Possible upcoming attempts to disable the Tor network
The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialized servers in the network called directory authorities. (Directory authorities help Tor clients learn the list of relays that make up the Tor network.) We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use.
We hope that this attack doesn't occur; Tor is used by many good people. If the network is affected, we will immediately inform users via this blog and our Twitter feed @TorProject, along with more information if we become aware of any related risks to Tor users.
The Tor network provides a safe haven from surveillance, censorship, and computer network exploitation for millions of people who live in repressive regimes, including human rights activists in countries such as Iran, Syria, and Russia. People use the Tor network every day to conduct their daily business without fear that their online activities and speech (Facebook posts, email, Twitter feeds) will be tracked and used against them later. Millions more also use the Tor network at their local internet cafe to stay safe for ordinary web browsing.
Tor is also used by banks, diplomatic officials, members of law enforcement, bloggers, and many others. Attempts to disable the Tor network would interfere with all of these users, not just ones disliked by the attacker.
Every person has the right to privacy. This right is a foundation of a democratic society. For example, if Members of the British Parliament or US Congress cannot share ideas and opinions free of government spying, then they cannot remain independent from other branches of government. If journalists are unable to keep their sources confidential, then the ability of the press to check the power of the government is compromised. If human rights workers can't report evidence of possible crimes against humanity, it is impossible for other bodies to examine this evidence and to react. In the service of justice, we believe that the answer is to open up communication lines for everyone, securely and anonymously.
The Tor network provides online anonymity and privacy that allow freedom for everyone. Like freedom of speech, online privacy is a right for all.
[Update Monday Dec 22: So far all is quiet on the directory authority front, and no news is good news.]
[Update Sunday Dec 28: Still quiet. This is good.]
Comments
Please note that the comment area below has been archived.
Yes, my inside sources have
Yes, my inside sources have informed me that the FBI is planning to take down parts of the Tor network as part of the investigation into the source of the Sony hack by North Korean sympathizers.
(To be clear, I don't know
(To be clear, I don't know who this person is and as far as I know this isn't the person who tipped us off to write the blog post. That said, if you know something we need to know, please tell us!)
So it does have to do with
So it does have to do with the Sony hack? I read on CNN that the hackers were routed through severs in Asia, Europe, Latin America and even some in the US.
"routed through severs" what
"routed through severs"
what are they, the fuckin teenage mutant ninja turtles?
severs != sewers
severs != sewers
he's behind 7 proxies!
he's behind 7 proxies!
PUBLIC WI-FI!!!!!!!!
PUBLIC WI-FI!!!!!!!!
And more than likely
And more than likely involved some disgruntled ex Sony employees.
The sony hack was almost
The sony hack was almost certainly determined to be state-sponsored North Korean hackers.
Probably totally unrelated.
Yes, I also currently think
Yes, I also currently think it's unrelated.
(Criminals don't need Tor; they've got lots of other options, and in some cases better options:
https://www.torproject.org/docs/faq-abuse#WhatAboutCriminals
)
We know Tor probably has
We know Tor probably has nothing to do with the Sony attack; the public don't. They will just believe whatever the government tell them. If the government want Tor to be down, they can put the blame on Tor (regardless of whether the attack really came from Tor), and shut down any servers or personal computers running Tor.
The government can't just
The government can't just "shut down" any personal computer running Tor. It would be easier to just shut down the government than that happening.
Of course they can. They can
Of course they can. They can fake up an imaginary crime, they can hack it, or they can DoS it.
NSA in particular have been
NSA in particular have been looking for a "justifiable cause" to attack TOR recently comment where made to the effect that operatives where"helping the tor team find possible weaknesses".
There are some interesting points to consider
1) many relays are high capacity high speed relays.not the sort of thing you would usually associate with a volunteer network of users.
2) "copyright" holders. have been wanting to find ways to control internet traffic to their advantage. citing"piracy" having not managed to get their way through offician channels their MO is not to try and get under the table agreements allowing them to directly interfere with DNS lockup tables at the backbone level.
3) As has already been pointed out. leaving aside outfits like the silk road drug distribution network criminals, including terrorists DO NOT use tor simple because they KNOW that doing to would bring them to the attention of the authorities .
4) Governments have increasingly been taking the assumption that they, and they alone are entitled to privacy no one else matters. the oft quoted"nothing to hide, nothing to fear" comes to mind and does not hold water.
I note that today(23/12/14 it took several attempts to establish a TOR connection, this is in itself an atypical experience for me usually i am able to establish a connection first try, within 30 seconds. 60 seconds max.
this leads me to believe two possible scenarios are in operation
a) fallback measures are being put into place
or
b) TOR is under active attack.
Lets see the evidence.
Lets see the evidence.
LOL, I think that North
LOL, I think that North Korea doesn't have a unit 21 of high qualified hackers because it is too dangerous to have them.
1) North Korea is isolated from internet => there is a very little people who understand what these "hackers" do => who will supervise these men? They will be selfsupervised.
2) They have to give them unlimited access to foreign internet (because noone except them understand what they do and wheither they really need this information)
3) The hacker is a freeminded man.
4) 2) + 3) => they will understand all the shit about North Korea and will get angry.
5) because they cannot be controlled, they can start secretely destroying NK from the inside and noone can detemine that.
I think that
1) it is a psyop made to create a casus belli to put the screws on Internet in the US (see http://patch.com/california/studiocity/obama-slams-sony-north-korea-cal… )
2) NK is a voluntary scarecrow to frighten the citizens of all the countries of the world. One more reason to distract them from inner problems and remember them that if they require too much freedoms, rights and respect, the state will have to take measures like in NK such as cruel penalties for all law breaking, a collective penalty (very effective multieffect mesure), prohibition all the potentially uncontrollable means of taking freedom (arms, crypto without key escrow, computers without backdoors, radios with possibility to tune it, etc) with very cruel penalties, authoritarian/totalitarian regime enshrined in law, high taxes (to make people think only about that how to survive this taxes (paying them and surviving after it)), etc...
that is a somewhat bogus
that is a somewhat bogus analysis. you obviously don't understand what brainwashing is, how it works, and or what motivates people to work. Your analysis of the system is done based on purely on western views. Surely if this were the case, there would be no Chineese, American, Russian, or any other nationalist hackers as well. Lets break this down.
>1) North Korea is isolated from internet => there is a very little people who understand what these "hackers" do => who will supervise these men? They will be selfsupervised.
Grew up in an isolated enviroment, being brainwashed since day one that NK is the best, and probably for a long time, that they are the elite of North Korea, and that everything else is pure propaganda. Given there is only 21 of them in a country of 7 million, there is no reason that NK can't give them special privledge that no one else gets, or other carrots, in addition to the brainwashing.
>2) They have to give them unlimited access to foreign internet (because noone except them understand what they do and wheither they really need this information)
and this gives them major leverage in North Korean society. Even if they understood how harmful NK is, they'd have to give up their status as elites. Or mabey even besides NK internet they are still not a fan of the USA and see themselves the way America does, as anti-Imperialist crusaders. Many other anti-USA nations are now sending envoys to NK to warm ties.
>3) The hacker is a freeminded man.
the American/Western hacker tradition grew out of countercultures very unique to America/the west, and its very anti-tech, very anti-intellectual cultures. "Hackers" as we know them, grew up being hated for being as such, by people who hated and feared the machines.
This is not an imperative of the computer using skill. There are no western style self-taught hackers from North Korea. Their hackers are taught, and funded by the state, and most likely developed a culture along radically diffrent lines.
