© 2015-2017 by Zack Smith. All rights reserved.
Analysis of possible rationales for blocking Tor users
The justifications that website owners might adopt for blocking Tor users can often be deduced or just reverse-engineered. Sometimes they remain mysterious but interesting to ruminate on.
Argument 0
Because some companies make money by selling information about you to advertisers and governments, they want to block or impede Tor users because they can't figure out who you are.
Known to be blocking:
| Google search | requires entering a Captcha (sometimes many times) |
| prevents any use of the site | |
| CloudFlare | requires Captcha: could it be they are selling out visitors to CloudFlare-hosted sites? |
The CloudFlare impediment affects many websites that might not normally choose to block anonymous users, including:
- Voat
- www.GlobalResearch.ca
- TechDirt.com AKA floor64
- Wireshark.org
- SuperUser.com, ServerFault.com, StackExchange.com
It appears the website owner can require an arbitrary number of captchas.
CloudFlare hosts Hacking Team, which is an Italian company that provides tools for dictators allowing them to oppress dissidents and minorities.
Argument 1
Because scammers will be inclined to use Tor to access free email services in order to perpetrate phishing attacks, or to lure their marks toward drive-by hacking attack sites, or other nefarious purposes, it is not unreasonable to block Tor users from accessing free online email accounts.
Known to be blocking:
| AOL mail | prevents login |
| Gmail | prevents sign-up without mobile phone number-- not just for two-factor, it is to identify you |
| GMX mail | prevents sign-up altogether |
| Yahoo mail | prevents sign-up without mobile phone number |
| Yandex mail | does not respond to click on Create Account button |
| Inbox.com | can create account but prevented from viewing the inbox. |
| GuerrillaMail.com | the Captcha no longer works. |
Note that inbox.com does not always enforce HTTPS, so your email contents may be visible to
others in a public Wifi situation.
Argument 2
Because it is proven that people are being paid to post fake reviews of businesses and products (job ads for such gigs are conspicuous online), it is not unreasonable for online services that depend on accurate reviews to block Tor users.
Known to be blocking:
| Yelp | no access whatsoever |
| Amazon.com | a message says it is blocking robots... but not paid reviewers? |
Note that businesses have many ways to manipulate Yelp and Amazon reviews, regardless of Tor access, the chief among them being to pay large numbers of contractors to write phony reviews in click farms.
Argument 3
Because online dating users are the target of scammers who induce gullible victims to, for instance, send money abroad, it is not unreasonable to block Tor users from online dating sites because dating sites may want to block scammers by region (Nigeria) or ISP (e.g. Kyivstar).
Known to be blocking:
| OKCupid | They also do not provide non-Tor users with HTTPS connections for non-login browsing |
| POF.com | They also do not provide non-Tor users with HTTPS connections at all |
| Match.com AKA Meetic | They pretend to be down for maintenance to Tor users |
The fact that these two companies traffic in users' information and do not use SSL for web users is a bit suspicious and disturbing and could mean they are willingly complicit with government profiling of citizens. If that is the case, it would certainly explain the personality profiling questions that companies claim are meant to help users meet just the right (fake) love interests.
Argument 4
Because grassroots-commerce like Craigslist and freelancer websites like Elance are sometimes used by scammers to induce people into sending money abroad and performing free labor, respectively, it's reasonable to block Tor users.
However, Craigslist does not successfully block foreigner scammers. They just block Tor.
The commonest housing scam is perhaps one that fools Craigslist users into sending money to a landlord who has recently moved overseas. In reality, the scammer is not a landlord and has nothing to do with the property in question.
One example of a free-labor labor scam involves translation companies that request prospective translators to prove that they are skilled at translating by doing a translation of just one or two paragraphs of sample text. In reality the scammer took a document, broke it into several pieces and sent each one to a wannabe translator, none of whom will ever be paid.
| Craigslist | prevents viewing ads |
| TaskRabbit | cannot sign up |
| Elance | perhaps to block scammers looking for free labor from desperate people |
Argument 5
Because website scrapers
are using retail websites to obtain pricing
data that consumers could use to compare prices at different retailers to find
the best deals e.g. using apps that scan barcodes,
retailers are inclined to block Tor users lest it be used by
scrapers. This is bad for consumers and good for retailers.
| Sears.com | perhaps to prevent scraping via Tor |
| Frys.com | perhaps to prevent scraping via Tor |
| Walmart.com | complete blockage perhaps to prevent scraping via Tor |
| Bestbuy.com | presumably due to online reviews or to prevent scraping |
Argument 6
Because a website is providing paid-for data that competitors would like to scrape and thereby use without paying for it, websites will be inclined on principle to block Tor users. Real estate data is the prime example.
Or perhaps the company that provided the data is requiring that Tor users be blocked.
This justification for blocking Tor users would not prevent people from scraping at an Internet café, or via a borrowed Wifi connection, or at a university, or from overseas. Therefore blocking Tor users is somewhat futile.
| Trulia.com | complete blockage |
| Redfin.com | complete blockage |
| Realtor.com i.e. Move | complete blockage |
Argument 7
Because governments want to know which citizens are concerned about corrupt politics and government wrongdoing, they want to block or undermine Tor users, who unlike non-Tor users can't be identified.
Known to be blocking:
| Senate.gov | says Access Denied to http:serve-403-www.senate.gov/. |
Argument 8
Because some people might try to attempt attacks such as SQL injection via Tor, and website owners are much too lazy or ignorant to secure our systems, or we are newbies. Therefore let us simply block Tor, and force all such attacks to be done without Tor.
Related: IBM Tells Companies To Block Tor On Security Grounds
Unrelated: IBM's Role in the Holocaust -- What the New Documents Reveal
Argument 9
Given that package shipment information can in theory be intercepted which can then be used to track and steal delivered packages, it may be reasonable to block Tor users from obtaining package delivery status, so that information about thieves accessing delivery info can be recorded.
Package tracking information could also be used by spooks to seize electronics and implant spying technology.
How do they get access to delivery info?
- Reading unencrypted mail traffic on public Wifi.
- Or by hacking into mail servers to read emails.
- Or providing bogus Wifi hotspots that decrypt traffic (Man in the Middle attack) e.g. mail or Fedex/UPS/DHL site visits.
| USPS.com | intermittent blocking |
Somewhat murkier, rather suspicious
Some websites have instituted blockage of Tor users for less clear reasons.
| Hacker News (Y Combinator) | Perhaps symbolic to show Silicon Valley leaders are globalists, not libertarians |
| Wikimedia downloads page | Why not if Tor users are smart enough see through Wikipedia fake news? |
| Gutenberg.org | This could mean they wish to help spooks track what you read. |
| Webchat.Twit.tv | They dislike or do not want anonymous commenters in their chat for some reason. |
| Sitecheck.Sucuri.net | This could mean they wish to help spooks track what you scan. |
| Coffee houses e.g. Coffee and Tea Leaf | security theater |
| Restaurants e.g. Panera Bread | security theater |
Useful Tor-friendly services
- TorBirdy: The Thunderbird plugin that sends all email through Tor.
- A place to receive emails
Links