Silk Road forums

Discussion => Security => Topic started by: Joy on August 25, 2012, 01:39 pm

Title: How governments have tried to block Tor
Post by: Joy on August 25, 2012, 01:39 pm
http://www.youtube.com/watch?v=GwMr8Xl7JMQ&feature=related
Title: Re: How governments have tried to block Tor
Post by: LouisCyphre on August 25, 2012, 03:17 pm
http://www.youtube.com/watch?v=GwMr8Xl7JMQ&feature=related

Very cool video, thanks.
Title: Re: How governments have tried to block Tor
Post by: pine on August 25, 2012, 04:16 pm
By failing mostly. Tor, while obviously imperfect as kmfkewn will inform you, is an extremely impressive piece of software. The more I examine it's capabilities, the more impressive it is.
Title: Re: How governments have tried to block Tor
Post by: Delta11 on August 26, 2012, 02:15 am
By failing mostly. Tor, while obviously imperfect as kmfkewn will inform you, is an extremely impressive piece of software. The more I examine it's capabilities, the more impressive it is.
Didn't the U.S. Defense Department create it? or at least fund it? I forgot where I read that but I always kept it in mind. I feel like the more that people use TOR the more powerful/unstoppable it becomes and of course the same goes for Bitcoin. The other day I read an article about why you should use TOR and it made a lot of sense, I hope enough to make common users use it as well.
Title: Re: How governments have tried to block Tor
Post by: ajones on August 26, 2012, 03:17 am
I believe the Onion router concept was originally a U.S. Navy project.
Title: Re: How governments have tried to block Tor
Post by: BabyPowder35 on August 26, 2012, 03:57 am
yup..i read in some article that it was used mainly for communications between navy seals..or somewhere in between.
Title: Re: How governments have tried to block Tor
Post by: pine on August 26, 2012, 08:18 am
By failing mostly. Tor, while obviously imperfect as kmfkewn will inform you, is an extremely impressive piece of software. The more I examine it's capabilities, the more impressive it is.
Didn't the U.S. Defense Department create it? or at least fund it? I forgot where I read that but I always kept it in mind. I feel like the more that people use TOR the more powerful/unstoppable it becomes and of course the same goes for Bitcoin. The other day I read an article about why you should use TOR and it made a lot of sense, I hope enough to make common users use it as well.

Yes, actually the advanced military research wing of the US government (it has sponsored a great many weird and wonderful bluesky projects, for which we the public can all be thankful to them for, I wish half the maintenance on nuclear rearming was instead spent by DARPA on research projects and to help the NSF, but sadly it is not to be). Pretty much the only wing of government I'd be happy to pay much more tax to and not less, it's a pity we can't select what branches of government we commit resources to, that would be seriously innovative (and controversial lol).

Anyway, the Tor project was initially sponsored by the Office of Naval Research and DARPA (which also sponsored the Internet itself). After that it was spun out to the wider world, again, just as with the Internet technology, and the Electronic Frontier Foundation sponsored it for a while until the Tor project was out of the cradle and deployable for serious work. I'm not sure if the Tor project still receives grant money from the ONR, DARPA and the EFF, but in any case they can always do with donations if you experience good fortune.

I have some (still mewling pups/kittens) ideas for a system like Tor of my own, based on some rather obscure/poorly understood concepts from the world of econ theory which would turn the network's meta information flow into a sophisticated price system that would run itself in an organic way like the stock exchanges. The implications of being able to harness market power in service to such a network are actually terrifyingly cool.

However I know nowhere near enough about the Tor network to even have a remote possibility of  putting any of those ideas into practice, so I have a lot of work to do if any of them are to reach fruition. So many projects, and so little time ._.
Title: Re: How governments have tried to block Tor
Post by: Bungee54 on August 26, 2012, 09:09 am
By failing mostly. Tor, while obviously imperfect as kmfkewn will inform you, is an extremely impressive piece of software. The more I examine it's capabilities, the more impressive it is.
Didn't the U.S. Defense Department create it? or at least fund it? I forgot where I read that but I always kept it in mind. I feel like the more that people use TOR the more powerful/unstoppable it becomes and of course the same goes for Bitcoin. The other day I read an article about why you should use TOR and it made a lot of sense, I hope enough to make common users use it as well.

