Silk Road forums

Discussion => Security => Topic started by: CCO on April 18, 2013, 08:41 pm

Title: ISP's and TOR
Post by: CCO on April 18, 2013, 08:41 pm
Just wondering if anyone had any reliable info on how ISP's monitor or identify TOR connections and what they do (if anything) with this information.

Researching TOR I read that ISP's could easily identify TOR connections on their network, I also read that if you were living in a shared house and someone was streaming then it would make this identification much harder.

Not sure how true that is so if anyone has more info would be most interested in hearing it.

Thanks
Title: Re: ISP's and TOR
Post by: astor on April 18, 2013, 08:57 pm
Yes, they can detect Tor use. ISPs in places like China, Iran and Syria actively block connections to Tor relays.

I am not aware of western ISPs engaging in widespread monitoring of Tor use, although there may be specific LE requests for it.

In the United States alone there are 75,000 daily Tor users, and maybe a quarter million connect in a given month. Seems to me it would be exceedingly difficult to watch all those people with very little return on that surveillance, since you don't know what they are doing on the other end.

There have been specific cases where the FBI used a person's Tor use as evidence, but they were also monitoring activities on the other end.

http://arstechnica.com/tech-policy/2012/03/stakeout-how-the-fbi-tracked-and-busted-a-chicago-anon/


Also, there are ways to make it more difficult to detect, such as using (obfsproxy) bridges or VPNs.
Title: Re: ISP's and TOR
Post by: astor on April 18, 2013, 09:00 pm
Oh, as to how they do it, the relays are public and lists are available in a variety of places. You can browse them at torstatus.blutmagie.de. So ISPs can easily get all the IP addresses of relays and block them (or watch connections to them).

Finding bridge users is more difficult. Either the BridgDB has to be queried from multiple angles, or they DPI for Tor hand shakes. Obfsproxy bridges use transports that look like other kinds of connections, making that more difficult.
Title: Re: ISP's and TOR
Post by: CCO on April 18, 2013, 09:50 pm
Thanks for the feedback, will look into some of your suggestions.

Not really worried about the monitoring tbh as reckon the ISP's have their hands full already with p2p, etc

Cheers
Title: Re: ISP's and TOR
Post by: jase00 on April 19, 2013, 05:25 am
it's not illegal to use TOR....

all though if only there was 1 legit reason to use TOR it would help hehe
Title: Re: ISP's and TOR
Post by: mezzomixtor on April 19, 2013, 12:23 pm
Thanks for the feedback, will look into some of your suggestions.

Not really worried about the monitoring tbh as reckon the ISP's have their hands full already with p2p, etc

Cheers
If you want an easy way to use Obfsproxy, then you can use the Obfsproxy tor browser bundle which can be found here:

https://www.torproject.org/projects/obfsproxy.html.en

i would also recommend this!

By the way, i have a question about bridges! i'm using TAILS, and after every start up I type in the bridges I'm going to use, and then I can connect to TOR.

1. how do i know that i am using the bridges correctly? I assume that if i was able to connect to TOR then it worked out, is that right?
2. is there a way to store the bridges automatically, so that i dont have to type them in after every start up?

thanks in advance!
Title: Re: ISP's and TOR
Post by: EarlyCuylerTOR on April 19, 2013, 03:37 pm

Also, there are ways to make it more difficult to detect, such as using (obfsproxy) bridges or VPNs.

 

I'm ignorant about bridges, but everyone here should get a VPN IMO.  I use one and love it.