[Tor2web-talk] CryptoLocker: How to best deal with them?
Virgil Griffith
i at virgil.gr
Wed Nov 5 23:31:42 CET 2014
If they keep changing their hidden service ID it's going to be hard to do.
Doing something proactive mildly increases our legal liability in future.
Perhaps a more formal system of people submitting abusive URLs so that they
can be blocked by us directly from a browser-based admin interface.
On Nov 5, 2014 2:01 PM, "Fabio Pietrosanti - lists" <lists at infosecurity.ch>
wrote:
> Hi all,
>
> sounds like the CryptoLocker is causing some major issue to Tor2web,
> with takedown and hardcore abuses to/from ISPs.
>
> Now, what's the best strategy to deal with them?
>
> They change quite often the TorHS, so it doesn't work to filter them all
> using current blocklist.
>
> We may look for implementing content filtering based on Regexp
> https://github.com/globaleaks/Tor2web-3.0/issues/151 , but it may have
> some important performance issue (and cryptolocker guys would anyway try
> to bypass it).
>
> So, from a real-world perspective, ideas on how to better deal with such
> issue?
>
> --
> Fabio Pietrosanti (naif)
> HERMES - Center for Transparency and Digital Human Rights
> http://logioshermes.org - http://globaleaks.org - http://tor2web.org -
> http://ahmia.fi
>
>
> _______________________________________________
> Tor2web-talk mailing list
> Tor2web-talk at lists.tor2web.org
> http://lists.globaleaks.org/mailman/listinfo/tor2web-talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.globaleaks.org/pipermail/tor2web-talk/attachments/20141105/773764b6/attachment.html>
More information about the Tor2web-talk
mailing list