Why do vps providers not allow TOR?

[drmike]

The biggest loudmouthes positing the usage of TOR are the same idiots we constantly see mixed up with very illegal activities.  Maybe I'd be willing to see TOR as something more than just a paedophile kiddy porn ring if it had better representation.

Problem with Tor isn't even the well intentioned operators.  The problems are from the random users who are engaged in every activity.   Higher density of really problematic usage since it's free and as-advertised gives this idea of being anonymous.

I like Tor conceptually.  But the law breakers are out of control with it.  If you operate a public node look forward to law enforcement inquiries a month outward and piracy / DMCA stuff flows like water and regularly.  

Unsure how anyone operates an exit node and has any sanity, quiet, peace of mind these days.

 

[MannDude]

Just out of curiosity and not in defense of TOR, but has there been any recent cases of raids and equipment seizures as a result of providers allowing it?

I feel like something happened a year or two ago where a provider was raided but I don't recall the details.

And if your cage at the DC is raided, good luck. They'll take the entire g'damned rack that the single server was in which will impact much more than just the one individual doing stupid things.

 

[Cloudrck]

TOR is developed for shady usage, and hosters know what shady attracts. ;-)

Just as much as TLS & VPN are used for "shady" usage. I know several local journalists who use Tor. You should know better than to believe the nonsense most mainstream media spits out to scare people. I've allowed Tor relays with no more issues than "allowing" VPN's. In fact, I have more issues with people using servers as a VPN to download illegal media than I have had with Tor relays.

 

[SkylarM]

And if your cage at the DC is raided, good luck. They'll take the entire g'damned rack that the single server was in which will impact much more than just the one individual doing stupid things.

Not true, actually. Had an incident with a major lettered agency a few months prior and they wrote up a Warrant to do so. I explained how VPS work and they said they just wanted to grab a copy of the data, but still wanted physical access to it, but that they wouldn't be taking the entire node or drives or anything. They didn't end up doing it as he wasn't an active client anymore, but yeah. Depends on the people you are dealing with I guess.

Most providers likely don't allow TOR because it's one of the few things that will actually use your BW cap that isn't torrenting. We ran into an issue where customers would tear through their allotment in a few days and then turn the TOR node off, which is entirely useless in the grand scheme of things. We had some other related issues with TOR, so we opted to just kill it entirely.

 

[MannDude]

Not true, actually. Had an incident with a major lettered agency a few months prior and they wrote up a Warrant to do so. I explained how VPS work and they said they just wanted to grab a copy of the data, but still wanted physical access to it, but that they wouldn't be taking the entire node or drives or anything. They didn't end up doing it as he wasn't an active client anymore, but yeah. Depends on the people you are dealing with I guess.


Most providers likely don't allow TOR because it's one of the few things that will actually use your BW cap that isn't torrenting. We ran into an issue where customers would tear through their allotment in a few days and then turn the TOR node off, which is entirely useless in the grand scheme of things. We had some other related issues with TOR, so we opted to just kill it entirely.

Ah, that's good to know.

My statement was based on this though: http://bits.blogs.nytimes.com/2011/06/21/f-b-i-seizes-web-servers-knocking-sites-offline/

In that raid they took more than just the culprit's server and data.

 

[SkylarM]

Ah, that's good to know.

My statement was based on this though: http://bits.blogs.nytimes.com/2011/06/21/f-b-i-seizes-web-servers-knocking-sites-offline/

In that raid they took more than just the culprit's server and data.

Ah yeah. Well hopefully they realize what VPS and Cloud hosting is now That is a few years old.

 

[KuJoe]

When William got busted, the VPS provider he was using had their whole VPS node taken according to the reports at the time. If what @SkylarM says is true, that's one thing but having read about whole VPS nodes being taken in raids I'm erring on the side of caution because if our nodes were seized it would be hard for us to recover from that and likely wouldn't have any clients left anyways. I do have first hand knowledge of an alphabet agency taking a whole VPS node at one US data center with over 200 IPs in use on it (unsure if all of the IPs were individual servers or VPSs had multiple IPs though but I do know it was a VPS node but they weren't allowed to share which provider it was).