People have this strange notion that everyone in North Korea is getting ready to defect at a moments notice, and that its basicly like East Germany, with no real popular support, or willpower. It is nothing more than rhetoric based on propaganda.
seems you are still trying
seems you are still trying to play "democracy == usa" card. it's just false pretend. it "was" but now it "is" police state with enormous brain washing capabilities. sure there is small nearly negligible part of usa government structures with sympathy to democracy way but en masse control is in nsa/cia/fbi hands. There is the place where main harm to internet is done and ongoing. And this unhuman structure arise on uncontrolled spending of tax players money and falsifying constitution.
and after all recent disclosures you still trying to speculate on possibility of small number of foreign hackers to "harm" whole internet already owned/controlled by nsa...
Well, actually those NK
Well, actually those NK hackers were trained when they were young children.The authorities needed to do tests to choose those who had gift to study hacking skills and gave them proper educations and training, like sending them abroad (Of course cutting off the contacts of outside is very essential) and then sending them back to the university. NK has a special unit in composed of elite hackers.Their skills are no better
than super hackers from US, UK, Deutschland, Russia etc. Despite this brain wash is still vitally important~
hope can help~
certainly it's like the new
certainly it's like the new 911 secret service rise. nsa new mind control chip is ready.
Actually, NK, does have
Actually, NK, does have internet in several different open ad closed variations ! Furthermore, there is a Unit 21, in addition to many more dedicated sections and subsections [ with various and different responsibilities ] !
There was an excellent blog on Twitter from @cyberwar, who mapped and scanned many of the different computers and their IP addresses, even so far as to I'd a Macbook.
So, the lesson here is...don't spout unscholarly drivel just to inflate your own ego. Now that you have been properly scolded, I take my leave.
TOR ROCKS PLANET EARTH...NEVER QUIT !
Sony wasn't hacked by north
Sony wasn't hacked by north Korea, evidence of that will come
Evidence is out, but it is
Evidence is out, but it is being heavily censored by Youtube/Google, and others.
whatever suck up! i have a
whatever suck up! i have a CCC attack going on and a Hp attack,Label print attack,Power Director attack Going on ever since the X-Box360 attack on Christmas! It Looks like a clean install! But I will mention that I got a mystery update By Microcrap itsef !!!! KB 971033 , once I installed it more SHTF! Microsoftis BAD !
You forgot Japan and the
You forgot Japan and the fact that they gained access via the Sony Picture building itself initially.
Complete lie. North Korea
Complete lie. North Korea had NOTHING to do with the Sony hack.
It's just another volly in a long cyber war between Sony and hackers, that's been going on for a decade.
>U.S. officials also tell
>U.S. officials also tell CNN the hackers routed the attack through servers in countries from Asia, Europe and Latin America, even some in the U.S.
>The hackers used common DNS masking techniques to make it look like it was coming from those places, but the National Security Agency and FBI were able to track it back to North Korea.
>North Korean internet traffic is routed through China, which is one way they are able to hide their activity, but the FBI was still able to trace it back to the origin, sources tell CNN.
This sounds like Tor is totally useless against the NSA and that they are able to see a full path through a Tor circuit back to the Tor client but if they are able to do this why would FBI need to seize Tor directory authority servers for the purpose of investigation?
Tor is not what I would
Tor is not what I would describe as "common DNS masking techniques". It sounds like the Sony people used something much simpler than Tor. For example, a common bad-guy approach is to break into a computer and then route your traffic through it. And a common bad-guy slip-up is to accidentally make a direct connection once because you wanted to see if your attack is working or something like that.
FWIW, this blog post
FWIW, this blog post states:
The attackers appear to have used TOR exit nodes and VPNs to help cover their tracks, which indicates some awareness of operational security (OPSEC).
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/North-Korea-and-…
Indeed! Thank you. I will
Indeed! Thank you. I will investigate more. Other people should please investigate more too.
I would trust more on this
I would trust more on this North Korea thing if accusations come from sources other than the U.S. Government and/or U.S. corporations. Really.
extremely useful advice.
extremely useful advice. falsifier #1 is "U.S. Government and/or U.S. corporations".
bcose as they say 'national security matter, so shut up an eat'.
and it can be just a pr action before attack on nk country. btw is nk in one basket with kgb state?
>The hackers used common DNS
>The hackers used common DNS masking techniques to make it look like it was coming from those places,
Sounds like advanced hacking (yeah I'm sarcastic).
Considering the hackers did
Considering the hackers did not hack it from Korea, but rather a hotel in Thailand, all that info is bull.
You mean the Sony hack by
You mean the Sony hack by Sony as a publicity stunt?
The Sony hack by Sony was my
The Sony hack by Sony was my first thought until they pulled the movie. Even so, if it is re-released it certainly has plenty of free press. And if the leader of North Korea weighs in with a positive review, who knows. He looks ready to enjoy some NBA games and give up on all this fearless leader business.
:-)
Sony pulled the plug because
Sony pulled the plug because they knew the movie was going to be a flop. Instead of having the balls to admit failure they create the big hack scare and place the blame on someone other than themselves.
bottom line is never believe
bottom line is never believe corporations. especial sony.
remember sony cd-virus business? or changing technology for artificial lowering life time of hardware?
they will do anything to rise profit.
There is almost no chance
There is almost no chance IMO that Sony would release 50,000 of their employees social security numbers, passwords, credit cards, the email inbox of the ceo and other people.
They have nothing to hide.
They have nothing to hide.
The movie is to be released.
The movie is to be released.
of course it's sony hacking
of course it's sony hacking sony, helped by US govt.
sony gets to test punk marketing for a movie and manipulates the public to pay for a movie they'd probably normally illegally download by 'mah stars and stripes' patriotism rant.
US govt gets another reason to ramp up sanctions against ronery korea as well as kicking TOR in the head and looking like internet supercops.
US corps play along for their own interests and the paradigm of white hats v black hats is clearly defined for the sheeple so they can go back to sleep.
mission accomplished (insert aircraft carrier)
Problem, reaction, solution.
Problem, reaction, solution.
It is Anonymous.
It is Anonymous.
Greetings Tor. Your insider
Greetings Tor.
Your insider may wish to purchase a crash helmet..
As you know Tor was attacked by #LizardSquad @MafiaSquad.
They and #FinestSquad are part of a huge FBI/US intelligence psy op.
I will leave you to ponder upon the implications of this
Good to see the attack was a big fail.
Happy new year Tor...It's gonna be a fun packed one for sure!
S.U. Wizard.
TOR is criminal.. destroyed
TOR is criminal.. destroyed the files on my computer.Want a fee or use their browser to get them back
huzzah
huzzah
Thank you all for the
Thank you all for the warning, and thank you for your work.
What can we do?
What can we do?
If you know any people or
If you know any people or groups who misunderstand the value of Tor, you can teach them why trying to undermine the Tor network would harm a lot of good people and generally cause huge collateral damage. Explain how Tor has helped you in your work. Help spread the word.
So, short answer, don't worry too much. We wanted to be safe and tell you just in case it turns into something.
a) stop using google b) set
a) stop using google
b) set useragent string "google go away"
c) go to real shop, buy some real beer, drink it and think who the fuck is that sony? bear?
d) change everything back and relax watching new pr show.
To the bat mobile... Swoosh!
To the bat mobile... Swoosh!
Umm, who wants to and is
Umm, who wants to and is going to seize which nodes where an why?
Stop with all the veiled silence bullshit, it makes you look stupid, and like some questionable entity.
Torproject is not the only voice and direction of tor, and you're preventing the rest of the voices from speaking freely in support.
To be sure to keep our
To be sure to keep our source safe, we're not providing more details quite yet.
