2017-singh-characterizing
findings extracted from this paper
-
CloudFlare platform policy creates outsized blocking: 80% of CloudFlare-hosted websites discriminate against at least 60% of studied Tor exits, while Amazon- and Akamai-hosted sites show high policy diversity. Social networking and shopping sites are the most aggressive discriminators — 50% block over 60% of studied exits — while search engines are least aggressive, with 83% blocking fewer than 20% of exits.
-
Conservative exit policies (Reduced-Reduced, which additionally blocks SSH, Telnet, and IRC ports beyond the default) have no statistically significant correlation with IP blacklisting rates or abuse complaint volume. Web-traffic accounts for 98.88% of all connections on Reduced-Reduced exits, confirming that ports 80/443 are the primary abuse vector and that port-restriction does not meaningfully reduce exposure.
-
7% of 84 commercial IP blacklists proactively blacklist Tor exit relay IPs as a matter of policy: the Snort IP and Paid Aggregator blacklists listed newly deployed relay IPs within 3 hours of their first appearance in the Tor consensus and maintained the listing for the entire relay lifetime. In total, 88% of all Tor exits appear on at least one commercial blacklist, compared to 9% of VPNGate and 69% of HMA VPN endpoints.
-
Real Tor users browsing the Alexa Top 1M websites via deployed exit relays experience failed HTTP requests at rates of 15.8–33.4% and failed HTTPS handshakes at rates of 35.0–49.6%, representing severe service degradation compared to non-Tor browsing (Table 8).
-
20.03% of Alexa Top 500 website front-page loads showed discrimination against Tor exit users. Exercising search functionality on compatible sites raised discrimination by 3.89% (to 21.33%), while exercising login functionality raised it by 7.48% (to 24.56%), demonstrating that headless front-page-only crawlers significantly underestimate the true blocking rate Tor users face.