 

[SkylarM]

When William got busted, the VPS provider he was using had their whole VPS node taken according to the reports at the time. If what @SkylarM says is true, that's one thing but having read about whole VPS nodes being taken in raids I'm erring on the side of caution because if our nodes were seized it would be hard for us to recover from that and likely wouldn't have any clients left anyways. I do have first hand knowledge of an alphabet agency taking a whole VPS node at one US data center with over 200 IPs in use on it (unsure if all of the IPs were individual servers or VPSs had multiple IPs though but I do know it was a VPS node but they weren't allowed to share which provider it was).

It likely could have just been the person I was working with not wanting to be a total dickhead about it. Could also depend on the specific case, depends on severity etc. Who knows. I'd rather not find out though

 

[Aldryic C'boas]

In fact, I have more issues with people using servers as a VPN to download illegal media than I have had with Tor relays.

... I've never once in a decade now gotten any kind of abuse report along the lines of 'This IP is downloading licensed material'.  Only people seeding torrents/etc or being stupid enough to host the files directly on websites.  And a VPN wouldn't be involved in that case anyways.

Which begs the question of.. if you're not snooping on your clients' usage, how exactly did you know about this?

 

[KuJoe]

... I've never once in a decade now gotten any kind of abuse report along the lines of 'This IP is downloading licensed material'.  Only people seeding torrents/etc or being stupid enough to host the files directly on websites.  And a VPN wouldn't be involved in that case anyways.

Which begs the question of.. if you're not snooping on your clients' usage, how exactly did you know about this?

We get a few reports a month (although last week we got about 6 of them for different IPs) against VPNs our clients are running that are used to download pirated content. It's usually from somebody running a VPN service versus a private VPN.

 

[Flapadar]

We get a few reports a month (although last week we got about 6 of them for different IPs) against VPNs our clients are running that are used to download pirated content. It's usually from somebody running a VPN service versus a private VPN.

Aren't those from people being connected to public trackers / uploading the material, rather than simply downloading? I think that's the point Aldryic was making. Example:

IP-Echelon has become aware that the below IP addresses have been using your service for distributing video files, which contain infringing video content that is exclusively owned by Paramount.

I've never seen one that specified downloading. 

 

[drmike]

... I've never once in a decade now gotten any kind of abuse report along the lines of 'This IP is downloading licensed material'.  Only people seeding torrents/etc or being stupid enough to host the files directly on websites.  And a VPN wouldn't be involved in that case anyways.

Which begs the question of.. if you're not snooping on your clients' usage, how exactly did you know about this?

I've ran an exit node prior.   I definitely received a bunch of this IP is downloading pirated / unlicensed stuff.  This was a few years back.  Upstream DC was a bear to deal with as hadn't SWiP'd things fully -- abuse was still hitting their inbox.  They were not entertained.

 

[KuJoe]

@Flapadar I just checked the last 6 reports we got in the past 60 days and they all are for downloading (1 client confirmed he was downloading and all 6 VPSs show inbound traffic with little to no outbound).

 

[Cloudrck]

... I've never once in a decade now gotten any kind of abuse report along the lines of 'This IP is downloading licensed material'.  Only people seeding torrents/etc or being stupid enough to host the files directly on websites.  And a VPN wouldn't be involved in that case anyways.

Which begs the question of.. if you're not snooping on your clients' usage, how exactly did you know about this?

How did I know about illegal downloads? From DMCA notices sent either to me and/or to the datacenter. The IP will correspond to someone who admits to running a VPN/proxy. I don't know what relevance there is to downloading vs seeding on a VPN. Once you connect to the tracker anyone can view your IP address regardless of what you're doing.

And a VPN wouldn't be involved in that case anyways.

Maybe we're not thinking about the same thing. In the sitatuations I'm talking about, some is using a VPN to mask their IP address by tunneling traffic from a VPS running something like OpenVPN to download data.