But actually, we don't know many more details than the ones we posted. And as for your 'why', that's an excellent question, and one we've been wrestling with too. There are nine directory authorities, spread around the US and Europe. If they're trying to hunt down particular Tor users, most possible attacks on directory authorities would be unproductive, since those relays don't know anything about what particular Tor users are doing.
Our previous plan had been to sit tight and hope nothing happens. Then we realized that was a silly plan when we could do this one instead.
What exactly is the upside
What exactly is the upside of making the rumor public? Downside is the seizure doesn't actually occur for whatever reason (good so far..) and then Pando publishes a series of 'cry wolf' articles about how Tor is run by delusional paranoids with a persecution complex.
Because they believe its
Because they believe its more than just a rumor? Why not share that information?
Don't reply to this jerkoff.
Don't reply to this jerkoff. He's probably some self-interested party (poorly) masquerading as a neutral observer.
Oh my god is it the Pando
Oh my god is it the Pando guy who wrote that article exposing Tor's BIG SECRET: that it receives government funding?
I think it depends on the
I think it depends on the definition of upside and downside. If there is no attack, then that is good for Tor users. Maybe the attack was delayed or redesigned, or maybe it never actually existed. If this happens, we may never know. There may be repercussions, but it's a necessary risk, because if there is an attack and we didn't say anything then that puts users at risk, and that goes against the purpose of this project.
Who believes that paranoiacs
Who believes that paranoiacs are delusional anymore?
All anyone has to do is point at the NSA and that argument is invalidated.
It's a real blow for mental health workers, actually.
fine words. sick and tied of
fine words. sick and tied of such spynet blowjob.
What if they know what the
What if they know what the person was doing, ie. which websites they were on and what they were doing and they wanted to find out what their real IP was? Would this be a way to do it?
No (but yes, kind of). The
No (but yes, kind of). The directory authorities know nothing about Tor users, so taking these servers offline or compromising them has no direct impact on the anonymity of users. However, if you control enough of the directory authorities then you can define which relays are in the network. At this point, users can potentially be deanonymized. This is a huge attack, though.
Yes. Two refinements to
Yes. Two refinements to sysrqb's answer:
A) Taking over a threshold of directory authorities would tell you nothing about what Tor users did in the past. It would allow you, at worst, to make up a new fake Tor network and try to trick users into switching to it. See my comment below for more details.
B) By "huge attack" I might instead say "hugely expensive attack", at least in terms of political capital and goodwill.
they want it - to own
they want it - to own internet and allow only marked with your id-number ip packets. they want to insert in you head identification chip with this number and to trace it (and they have done it with home animals). they want you to be part of their own internet machine. they want to harass you with if you try to not use their "services". they simply want to control you. so please try to read some uncontrolled by them sources(real books?) and think.
Surely each operator has a
Surely each operator has a disaster recovery plan in place already, for more usual events like hardware failure. If the servers were seized, could you all not just execute that, and be up and running again within minutes to hours?
In practical terms, is this not simply a minor inconvenience?
Could authorities replace
Could authorities replace seized DAs with their own clones that only send users to NSA/GCHQ controlled nodes? Is this possible without knowing DA private keys if you have full control of the hosting server?
It depends what exactly they
It depends what exactly they can extract from each computer. Years ago we separated the directory authority keys into a long-term (offline) key and a medium-term (online) signing key. Directory authorities have their medium-term key expiring at various times:
https://consensus-health.torproject.org/#authoritykeys
We've taken some steps recently that we hope will make it quite hard for attackers to extract the medium-term key even if they seize the computer. So for the ones where that hope turns out to be true, they get basically nothing besides disruption by seizing that authority.
If they nonetheless can extract five unexpired signing keys, then they can make up their own consensus and point people to their own relays. That would indeed be really bad. For a bit of consolation, it would be super highly illegal and places like EFF would be happy to mess them up for it. But let's hope that doesn't happen, especially now that we've made clear to them all the collateral damage involved.
In any case, even if just one is seized, we'll likely put out a new Tor release that stops trusting that one. Otherwise they could in theory keep chipping away at the directory authorities (though the expiration dates on the keys will put an upper bound on how effective that approach could be for them).
Hope that helps.
if you haven't already, you
if you haven't already, you should consider auto-wiping the keys on those servers if motion is detected in their proximity. (assuming they're located somewhere where there normally isn't movement around them, like a cage, anyways.)
from a layer 7 and above
from a layer 7 and above perspective.. are you confident that all directory authority operators will be able to detect whether someone may have physically tampered with or replaced a directory authority box?
for example, jake's most likely not going to be in the US anytime soon, although i'm guessing he has friends who could examine the physical integrity of the directory server he runs.
physical custody of keys/boxes has been on my mind lately, since recent TBB releases were signed with erinn's key even though she doesn't work for the tor project anymore.
These are indeed all
These are indeed all important topics to pay attention to.
As for Erinn's key signing Tor Browser packages (and she does indeed still participate in Tor Browser development stuff), check out
https://trac.torproject.org/projects/tor/ticket/13407
(And also remember that the builds are reproducible, so the signature is not as important as it would have been in the past.)
thanks for the quick reply;
thanks for the quick reply; i agree re: signing keys. wasn't trying to cast doubts..just was pointing out that some of my own tor-related assumptions about who physically controls keys came up recently
hope you've mitigated cold
hope you've mitigated cold boot attacks on all the dirauth machines!
Please in an update add a
Please in an update add a revocation so that at least any long term signing key could revoke any of the medium term keys and itself.
Then each node would only have to hear a revocation once to take that key out of service. It would greatly reduce the benefit of compromising the keys.
>>Could authorities replace
>>Could authorities replace seized DAs with their own clones
yes
>>Is this possible without knowing DA private keys
seized the key got the server
Agreed on the first one
Agreed on the first one (though that's the sort of behavior that EFF would be excited to litigate, since it harms a huge number of ordinary people).
As for the second one, I assume you mean "seized the server got the key", but even then it's somewhat more complicated than that.
I use the torrc to select
I use the torrc to select the DA I trust.
DirAuthority [nickname] [flags] address:port fingerprint
my relays can NoAdvertise
ORPort [address:port] NoAdvertise IPv4Only
but I can't find a way to add relays or include nodes not in the bad DA lists
You should learn more about
You should learn more about the directory design and how the threshold of signatures works. I can't quite figure out what you're doing from what you've said, but it sounds likely that you're shooting yourself in the foot.
In particular, configuring your Tor client to use a subset of the current directory authorities could actually make you weaker than configuring all of them, even if you genuinely do trust only that subset.
Honestly, I agree with the
Honestly, I agree with the poster above. With this threat and the online harassment blog post, you folks are woefully short on *facts*. To me, if you don't share the *reasons* for why you're doing what you're doing, what you're doing is of little use.
It's like the US asking us to trust them, because we can't handle the truth...and we all know how much we trust them.
For a non-profit that's all about openness, Tor sure isn't open when it comes it its own dealings.
I agree totally! Tor, "Stop
I agree totally! Tor, "Stop with all the veiled silence bullshit, it makes you look stupid, and like some questionable entity."
Couldn't Tor get rid of the
Couldn't Tor get rid of the directory authorities somehow ?
I hear that the Tribler network uses a Tor-like protocol without DAs. Anyone can run a bootstrap node, and that's enough to keep the network running apparently.
It looks like bridges for exemple could take on the additional role of bootstrap nodes for Tor.
Has there been any discussion on that ?
I'm not too fond of trusting a couple of servers that may or may not have been seized.
There's not even a warrant cannary page afaik.
There are a bunch of
There are a bunch of research papers looking at exactly this question.
