• 0 Posts
  • 8 Comments
Joined 1 year ago
cake
Cake day: March 2nd, 2024

help-circle
  • Tor operator here.

    If you don’t have a second IP for your relay, don’t host at home. You will have CAPTCHAs everywhere, many sites will block you and your ISP will eventually contact you to stop degrading their IP space reputation.

    Most website owners don’t discriminate between Tor exits and relays. They subscribe to block-lists that include all known Tor IP addresses. Major online services will make your browsing experience really shitty and once you’re a “known Tor IP” it will take months to remove that reputation.

    You can run a Bridge instead, but you will eventually have the same problem.







  • Yup, but you have to think “how would malicious software/spyware/whatever get in our source code and if it does, how would we detect it?”

    that’s where ISO and SOC II add value and give some assurance that detective, preventative and corrective controls exist and are working to prevent an issue.

    If the company maliciously inserts back doors into closed source code and sells it like that, no amount of external audit is going to defend against that because they’ll just hide the code from the auditors.