That's a very fair point. But where the interaction with linode primarily began to degrade was their unwillingness to see that agreeing with "principle" and allowing it's actual "technical operation" are mutually exclusive in this case. I don't care about linodes "principles," I care about what I can and cannot run via their service, in parameters provided by them to me. I was more than happy to comply with any changes that needed to be made to my exit node policy, but when they simply come back with "block all malicious/illegal traffic or shut off your TOR node" that's a simple ridiculous response. More-over telling me that I (or even they) are responsible for traffic that did not originate in their network, but was merely relayed through their network, is utterly absurd technically and legally. Through the discourse I at times probably came off as arrogant and slightly rude, but their unwillingness to assist in an actual technical rectification of their complaint was beyond frustrating.
It's quite clear that linode is at odds with their own legal and technical staff, and I'm just not convinced that either parties understand well enough the concepts at play. But since I'm no longer a customer it's really up to the rest of you to decide.
Linode offers a pretty good, solid service, but they clearly fail in many other areas.

I think you ought to actually read what the ToS says about Tor in particular. It's quite clearly written to be along the lines of "while we don't specifically forbid you to run a Tor exit node, you pretty much can't because the traffic from it will keep violating our terms of service all the time":




Simply, Linode is not the right place to host your Tor services.

That much is clear, though that's certainly at odds with the claims of the linode technical staff in the original post, claiming "we do have other customers that successfully operate Tor exit nodes and do not generate complaints."

It would be awesome if any of these such customers could chime in with their experience... Is this true?

If there are any such customers, they probably have extremely restrictive exit policies. Even if you disallow everything except port 80, your exit node can still post spam comments on other people's sites. Maybe they're using a firewall to block everything except a few specific sites? (Wikipedia would be OK, for example, because they already disallow anonymous edits from Tor IPs.) Or maybe it's just a matter of luck that they haven't generated a complaint yet.

Anyway, as you have now realized, Linode isn't a good place to run a Tor exit node. This has nothing to do with the law or morality; it is simply a matter of costs and benefits. If it takes 5 minutes to process a DMCA complaint and check if it has any merits, and if the employee who does the checking gets paid at least $60 per hour, and if you get at least 1 complaint per week, you're already costing more than the prince of a Linode 512 per month.

Also, if the content owner gets frustrated after sending a few DMCA notices and decides to sue, it can cost Linode a thousand times that (in attorney's fees) even if the lawsuit turns out to have no merit. EFF has lawyers, and they're actually looking for lawsuits to test their claims, so they can show their letter around. But most small businesses cannot afford to go anywhere near a lawsuit. The price of a Linode would go up for everyone if Linode routinely risked lawsuits, and VPS is a very competitive market. It's as simple as that. People love privacy "in principle", but how much money it's worth is a different question.

As I said in a previous comment, the only way you can safely run a Tor exit node is with your own colocated server and your own IP block. See this site for hints. FormlessNetworking runs dozens of Tor exit nodes using their own IP block. Good luck with Rackspace; I doubt that their policies are any different from Linode's when it comes to Tor exit nodes.

It seems from a quick scout that Rackspace's policy is the same, as noted in Tor's own ISP guide. Friendly in principle, but they'll kick you to the kerb if DMCA's keep coming.

A couple of points:

a) Its an unmanaged service, $20 or even $40 a month is not going to pay for technical services for a service you are choosing to run. In simple words, its your problem to stop the offending content from going through which is causing both DCMA and abuse reports to be sent to Linode for the IP assigned to your node.

b) You, as a Tor end point, are not a "service provider". You can quote, reference, cite all day long what the Tor group put on their web site regarding the legality and legal responsibility of a Tor end-point operator, but that doesn't make it universally correct or necessarily even factual. The only opinion that is going to count is a court's opinion and that can very greatly depending on the jurisdiction.

c) Linode had no problem with you running a Tor end point until they started receiving DCMA and abuse reports filed against the IP address assigned to you. You really thought that was alright? You really expected them to ignore them? They have legal obligations under the DCMA and I would imagine the datacenters at which they are located in also have certain requirements regarding abuse.

d) Regardless of your own moral beliefs, quite bluntly, you violated the terms of service that you agreed to upon signing up for the service. Because they did not agree with you it seems you like to think they were uncooperative, unhelpful and generally a bad service provider but it seems this went on for over a week with multiple abuse reports. Many providers would have just shut you down far earlier and in truth, personally, I believe that is what Linode should have done as well based on your attitude.

e) You've already decided to leave Linode and now you're posting in their forums, after the fact, wanting to complain about Linode? Isn't that just simply trolling? Its not like you're on the second or third abuse complaint asking for configuration help with Tor.

I personally think Tor ought to be banned outright on Linode. That's not a statement against free speech or even not wanting to help individuals that are in areas where free speech is prohibited. Tor, as designed, simply provides a mechanism that is too often and too easily used for abuse and other illegal activities that I don't really support and causes way more trouble as demonstrated by this thread than the good it actually does provide.

Interesting. Here's the link if anyone else also wants to know.

Have you ever even read the DMCA? The comments you are making lead me to believe that you have not or have quite a few misunderstandings about what it does and does not do.

From Linode Terms of Service:



Case closed.

Also, the world is powered by money, and MPAA, RIAA and similar assholes have tons of it. More than enough to lobby the feds or whoever raid Linode datacenters. Which then puts all of us, Linode customers, at risk of losing our data and service.