Check out
http://freehaven.net/anonbib/#usenix11-pirtor
for one direction, and then
http://freehaven.net/anonbib/#wpes09-dht-attack
http://freehaven.net/anonbib/#ccs09-shadowwalker
http://freehaven.net/anonbib/#ccs09-torsk
http://freehaven.net/anonbib/#ccs10-lookup
for another direction to consider.
The current situation is that nobody knows of a better design that is actually better in practice. The one we have is well-studied and has well-understood downsides, so I'm not eager to move to one that is poorly-studied and has poorly-understood downsides.
As for Tribler, my current understanding is that Tribler provides *significantly* less anonymity than Tor does, and a lot of its weakness comes exactly because it has an easily attacked network discovery mechanism.
Would you care to
Would you care to extrapolate on why Tribler is less secure than Tor? I'm pretty new to Tribler, and haven't found any good sources on that information.
If enough directory
If enough directory authorities are controlled than the available hosts can be specified by an attacker and they can specify only their hosts. In your the directory authorities are trusted parties in the other one they are whoever wants and so an attacker can create a ton of those.
How about making the
How about making the directory authorities P2P using blockchain technology?
Somebody should actually
Somebody should actually write out the design for this and work through all the details. I bet there will be some interesting, subtle, and devastating attacks on the first couple of versions of this design. More research required!
Namecoin solved this years
Namecoin solved this years ago!
I disagree. See my above
I disagree. See my above comment.
(Part of the confusion probably is that directory authorities serve a variety of purposes in Tor, to defend against a variety of attacks. To move beyond "yes they do no they don't", somebody should write up a clear explanation of everything directory authorities need to do to serve their purposes well. The above links are a good start there, but see also
http://freehaven.net/anonbib/#danezis-pet2008 )
agreed directory AUTHORITIES
agreed directory AUTHORITIES know what is best for me not crypto!
Was 'tor/' was ment to
Was 'tor/' was ment to resolve .onion or nodes?
1. uh ya was namecoin was ah
1. uh ya was namecoin was ah du
2....
3. PROFIT
You should blockchain the
You should blockchain the infrastructure it runs on as well: http://utter.io/
namecoin or torcoin her we
namecoin or torcoin her we come.
I feel a fork is in
I feel a fork is in order.
OpenTOR will have
+local node list addition in torrc ie. private nodes or boot strap nodes
+namcoin tor/ node list option
+namecoin DNS
+node invisablity by dual socks4/https on port 443
Moar on node
Moar on node invisablity.
make a tls/ssl connection to port 443 tor reads first data.
if (first byte 'H') http stream to web server
if (first byte 04 & password good) relay trafic
if (password wrong) stream to web server to send back error
This is a private node if the password is private and a new type of bridge if public. aka f2f bridge
Hey, look, you're trying to
Hey, look, you're trying to reinvent STARTTLS.
no not at all starttls is
no not at all
starttls is just encrypting a port
you can have socks4 and http share a tls port
buffers.c
parse_socks(
...
switch (socksver) {
case 5: /* socks5 */
...
case 4: { /* socks4 */
...
case 'G': /* get */
case 'H': /* head */
case 'P': /* put/post */
case 'C': /* connect */
strlcpy((char*)req->reply,
"HTTP/1.0 501 Tor is not an HTTP Proxy\r\n"
"Content-Type: text/html; charset=iso-8859-1\r\n\r\n"
"\n"
"\n"
"Tor is not an HTTP Proxy\n"
just hand off http(and socks5 because hand shake is required) connection to a web server.
if socks4 has good password relay in tor else connect to web server to return error.
trust me it works! and should be part of tor
starttls is nsa invention.
starttls is nsa invention. nobody in his mind should chance protocol after connection. it is like inviting all the spies in the path. right sequence _must_ be as in: service should wait for some information from a client to select own behavior according to that information. if something wrong - drop connection.
DA can be changed in torrc.
DA can be changed in torrc.
Oh fuck! namecoin &
Oh fuck! namecoin & invisibility? The NSA shils are asleep today!
Ok, I'm going to cut off the
Ok, I'm going to cut off the namecoin thread here before it takes over the whole comment section.
Somebody should actually build an actual proposal here. Come back when you have one. Thanks! :)
(A great place to send such a proposal is the tor-dev mailing list.)
Feel free to fork -- the
Feel free to fork -- the license lets you do so and we are big free software fans.
But please do not name your resulting thing "Tor but better" or a name like that, which will confuse users into thinking your thing is somehow written by the Tor people.
Why not use a cryptocoin
Why not use a cryptocoin like namecoin to determine authority of nameservers?
They would have to take over the whole cryptocoin system with a 50 percent attack which is very difficult to do _especially on a proof of stake coin like the newer coins.
But blockchains by their
But blockchains by their nature record a history of all transactions. It seems to me you're just creating a new risk, here.
It's such a shame to see the
It's such a shame to see the country I live in among the "repressive regimes" :(
Thanks for what you're doing.
It's a shame to not see the
It's a shame to not see the country I live in (US) among them. I think it might turn the tide of public opinion if it were more widely accepted that the chilling effect of "passive" communication interference should be grouped with other forms of repression.
who and why should believe
who and why should believe in "passive"? who can catch them if its not correct?
This whole North Korean hack
This whole North Korean hack thing is so obviously a false flag operation. And who can trust anything the US Government says any more anyway? The worldwide political elite are a haven for crooks, liars, and murderous paedophiles.
Yeah I def think it's a
Yeah I def think it's a false flag operation. The public has been very anti-government of late; wouldn't it be great to rally everyone behind a common enemy?
It's a reptilian conspiracy.
It's a reptilian conspiracy.
This tbh
This tbh
I wondered how long it would
I wondered how long it would be before someone said that. Lizards hate onions.
fine new name for nsa net -
fine new name for nsa net - lizardnet. so i see headlines - "lizardnet define new dangerous trend in user behavior - before watching new daily propaganda block they visiting toilet. our new swat teams ready to fight such illegal behavior."
If its false flag then the
If its false flag then the government has been feeding our media misinformation for years about NK. Everything about the Sony hack fits perfectly and points directly at NK. Not to mention they have reason to not like Sony and lack of rationality to care about getting caught.
i do not like sony so what?
i do not like sony so what? and if they have some damage i will not be sorry at all.
but what about damage for everyone because of lowering ttl numbers in dns responces by many corporations? for me its more important than some problems in some corporation.
The messages sound American
The messages sound American to me. Like in a comedy where a teenager pretends to be Korean but using cornball Engrish. At one point, the part between the parentheses, they slipped into regular American English.
LulzSec probably left
LulzSec probably left backdoors. This is just a huge troll, and delayed revenge.
Same goes for the UK
Same goes for the UK government,GCHQ are known to want to get a good foothold into TOR some even argue they may have the capability to fully compromise its infrastructure.
It feels like there are
It feels like there are fewer exit nodes these days.
I've got my little 10Megabit
I've got my little 10Megabit exit node running, so I'm doing my part. I bet the TAO are hanging out on my network watching it though....
Thanks for running an exit
Thanks for running an exit relay!
As for TAO hanging out on it, that seems unlikely -- not because nobody would want to watch it, but because various intelligence agencies already work to surveil large parts of the Internet, and I don't think they need the TAO group to help them there.
As for the original point about how it seems there are fewer exit relays these days, check out
https://metrics.torproject.org/bwhist-flags.html?graph=bwhist-flags&sta…
The capacity provided by exit relays is slowly growing (the capacity provide by non-exit relays is indeed growing faster).
