs have been running as .onions for quite some time now. This isn't really 'new' to anyone but said researchers mentioned in the article.


----------



## wlanboy (Sep 13, 2013)

Aldryic C said:


> I can't believe it took them this long to realize a good chunk of the C&Cs have been running as .onions for quite some time now. This isn't really 'new' to anyone but said researchers mentioned in the article.


I think this news is pushed because a lot of people said "this is because of the NSA and Syria stuff".

And of course because of the *scale*.

Double the number of TOR users in between August the 19th and August the 26th.

And double this number between August the 26th and September the 2nd again.


----------



## kaniini (Sep 13, 2013)

We had a bad interaction with SOCA due to a hidden service recently.  We are still debating whether or not to disallow TOR altogether as a result.


----------



## Echelon (Sep 15, 2013)

There are definitely legitimate uses for TOR, and there are definitely illegitimate uses just the same. What really determines whether more providers are going to make the choice to drop TOR from being permitted is the amount of time, energy, and money they have to invest in defending the use of TOR as an exit node on their network. Also, to mention the amount of bulk traffic TOR generates in the meanwhile, some providers would prefer the users of the servers know a bit more about what's coming in or going out of their server.

At the end of the day, I wouldn't be surprised if we see providers shift in their stance depending on where servers are housed and the legal climate of their footprint.


----------



## rm_ (Sep 15, 2013)

> What really determines whether more providers are going to make the choice to drop TOR from being permitted is the amount of time, energy, and money they have to invest in defending the use of TOR as an exit node on their network.


No one reasonable expects your random VPS provider to allow exit nodes. And this particular thread is about hidden services, not exit nodes.

By the way (to everyone), it's specifically "*Tor*", not TOR or ToR or T.O.R, I think that was even in their FAQ somewhere.


----------