Thanks for taking your ideological battle elsewhere.

First off, this issue did not go on over a period of weeks, but a period of several days, I did all I could to promptly put new rules in place to avoid their claimed infractions -- perhaps such a short time period means I dramatically over-reacted. But no matter how trivial most people would like to think this matter is, it is at the crux of the issue of personal privacy and how our private informations is becoming increasingly more public every day.
I'm not trying to simply troll, I'm merely bringing what I believe is a very valid point to the linode customer base. I'm not trying to get everyone to cancel their service just because of my personal principles, but instead want people to simply question if linode's policies are truly well founded technically and legally, and if they truly have the respect for privacy they claim to hold in such high regard. The issue of on-line privacy is becoming an increasing fragile issue in today's world, and if every network operator simply throws up their hands in dismay when ever they receive a legal notice that may or may not be valid the internet will cease to be the open platform it is today, and become an increasingly restricted ecosystem.

Though I did not react as if the sky was falling because of a stupid DMCA notice, I in no way ignored the issue, or told them I flat out didn't care -- I personally did everything I could to adhere to their TOS, researched any and all ways to mitigate malicious and illegal traffic, promptly put such traffic filtering rules in place, and went one step further to request if I missed some networking magic that exists, and to please bring it to my attention. What's more, I never at any given point came anywhere close to violating the DMCA -- simply receiving a notice is not proof of infringement. Ultimately I wanted to believe their public statement that operating a TOR exit node was acceptable, but it very quickly became clear that the actual operation of an exit node inherently offends their "principles" and otherwise violated a vague and contradictory TOS.

If you enjoy your linode service and find it a good value I encourage you all to continue using them as your VPS provider. However, if you are passionate about internet privacy I encourage you to contact Linode with your concerns about how they handle these matters.

Except disabling your tor exit node. By your admission, your tor exit node was bound to generate questionable traffic. By Linode's ToS, such traffic was unacceptable. Thus, the only solution is to stop running an exit node.

My question is: why did you not simply switch from a tor exit node to a relay? Then you could help support your beloved internet privacy, and immediately solve all problems with everyone.

Perhaps it is. But this is not the place to prove that point, not when your actions are putting every other Linode customer at risk.




No you didn't. You said earlier:



This clearly shows that you either did not read Linode TOS or don't understand it. The part from the TOS I quoted earlier includes TRANSMISSION. Operating a TOR exit node that transmits illegal content (including what appears as Wordpress hacking attempt to promote child porn) is in violation of the TOS.

Your concerns about overall privacy on the Net may be valid, but let's be honest. Human nature is what it is. Any opportunity to operate on the Net anonymously and without the risk of being caught WILL (by statistical certainty) result with abuse. Across all protocols and ports, from p2p, http, smtp, pop3, imap, you name it. And to prevent that you'd have to shut down port by port effectively rendering your node useless.




That is irrelevant. Linode HAS to respond to DMCA notices, has to inform you and has the obligation to shut down your server if the notices persist. If you think that is unfair, you're welcome to file anti-DMCA claim and even sue whoever is (wrongly) accusing you.

Which is not Linode. They're just protecting their business and doing so, they're protecting our business.

Actually that's an awesome question that cuts nicely into the heart of the matter! Initially I just kept running it as an exit node simply because:
A.) The technical staff told me they had others that ran exit nodes on their network without complaints.
B.) There are fewer exit nodes in the US, so I wanted to help build a better geographic dispersal of exit nodes.

While changing it to a relay certainly would be a perfectly valid solution to mitigate the false-positive DMCA notices, etc. But my point about the technical operation of the TOR network would still stand -- the exact same malicious / illegal traffic that they were complaining about would still be "transmitting" out my IP and through their network, they just wouldn't know as much about it.

So that's the big issue right there: "evil" traffic travels through not just the TOR network, but virtually every ISP and data center in the world, all day, every day. But in this case, instead of spending their time sending complaints to the actual people who are the real source of the traffic (the people bittorrenting House, or the retarded script kiddies), they harass me about it, as if there was something I could really do about it, as if I was in *any* way responsible. Instead of threatening to take my server off-line because they don't like complaints about traffic that travels through TOR, maybe they could spend more time and effort locating the real problem, or even just be willing to work with me in actually trying to build a better TOR exit node policy, as I do have fairly advanced networking knowledge. *OR* they could just be up front and change their TOS to read "You absolutely can't run a TOR exit node on our network because we've already submitted to strong-arm lawyers that aren't even going to sue us over this anyway."

Here is another list.

Interestingly, they list a few US hosting providers which allow running TOR exit nodes pretty much unconditionally. This basically disproves the theory presented here that hosting provider has no choice but to comply with any DMCA take down notice, irrespective of validity. I have no experience in this matter, but I guess these hosting providers simply send some standardized "get lost" reply to DMCA take down notices after verifying these notices refer to TOR exit nodes and not some stored material. Because contrary to what most people here seem to believe, no one was ever sued for running TOR node (including exit node) or any other similar service. And if I had to guess why overzealous RIAA/MPAA lawyers never sued anyone over this, I would guess that EFF lawyers are probably right when they say this activity is completely legal under current US law (unlike hosting copyrighted material without permission of copyright owner).

So, if other US hosting providers can do it, why not Linode?

Thank you.