And the *number* of exit relays (not really the best measure but it's another way to judge) has been very slowly growing too:
https://metrics.torproject.org/relayflags.html?graph=relayflags&start=2…
I see exclusively big and
I see exclusively big and growing log of "We tried for 15 seconds to connect to 'xxx' using exit yyy at zzz. Retrying on a new circuit" records. So maybe many relays are just fake? Or they allow connections to to sites interesting for nsa operations only? Kind of prefiltering?
Or the site you're trying to
Or the site you're trying to visit is down or flaky. Lots of options. Don't jump to too many conclusions too quickly!
well, i don't. I know site
well, i don't. I know site are not down as i can use plain telnet to check tcp connection. any other comments?
You might still be seeing
You might still be seeing the 15 second timeout thing, if the site you're loading pulls in some third-party component which is unreasonable. And your telnet test to the primary site would not notice this.
Just noticed while running
Just noticed while running distro updates on node smitty that tor had been down for 3 days. Only a disk space issue, however.
Sounds like a good case of
Sounds like a good case of needing to decentralize your directory services... If only there were an amazingly great invention called Bitcoin or Namecoin that could be leveraged to do such a feat.
See above: "The current
See above:
"The current situation is that nobody knows of a better design that is actually better in practice. The one we have is well-studied and has well-understood downsides, so I'm not eager to move to one that is poorly-studied and has poorly-understood downsides."
Right. So every time you
Right. So every time you connected, your IP would be registed in a permanent blockchain, as a means of being discovered by others on the network.
You totally know what you're talking about.
Not necessarily, you could
Not necessarily, you could publish the most recent node list via a blockchain transaction. The publishing address would then be the "announce" address which client's would lookup. That scenario would require no writing to the blockchain. What we don't know is how secure that scenario is.
Wrong block chain has public
Wrong block chain has public list of nodes. All "thay" know is you downloaded namecoin block chain.
Decentralization is very
Decentralization is very much needed, but what's essential for Tor to realize such things is "Developers, developers, developers" ~Steve Ballmer
By the way, i'm not a developer.
I. Love. This. Company.
I. Love. This. Company. Yeaaaaahhhh.
The funny thing is that the
The funny thing is that the more they attack (or attempt to), it just teaches the devs how to strengthen the network. Govts can try to whack-a-mole TOR, but their attempts are futile.
HN thread:
HN thread: https://news.ycombinator.com/item?id=8774833
Is there nothing the
Is there nothing the community can do to improve the situation? Wouldn't it be possible to launch extra DAs in places that are more difficult to shut down?
Unfortunately, just adding
Unfortunately, just adding more DAs doesn't make the system more robust. There's a significant overhead in dirauth communication and the voting process is not as robust as we'd like. We're pretty happy with the set of dirauths we have currently.
The community can do many
The community can do many things to improve the situation. Primarily: donate and educate. Make a financial contribution to Tor Project, be it cash or virtual currency. Educate others about right to privacy. Defend Tor from media attacks labeling it as a nothing but a merchant of death, drugs, and dissidents.
Yes please! We need you, the
Yes please! We need you, the Tor community, to help with education, advocacy, and awareness.
(And donations are great too. 'Tis the season and all.)
Wait, what??
Wait, what?? Donations???
Doesn't the government pay you and your project anymore? Or did you already burn the $100k+ you got and the multi million $ the NSA/DoD/HomelandSec donated to the project this year?
The funding we have from
The funding we have from various government agencies comes in the form of specific deliverables. For example, everybody likes funding work on pluggable transports and censorship circumvention (it's uncontroversial to help with providing freedom for "over there"). But nobody cares much about funding stronger anonymity, since they think we have a great handle on it and thus there's no need to work on it. So donations are how we are able to spend developer and researcher time on the things that the world needs but it's hard to find funders for.
For other background and explanations, see
https://blog.torproject.org/blog/transparency-openness-and-our-2013-fin…
and also our 30c3 talk which discusses funders and funding:
https://www.youtube.com/watch?v=CJNxbpbHA-I
Did I miss something? "Our
Did I miss something?
"Our previous plan had been to sit tight and hope nothing happens. Then we realized that was a silly plan when we could do this one instead."
What plan / action is, "this one instead?"
Other than announcing the possible attack, or the already "built in Tor network redundancy," what plan are we talking? But those are good, on their own.
Thanks.
The plan of doing this
The plan of doing this announcement.
Indeed, there is not much
Indeed, there is not much else we can do; so now we sit and wait. Let's see what happens.
Thanks. And Roger is
Thanks. And Roger is probably busy right now (should be), so can't answer.
But while announcing it on a blog & tor-talk may? be a good idea, it isn't really a "plan" at all. That's why I thought I'd missed something.
"Wait & see" is sometimes prudent, but not a plan.
I live in the United States.
I live in the United States. I use Tor for my everyday web surfing because I believe any record of my web activity to be a violation of privacy. I have nothing to hide, but hiding is my choice. Online privacy is a right for all.
The threat to internet security is pregnable systems, not a network that allows anonymous access to those systems. The threat to our nation is not the threats of anonymous hackers, but adhering to their demands. Sony Pictures, Regal Entertainment, AMC Entertainment and others have put our nation at risk by rolling over at the demand of terrorists. By refusing to release that movie they have set a dangerous precedent and opened the door to future attacks.
nice addition to the nudist
nice addition to the nudist company "We have nothing to hide"TM. EVERYBODY have. Otherwise you are controlled by by some inter-terrestrial government because they have something to hide. How this something can appear if it was nothing?
I live in the United States.
I live in the United States. I use Tor for my everyday web surfing because I believe any record of my web activity to be a violation of privacy. Online privacy is a right for all.
100% agreed. I'm also using Tor for each and everything I do on the internet.
I have nothing to hide.
If one has nothing to hide, why would one put their letters in envelops?
If one has nothing to hide, why wouldn't one walk naked through the streets?
Someone who has nothing to hide is an "exhibitionist", which is considered to be a state of psychological disorder.
Roger: As far as I can tell
Roger: As far as I can tell there are 9 servers that are listed in the Tor source as directory authorities. Let's say that 4 of them were be seized and taken offline indefinitely.
How would this affect the remainder of the Tor network? My guess is that it would increase the load on the other nodes, but if they have sufficient spare capacity it would not result in an outage. Is that generally correct? (I apologize for not knowing as much about Tor's internals as I probably should.)
(Sorry, not Roger) Correct,
(Sorry, not Roger)
Correct, there are currently 9 directory authorities. More than half of the authorities must be online and they must reach a consensus on the current state of the network every hour for them to create and publish the hourly networkstatus-consensus (the list of all the known relays). If four out of the 9 dir auths were compromised and taken offline, then the remaining 5 will continuing publishing the consensus and the network will continue operating normally. If more than 5 are taken offline then this was a horrendously large operation and the necessary corrective actions will be taken to ensure the network remains operational.
The one performance impact will be seen by new clients. When they first try connecting to the network (download and launch Tor Browser for the first time) they will try connecting to one of the directory authorities and download the networkstatus consensus from it. If some of the directory authorities are offline, it may take some time for each connection to timeout (while the client connects to an unavailable authority), but eventually the client will reach an operational authority and it will then be able to use the Tor network as usual.
This sounds like a possible
This sounds like a possible denial of service attack would be to seize a single server, leave it online, and program it to never agree with the other eight thereby preventing the hourly networkstatus-consensus publication.
Fortunately, we've got that
Fortunately, we've got that particular issue covered. The directory authorities look at the votes and signatures and produce a consensus around the votes and signatures that they all agree about.
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n1229
is timeout really essential?
is timeout really essential? everybody in path can open/close tcp connection without actual service.
It sounds like you're
It sounds like you're talking about a different thing. But I have no idea what.
