On Mon, Dec 10, 2012 at 10:29 PM, Joseph Lorenzo Hall <[email protected]> wrote: > Hi Tor-talk, apologize for an off-topic query to this list... > > I figure as a group of maintainers, node runners and developers that some > of you might help us with stories about how port-blocking specifically has > impacted efforts to develop software: > > Has ISP-blocking of individual inbound and/or outbound ports affected your > software development processes, required re-engineering of applications > (poking holes in ISP-level firewalls, etc.), and/or impacted application > design over the longer term?
Software development: Well, as a developer I mostly use ssh or https with git, and don't run services on home ISPs or ISPs that block traffic. If I discovered my (hosting) provider was doing something like that and unwilling to change it, I would switch providers. Application design/deployment: One of the things we encourage relay (and particularly bridge) operators to do (if possible) is to listen on common not-blocked ports (80, 443). Aka, port blocking is braindead and doesn't work (hence DPI right? The arms race has long since evolved past simple port blocking.) > > (Full disclosure: I ask in my role as senior staff technologist at > https://www.cdt.org/ and we would use your responses to try and inform a > larger piece of work on best practices for ISP port blocking.) Yes. **Do Not Block Ports** unless **specifically requested**. Blocking and filtering of chatty network fileshare protocols, broadcasts, etc should be done at the CPE and it should be configurable by the user (though sensible defaults are a fine idea). Anything else is censorship. And since I mentioned DPI above; the same applies. If the network cannot handle customers using it at a given price point the business model is broken. I don't buy any of the arguments for DPI as traffic management since these providers have had years to meet capacity requirements and plenty of countries have symmetric FTTH at 100mbit+. Claiming that they need fancy censorware to keep their creaky network running is ludicrous. --Aaron P.S. I think the bigger issue here is that since most people have a very limited choice of providers, they pretty much have to live with the crap options they are presented. That applies to national ISPs and associated governments as well. The fact that these people meet to discuss how to filter/block/control the net rather than improve it is rather telling. > > thanks, Joe > > -- > https://josephhall.org/ > _______________________________________________ > tor-talk mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
