i feel so alone.

i see what you're saying, but i have to disagree some. remember the stanford prison experiment? everyone there knew they were part of a study or an experiment, and yet they went well beyond what their described roles were, into some very dark places.

FTFY.

agreed, but, (and i do not manage enterprise networks or handle security/compliance) as i understand it, the problem lies in some hardware or software being able to tell the difference between a connection that the user (or legitimate software) intended to initiate (or participate in), and a connection that the user/software did not intend to initiate or participate in.

even if you had human eyes watching and controlling every connection, that would be tough. connecting to a russian IP address from your Toledo, KS office? probably unintended. unless if it's someone in purchasing buying that SQL extension, or Outlook add-on, from that small Russian software developer. or a chinese IP address, with an encrypted connection? is it one of your designers uploading new schematics to the chinese fab company?

in talking with folks from the x-force (IBM's ISS team), enterprise networking, networking VARs, and manufacturers, the intent behind the connection is the hardest thing to program for in network security.

with drive-by downloads, phony system messages, work attachments from infected friends, lovers, coworkers, etc. just like what happened to a coworker, an above-average computer user for an IT company. all of a sudden he's got (literally out of nowhere) a new, very microsoft-looking anti-virus* (and considering that ms just came out with, or is coming out with a free fully-featured AV app, (which he knows, since he's in charge of enterprise software, including microsoft EA, etc.) he almost leaves it alone, until it asked him for $70 USD) that claimed to have found a nasty trojan that needed to be removed IMMEDIATELY or else the moon falls, internet dies, cthulhu comes a'calling, etc etc etc.

we've all seen the hokey web popups that claim to have found problems with your PC. this is just the not-new next step. which is all the easier to accomplish with software that you understandably *don't* want the user looking at...


* note: when i saw the phony AV malware, i, too, thought it was the new MS antivirus, until i poked around in it and found misspellings, grammar mistakes, etc. (all you anti-grammar-nazis out there, this is why people bitch about it - it's very hard to take someone seriously when their thoughts are misspelled, unorganized, and give the impression they're representative of someone uneducated/irrelevant - imagine if you booted into AIX, or Windows, or were poking around in Excel, or your legit AV and were greeted with a screen that said "Weclome, user, our helps desk are for 24/7 hour service".....pardon the flamebait at the end please)

so, i tried this. i was a live Tor relay for one day. then i was banned from every IRC server i might want to use (except the one for Tor). and then, on the second day, Tor quit working.. bandwidth check, good. node publication, good. actually connectivity to the Tor network? nope. i use RR in north TX, from what i hear, they don't block Tor, but i don't have any other explanations.

i'd love to help... it's just not working out. i'm open to possible solutions, or alternatives, though.