What if this isn't happening
What if this isn't happening and they only passed this information in hopes of finding the source of other leaks...
What if Tor Project *knows*
What if Tor Project *knows* it's a decoy leak, but published it as a credible report anyway to avoid revealing that they've compromised the adversary's leak-detection operation...
This is my fear as well. I
This is my fear as well. I would hope the source would ask that the information remain private, if there is such dangers from early disclosure.
'countries such as Iran,
'countries such as Iran, Syria, and Russia'
You forgot to include USA and UK and UAE.
Those were examples, it was
Those were examples, it was not an authoritative list of oppressive countries. Sadly, it seems more countries are added to the list every year.
Well,you forgot to include
Well,you forgot to include China.
yeah, and Turkmenistan,
yeah, and Turkmenistan, Singapore, Burma, Vietnam, Saudi Arabia....
lets restrict the list to
lets restrict the list to big countries. say more then nnnM people. all "nk hackers" are just section 12345 nsa team to compare with.
So without these DA's, these
So without these DA's, these servers that you control and everyone entrusts their anonymity to, Tor can be killed? Great design you have there.
Thanks for the insightful
Thanks for the insightful and productive comment. No, it's not the best design; but it is the best design we have right now. Also, The Tor Project doesn't control the directory authorities. They are run independently by individuals and groups Tor trusts.
I can't claim to have a very
I can't claim to have a very good idea of how the physical infrastructure looks behind tor, but by the sound of this comment it sounds like it would scale well horizontally? Is the tor project in need of hardware? I can't contribute with colo's but i have access to used ibm x-series servers and similar. See you guys at 31c3
Those servers have
Those servers have absolutely no ability to compromise any Tor user's anonymity. They're each just a directory of where all the nodes in the network can be found at any given hour.
Best wishes, appreciation
Best wishes, appreciation for your hard work, and hopes for peace in these hyper-annoying times. I say good things about you folks, often with passion, and sometimes using strong language. :-)
-bobmah
I'll second that.
I'll second that.
Thanks Bob!
Thanks Bob!
I'm sorry, but the "right to
I'm sorry, but the "right to privacy" does not mean what you assert it means here, at all, even in those jurisdictions that (unlike the US) have that right enshrined in law or constitution.
If you are going to rely on political explanations for your actions, I think it is fair to ask that you get your politics right.
The meaning of the right to privacy is quite clear. It does not give you a right to Tor-like services; it never has, and you'll find very little in Brandeis or even current EU law to justify this.
You might argue that it should include Tor-like services, but it currently does not.
Live in the world you want
Live in the world you want to live in. (Think of it as a corollary to 'be the change you want to see in the world'.)
We're not talking about any particular legal regime here. We're talking about basic human rights that humans worldwide have, regardless of particular laws or interpretations of laws.
I guess other people can say that it isn't true -- that privacy isn't a universal human right -- but we're going to keep saying that it is.
brilliant comment, roger
brilliant comment, roger
Just as the Second Amendment
Just as the Second Amendment to the US Constitution does not grant a right ... it merely acknowledges it as pre-existing ... the most any other political "grant" of rights can do is acknowledge pre-existing rights and agree not to infringe upon them. Whether the Second Amendment has been infringed or not is not the point under consideration but the issue of whether a right exists outside of any declaration by a government that it does.
There is a right to privacy. There is a right to speak freely. There is a right to defend oneself and neighbors from attack regardless of the source of the attack. These rights await no dictum from any source. They are rights possessed by all mankind at the moment of birth.
Arma is correct. If "rights" depend on grants by authority, then there are no rights to be had anywhere for anyone. If a "right" must first be granted and can later be withdrawn, it is not a right ... it is a privilege.
Free men and women assert rights, servants seek privileges. Might I suggest that the rallying cry of "Live Free or Die" remains the essence of all freedoms all over the globe?
"RINO" takes on a new meaning: "Right In Name Only".
Actually, you're mistaken: a
Actually, you're mistaken: a right to anonymity is enshrined in many laws around the world.
don't forget to put on your
don't forget to put on your pants when leaving government premises. should i talk with my children as we are in jail? fuck you "law" which justify this.
I'm sorry, but i don't need your interpretation of humanity.
So is the aim of this attack
So is the aim of this attack to disable the network or to de-anonymize users en masse? If the latter then how? If the former then what would be the point, since I assume you guys will just establish new DAs and be on your merry way?
Thanks for all your great work!
The short answer is we don't
The short answer is we don't know.
https://blog.torproject.org/blog/possible-upcoming-attempts-disable-tor…
This cyber attack has really
This cyber attack has really spooked the govt...it seems they have -finally- realized just how vulnerable we are to cyber attack. One can only imagine the scene if someone does this to the electrical grid.
Speculation here but I wonder if the prez has authorized for Tor to be nuked? Given this and the recent drugs and cp busts the FBI may have convinced him that the downsides outweigh the upsides. Man the DoD is gonna be pissed.
Re the electrical grid,
Re the electrical grid, you're right that there sure is a lot of vulnerability going around.
As for the speculation part... while we're speculating, I'll counter-speculate that Obama has never even heard of Tor. The DoJ is full of people trying to make a name for themselves, who get unhappy when something slows that down. And those people are super unhappy that companies like Apple and Google have been working on architecture changes that make compliance harder.
At the same time as we're freaking out that all the intelligence agencies have spiraled out of control and are illegally watching everything, these people are freaking out that they're about to become unable to see anything and unable to fight any crimes. It's an odd contradiction, but here we are.
Obama never heard of TOR???
Obama never heard of TOR??? wtf? I bet he never heard of Edward Snowden either
please don't tell me the people behind TOR are this naive
which one obama? before or
which one obama? before or after words "forget all i promise before it was just joke". newest design obama for sure will say "never heard of internet."
If 5 or 6 directory servers
If 5 or 6 directory servers are compromised would that mean all trafic could be routed to bad nodes?
Why not use namecoin as a DA?
Why not use namecoin as a DA?
price spiked last week
price spiked last week
Have the tor devs considered
Have the tor devs considered the possibility of using satellite technology? I'd like to see the FBI try to go up there as seize a satellite. I know that sounds prohibitively expensive but I think it would be possible to raise funds.
just bounce it off the moon
just bounce it off the moon
this is my favorite Tor blog
this is my favorite Tor blog comment.
Large antennas are very hard
Large antennas are very hard to hide.
expensive for FBI, perhaps,
expensive for FBI, perhaps, but probably not for NRO
even more expensive for NRO
even more expensive for NRO -- it would reveal the capability very publicly
I'd say something about the
I'd say something about the epic irony here regarding your last update here, but your censor comments. Also ironic.
The epic irony of "Tor
The epic irony of "Tor matters to a lot of people and we wanted to let people know of this possible upcoming attack"? Thanks for your understanding I guess.
As for censoring comments, we've disabled all the parts of the blog comment system that report your IP address and other details to recaptcha or other spam engines. That's a feature in my book, but the downside is that we get a bunch of spam that we have to manually delete.
Oh, and yes, we also delete the small number of comments that are deliberately hateful or harmful. I'm a fan of free speech, but in this case those people should go take their free speech elsewhere.
Yes, the flood of spam
Yes, the flood of spam comments for shoes and Chinese herbs.
Or Chinese herb shoes. Ooo,
Or Chinese herb shoes. Ooo, new band name.
What prevents the united
What prevents the united states government from using the resources discovered in the seized servers to permanently infiltrate the network?
https://blog.torproject.org/b
https://blog.torproject.org/blog/possible-upcoming-attempts-disable-tor…
https://www.reddit.com/r/news
https://www.reddit.com/r/news/comments/2ptxws/the_tor_project_has_learn…
In North Korea we have ways
In North Korea we have ways to make you talk, ARMA! We will now turn all of your blog pages upside-down so you get headache.
