If there's a better way, I'd love to know about it.
But the better way is to take into account exit policies. Only ban access from those IPs that are Tor exits and allow access through to justin.tv.
You can query the exit policies of a given exit with TorDNSEL: https://www.torproject.org/tordnsel/
I also whipped up a quick script that can be fed a list of Tor exit nodes on STDIN and will spew out a list of exits that aren't allowed to access a given IP:PORT: http://gist.github.com/523328
According to that 5/1338 Tor exits have policies that don't allow exits to justin.tv on port 80 (18.104.22.168:80), but e.g. 309/1338 ban exits to irc.freenode.org:6667.
That means that justin.tv is needlessly banning ~0.4% of Tor exit nodes, but someone using the same approach with an IRC server is needlessly banning ~23%. With SMTP (checked on a random GMail server) that percentage rises to 98.8%.
One correction though, justin.tv involves much more than HTTP. Our chat system is actually an irc network, and then of course we have the whole video system which is all non-HTTP traffic.
Right now we just block all tor traffic, for all ports. Sounds like perhaps we could do a bit better than that, and I'll let people know, but I can't say I think it will be a high priority for us unfortunately.
E.g. I'd run a Tor exit node with policies that only allowed wikileaks.org and a few other selected sites, but I don't. Because I know it'll cause me more trouble than it's worth due to a bunch of overzealous administrators.
There's theoretically nothing crazy or bad about running a Tor exit node like that, e.g. one that only allows exits to a few sites that you yourself control.
But in practice it's bad for you because of people that think "let's just nuke it from orbit" is responsible behavior on the Internet, even going so far as to ban whole /24 networks.
Seems like a more measured response than outright blocking of everything.
If you have "IT People" who advocate such a policy, fire them on the spot, and then give them two hours to think about what they have said and plead for their job back.
I find it ironic that tor is routing around the internet damage from censorship, only to run into internet censorship from damaged people.
That's why the Tor project itself publishes a list of Tor routers and exit nodes, if they didn't do it it would be trivial for someone else to compile and publish the list.
It's not just IRC either, a bunch of other services do naïve checking of Tor exit nodes.
Why did I use Tor? Because a website whose FAQ said they don't log IPs (Slashdot) gave my IP to the Secret Service. The Service then came to my house with guns. Seriously.
(I showed them the comment, and they went away. The agents investigating did not actually read the comment before coming to my house to question me about it. WTF?)
Anyway, Tor is a necessity if you post content to the Internet. Although there is very little the legal system can do to you in the US for your protected speech, they can still fuck up and show up at your house to harass you. Use Tor, and they end up in Siberia instead.
Guess I was right!
Plenty more graphs and stats on that page. Also read this for information about the type of people who use it:
Tor is never going to be used by tens of millions of people. It doesn't need to be used by tens of millions of people to serve its purpose and be successful.
I'm not sure why they only present that small subset of countries in their stats. I wish they'd provide more comprehensive stats.
Cookies are per session. I use Firefox with Tor-Button.
In the worst case there is "someone" who does the things I do. But no-one does connect that to me. You could do complicate analysis and pinpoint my demographic through that but no-one does that.
I'm not being negative here, I just have no idea what 'problem' is trying to be solved here.
What about when your service is used exclusively by law breakers? Will anonymity be a great policy then?
As for the service being used exclusively by law breakers, I think that hypothetical is far-fetched. DDG has plenty of users now that don't care much about privacy, and I don't think most Tor users are law breakers. So I see this whole line of reasoning as a non-issue.
Advertising your service as an untraceable anonymous service, is attractive to certain groups of people. A large amount of those are going to be engaging in unlawful activities.
The analogy would be advertising your restaurant as one in which you are permitted to enter wearing full body disguises and helped with your exit through various escape routes. The restaurant owners will provide gloves for you, remove any traces of your DNA, etc.
Don't you think such a restaurant would then be used by murderers?
I would agree with your analogy in that an 'anonymous restaurant', where you are granted complete anonymity whilst inside, would also be a recipe for disaster.
You kinda forgot the 'anonymity' bit in your analogy though... Convenient ;)
Each of us has a right to privacy. This allows for nefarious activities but it also enables many forms of creativity.
Anonymity = bad
Just my 2c.
Who is "jrockway"? Why would being more anonymous or less anonymous make my comments more or less useful or interesting?
If anonymity is bad, why do you use a nickname here?
Once you allow anonymity, you also allow impersonation, endless trolling, abuse, etc etc.
Information is power; the less you give to other people, the more power you have over your own life. Why let your ISP and search engine learn more about you than they need to know?
DDG is targeting itself to tech-savvy people that don't feel like leaking their entire life to the Internet. The Tor relay helps this marketing goal.
The parallels with Reddit are certainly there I hope you can appreciate. I'm not saying it's completely the wrong strategy, but it's certainly not the one I'd choose.
Total Google searches: 21717
None of these searches are in the categories you mention, but I bet you can still make up some interesting statistics about me.
Since we have a "zero tolerance" policy when it comes to child molesters ("zero tolerance" meaning "guilty until proved innocent") we are accusing you of this crime (and telling your workplace and all of your acquaintances).
You may now use whatever meager life-savings you might have to defend yourself against these charges. This should not take long as you are also now friendless and out of work.
Have a nice day.
Anyway, seems my views are falling on deaf ears.
Maybe people really do care about their privacy. Everyone has that stalker ex that they want to avoid.