Going public probably
Going public probably averted a catastrophe. OTOH, law enforcement types don't like to be outdone. They may just go after you personally now. By hook or by crook...
Well, I'd like to think it
Well, I'd like to think it wouldn't have been a catastrophe no matter how it played out.
But it could be a big distraction, especially since we've all got more important things to do next week (31c3 is coming up, with no doubt more embarrassment for governments about how they've broken their own laws and done horrible things).
It is obvious that there are
It is obvious that there are many out there who would like to see the network disrupted as it undermines and in some cases directly threatens what they do (or would like to do).
The removal of DA's will not prevent Tor working per-se but it will cause significant issues with maintaining the integrity of the relay list and communication of that to client instances and indeed other relays.
We would question the motivation behind such an attack though, is it just short term disruption? Or a nefarious attempt to propagate a longer term sybil-a-like attack? Or something else completely?
In any case it is clear that some consideration must be given to the DA function within the network and how to hold the census together in a more resilient manner but at the same time avoid creating exposure to sybil attacks. The mechanism used for maintaining the Hidden Service directories using a DHT is an obvious candidate but again just opens up the DA function to a different class of attack.
love
El Presidente
Roger, is there a possible
Roger,
is there a possible pre-emptive action that can be taken - in the open light - to render such a move futile ?
For instance ask the nice people from CCC and their freedom minded supporters working at freedom minded companies to set up another three directory authorities? Which would work on a short time scale.
A suggestion for the longer term, would be that the developers take some lessons from the freenet design and ask your bridges (& perhaps users along) into lending some harddisk space (1mb for example) and distribute broken up lists in an encrypted way over these channels (key served later).
And perhaps let bridges turn into DAs themselve, distribute an encrypted "fortune cookie", and when the DAs shout a special key throughout tor then only certain(random) bridges & users can turn into DAs(minimizing the chance of a hostile takeover of tor).
I suspect that a fast
I suspect that a fast reaction that would take place within a few days might be difficult.
The directory authorities (DAs) almost certainly need to handle massive amounts of bandwidth, need to be on colocated hardware, and need to be security hardened. This means that establishing a new DA would take some time - and even then, I suspect (but do not know for certain) that the DA would then have to be hard coded into Tor. So, users would then half to upgrade to get the advantages of establishing a new DA.
Additionally, the people that run any new DAs need to be trusted to keep the network secure.
As far as the more technical solutions you mention, you should consider creating a proposal for a more complete idea so it can be evaluated in full. While doing so, it is helpful if you can suggest some advantages and disadvantages that your approach provides.
Well, by their breaking of
Well, by their breaking of their own laws, they are certainly crooks.
Stay safe, Tor team.
Why is this happening?!!!
Why is this happening?!!!
I said this on another forum
I said this on another forum once. If I know anything about the US Navy and the DoD (not talking about 5os and other feds, only military) that tells them what to do and how to think; They have thier own damn tor network, despite what dingledongs and applegay say.
when on earth have you seen the military activly operate where civis are? sure they may have several bases where we live but really now, do they launch any real attacks from them? only excercises and in times of emergency... the military isn't exactly fond of emergencies.
Good luck on reloacting your DAs. Just, try to do it right. I have no idea of your situation so I can't know what right is; but you can figure it out by taking a moment to think. If they bothered to ask you before hand, you may have some time to plan. I don't know who exactly wants your DAs but it can not be for peace or for our benefit.
Don't matter if the military thing is true or not Tor is our own real anonimity system that works on the regular internet. Although don't act surprised if it is true because and I will say this ahead of time... I told you so.
Suggestion: why not let people voulunteer DAs (that work on a distro like tails) you will find out about them via email, in person, and or the same way to find out about hidden bridges... then you could just cherry pick the DAs you need, as you need and see fit (for consensus voting and the such) until someone comes up with a more suitable replacement for "decentralizing" your DAs. (namecoin sounds interesting but... bitcoin is not anonymous everyone, everywhere would know when you search for something or 'bought' a domain name; I have other ideas such as dark/anoncoin but dingledong is right, we still need to do our homework)
p.s. I know the nicknames sound like insults but as a TG, they are what I find sexy about you two. ;)
Seriously, thank you for tor. I am not like some high profile person you have saved. I mean you have helped me keep my transition secret until I feel ready from my family (by using tails). I was just really ashamed what they would think about me if I was searching for these things and I thought I was alone and what I was doing was selfish.
If $people think, one or
If $people think, one or more additional directory authorities in Germany make sense, please contact me (use the contact info of exit node 6B3209C88923A80A4DF4C86F585ED4A8643DEF89 or relay 868A253C330F40FBE435D9320849397F85823E86). Immediate action and/or meeting at 31C3 is possible.
What I think is desirable is
What I think is desirable is having one or two DA in South America, probably Brazil and/or Argentina, which are more or less independent from the US, but I don't know how exactly are DAs chosen.
As if we believe anything
As if we believe anything the FBI or CIA says . It was prob them who hacked Sony
It’s unconscionable that
It’s unconscionable that you don’t include the United States on your list of “repressive regimes.” That country must top such a list.
Choose your battles. I would
Choose your battles.
I would rather write and deploy software to let other people change the balance of power, than smack the US government in the nose repeatedly.
Then why pen such a list at
Then why pen such a list at all?
A sad time. Tor is needed as
A sad time. Tor is needed as a stronghold against totalitarian countries. :-(
We should make little
We should make little clusters of networks that connect to each other so the whole world can be the tor network. So you can't shutdown the whole network. You would need to take it down computer by computer and that would be almost impossible.
Sounds good in theory. But
Sounds good in theory. But there are many details to work out, and many designs like this in the past have been broken.
For something kind of related, check out Herbivore:
http://freehaven.net/anonbib/#herbivore:tr
And for attacks on a Tor design where not all the relays can reach all the other relays, look at
http://freehaven.net/anonbib/#danezis-pet2008
How about the I2P network?
How about the I2P network? Couldn't we incorporate some of their ideas into Tor?
I2P doesn't have directory authorities, after all.
I don't want to promote I2P here, but I'm genuinely curious: Has this been seriously considered?
It has been considered, but
It has been considered, but that doesn't mean everybody has all the answers.
I believe I2P's network discovery mechanism falls to various more complicated attacks. I'd rather stick with the simpler design where we understand the flaws and we understand the attacks.
That said, there's a great opportunity here for researchers to step in and do some analysis on the I2P design -- one of its huge problems right now is that they've for whatever reason failed to get researchers to care enough to break it, except in rare cases like
http://freehaven.net/anonbib/#pets2011-i2p
yes and as tor is just a
yes and as tor is just a distributed (tcp) switch nothing can prevent building a "new internet" say on family/company basis.
There's no democracy nor
There's no democracy nor privacy in the country were I resign.
If this last privacy services end, I will damn all the neat American technologies which only supports my authorities to monitor their citizens, and will abandon the internet and cellular communication forever.
Wouldn't it make sense, in
Wouldn't it make sense, in the short-term at least, to get more directory servers up, particularly outside of the US and EU?
I was going to mention Wyoming, but not sure if anyone would get the "Dog Day Afternoon" reference.
Not in Munchen
https://mice.cs.columbia.edu/
https://mice.cs.columbia.edu/getTechreport.php?techreportID=1545&format…
No, that paper isn't
No, that paper isn't relevant here.
In fact, that paper was misinterpreted by the media: see
https://blog.torproject.org/blog/quick-summary-recent-traffic-correlati…
and for many more details,
https://blog.torproject.org/blog/traffic-correlation-using-netflows
In particular, look at the comments by Sambuddho (the author) about how his paper does not mean what people are thinking it means.
Imagine the boring time from
Imagine the boring time from Christmas to New Year without Tor! Disaster! Fuck the United Stasi of America and their Gestapo scum!
It would seem Tor has been a
It would seem Tor has been a thorn in side of NSA for a while. This Sony thing is as good a pretence as any to seriously harm it.
Is there a canary system?
How good is physical security of servers?
If you get a National security letter barring discussion there should be fail safe alert.
In the long term is there anyway to use stenography concepts (browsing in plain site) combined with Tor to make it exponentially more difficult to track?
I'd like to think that our
I'd like to think that our architecture makes national security letters not as dangerous for us. For example, delivering a national security letter to The Tor Project won't affect the directory authorities, since The Tor Project doesn't run any of the directory authorities. Similarly, sending a national security letter to just one directory authority doesn't do anything by itself no matter their response.
And *that* said, if any directory authority operator gets a national security letter, they should simply shut down their directory authority:
https://lists.torproject.org/pipermail/tor-talk/2014-December/035952.ht…
There are no letters that demand changes in behavior where you can't instead just choose to stop. Other people will pick up the baton.
As for steganography, you should learn about Tor's pluggable transports:
https://www.torproject.org/docs/pluggable-transports
https://trac.torproject.org/projects/tor/wiki/doc/AChildsGardenOfPlugga…
How do directory authorities
How do directory authorities become authorities, a hard-coded list somewhere or are they chosen by the network ? An NSL or other court order could force a change to a hard-coded list.
No, they're manually chosen
No, they're manually chosen by the Tor community (i.e. us), and everybody can see the ilst. Most of the directory authority operators are high-profile figures in the security community, so many people get the chance to meet them in person and evaluate them.
As for a national security letter that would ask us to modify the Tor source code... we will never do that. See also this thread:
https://lists.torproject.org/pipermail/tor-talk/2014-December/035952.ht…
A bit of troll... Please
A bit of troll...
Please consider alternate hosts for Tor bundle download. It is blocked in my country which is an US aly and therefore no media bothers to criticze it when it comes to human rights violations and abuse.
You might like
You might like https://blog.torproject.org/blog/say-hi-new-gettor
Also, be sure to look at our mirrors page (which you can find from e.g. google cache).
And see also https://www.torproject.org/docs/faq#GetTor
Good luck!
Hi Roger, I am deeply
Hi Roger,
I am deeply concerned. But I have still hope for Tor. We all should beware our hope in these dark times.
I have two questions for you, Roger.
1. How is it possible that there are still good people within the potential attacker's organization? Your source - that warned you - seems to be in favor of Tor.
2. Do you feel confident that you (the Tor Project and its community) will be able to fight back this potential attack? There is so much brilliance and expertise in this community. If I had one single wish for Christmas, I would love to see Tor being the David winning against Goliath.
Well my Christmas vacation
Well my Christmas vacation is gone now, thanks for the nerd snipe guys!
oblig ref: http://xkcd.com/356/
With the recent talk here about integrating namecoin, etc. I think we hit on a better solution to the problem. One that tries to maintain backwards compatibility.
https://github.com/vivalibra/norproject
Note that there is talk of a coin in the README document, that is mostly the result of chatting with some other devs in the crypto world. Considering the timetable we will be working under, I don't think a coin could realistically launch at the same time as the rest of the system.
I'm going to start building this right away, hope is to launch a beta before DA servers are pulled out. Anyone that feels like they would like to participate is welcome to join up. Even pointing out design flaws could be helpful.
Please keep any discussion on the page for the project, though I don't want to spam this blog with it.
Maybe you could consider
Maybe you could consider toning down the propaganda ? Just a thought. Maybe add a few of the more egregious privacy-raping nations to this list:
' who live in repressive regimes, including human rights activists in countries such as Iran, Syria, and Russia'
How about every second posting you substitute USA and UK and their allies in place of 'Iran, Russia, Syria'. Might just make you a little less offessive and more credible.
It's Russia: Putin Sets
It's Russia:
Putin Sets $110,000 Bounty for Cracking Tor as Anonymous Internet Usage in Russia Surges
http://www.bloomberg.com/news/2014-07-29/putin-sets-110-000-bounty-for-…
No, it's (probably) not
No, it's (probably) not Russia.
The Russian word for this was more like asking researchers to propose for research grants. The translation 'bounty' or 'contest' was a bad translation and caused a string of misleading articles.
It is like saying that the National Science Foundation is holding a contest for Tor research.
It's totally unrelated. Boa
It's totally unrelated. Boa as been wanting to do this for a while, he's talked about it before but never took action. Now he has an excuse.
Just FYI: www.heise.de the
Just FYI: www.heise.de the most important german IT news site reports about your blog posting http://bit.ly/1DVicBe (german).
My technical expertise is
My technical expertise is low which might be why it isn't obvious to me how taking down part of the Tor network would facilitate an investigation into the Sony incident by the FBI. What makes more sense to me is hacking into Tor to develop tools to better handle the next attack. The advanced warning makes the hack look friendlier – something like those “this is only a test” announcements the government makes on the radio and television.
Tor and Tails are two applications that I rely on every day and I don't even have anything to hide. I use these tools daily to maintain a small footprint and to keep proficient for a time when the tools and skills are truly necessary. The dedication and helpfulness of the staff of these two development teams is amazing. The other day I posted a question regarding Tor on the Tor IRC channel and quickly received a concise and helpful response by arma. I didn't know who arma was until I began reading this blog, but I must say that I am pleasantly surprised that arma would take the time to help an ordinary Tor user.
I would consider it to be a near catastrophe if Tor or Tails is compromised because I know of no other easy to use combination that provides the level of anonymity.
I can only say one thing
I can only say one thing about this: "Too big to fail". I don't think anyone can shut down Tor. We all need it, even if some people don't realise it yet. "You can not kill an idea." I believe you/we will find a way to keep Tor alive. Too much is at stack here. Never underestimate the power of the people.
If I was the CEO of Sony, I
If I was the CEO of Sony, I would teach those hackers a lesson and upload my movie "The Interview" to a bunch of torrent servers so that everyone would watch it!
Might there be a
Might there be a interpretation of The Interpreter for every Country of the World? Surely most all would really appreciate.
Does this effect anyone who
Does this effect anyone who doesn't commit any crimes, doesn't go to any illegal sites, in the United States, ISP doesn't know my activities, and I only use Tor to conceal my IP because of stalkers I've encountered?
Affect? Yes -- if somebody
Affect? Yes -- if somebody attacks the Tor network they end up endangering all the Tor users, including the vast majority of them who use Tor for exactly the sorts of good and ordinary reasons you do.
In particular, attacking the directory authorities has huge collateral damage exactly along these lines. That's why it would be silly for them to do it. Let's hope they change their mind.
Is this a case about servers
Is this a case about servers keeping logs? I don't know how it actually works. How far back can anyone get the server logs to identify average non-criminal users?
Correctly configured Tor
Correctly configured Tor relays have no logs that are useful to attackers. So no, this should not be an issue.
(Of course, that doesn't mean there are no places on the Internet that log information about traffic flows. That's a lot of what the NSA / GCHQ surveillance fuss is about. But that is a separate topic, I hope.)
if you read the front page
if you read the front page of https://www.torproject.org/ Who Uses Tor?
As an human I would assume you have valid reason to use tor regardless if i agree with you or not.
sadly, it seems the governments fear the people and try to "divide and conquer" to meet it own greeds or agendas ):