Yes, actually the advanced military research wing of the US government (it has sponsored a great many weird and wonderful bluesky projects, for which we the public can all be thankful to them for, I wish half the maintenance on nuclear rearming was instead spent by DARPA on research projects and to help the NSF, but sadly it is not to be). Pretty much the only wing of government I'd be happy to pay much more tax to and not less, it's a pity we can't select what branches of government we commit resources to, that would be seriously innovative (and controversial lol).

Anyway, the Tor project was initially sponsored by the Office of Naval Research and DARPA (which also sponsored the Internet itself). After that it was spun out to the wider world, again, just as with the Internet technology, and the Electronic Frontier Foundation sponsored it for a while until the Tor project was out of the cradle and deployable for serious work. I'm not sure if the Tor project still receives grant money from the ONR, DARPA and the EFF, but in any case they can always do with donations if you experience good fortune.

I have some (still mewling pups/kittens) ideas for a system like Tor of my own, based on some rather obscure/poorly understood concepts from the world of econ theory which would turn the network's meta information flow into a sophisticated price system that would run itself in an organic way like the stock exchanges. The implications of being able to harness market power in service to such a network are actually terrifyingly cool.

However I know nowhere near enough about the Tor network to even have a remote possibility of  putting any of those ideas into practice, so I have a lot of work to do if any of them are to reach fruition. So many projects, and so little time ._.

ohhhh pine  :-*
Title: Re: How governments have tried to block Tor
Post by: BigEasy on August 26, 2012, 05:21 pm
Tor is an amazing tool, if you can run a Tor relay you should. The more Tor relay's in general the more anonymous users stay: https://www.torproject.org/docs/tor-doc-relay.html.en

There are arguments that if you also run a Tor Exit that it may be more "plausible deniability"

Although a little old, there is some really good info here:  Plausible Deniability ToolKit - http://www.nmrc.org/pub/pdtk/
Title: Re: How governments have tried to block Tor
Post by: peels4u on August 26, 2012, 10:31 pm
Wow, pine actually admits to wanting to pay more taxes!
Title: Re: How governments have tried to block Tor
Post by: Green on August 26, 2012, 10:44 pm
Tor is an amazing tool, if you can run a Tor relay you should. The more Tor relay's in general the more anonymous users stay: https://www.torproject.org/docs/tor-doc-relay.html.en

There are arguments that if you also run a Tor Exit that it may be more "plausible deniability"

Although a little old, there is some really good info here:  Plausible Deniability ToolKit - http://www.nmrc.org/pub/pdtk/

Running as a Tor Exit sounds a bit risky. Considering the amount of shite that is floating about on the 'hidden web'. Couldn't it draw more attention to you if traffic containing CP happens to pass through your Exit?
Title: Re: How governments have tried to block Tor
Post by: BigEasy on August 26, 2012, 11:23 pm
Green: I more than agree with you, I am definitely not arguing in favor of people who may be "targets" running exit nodes...

Although it does also bring up another point: the fact that there are "BAD" exit nodes that are filtering, sifting and scooping your data as it goes through.
Title: Re: How governments have tried to block Tor
Post by: Delta11 on August 27, 2012, 03:15 am
By failing mostly. Tor, while obviously imperfect as kmfkewn will inform you, is an extremely impressive piece of software. The more I examine it's capabilities, the more impressive it is.
Didn't the U.S. Defense Department create it? or at least fund it? I forgot where I read that but I always kept it in mind. I feel like the more that people use TOR the more powerful/unstoppable it becomes and of course the same goes for Bitcoin. The other day I read an article about why you should use TOR and it made a lot of sense, I hope enough to make common users use it as well.

Yes, actually the advanced military research wing of the US government (it has sponsored a great many weird and wonderful bluesky projects, for which we the public can all be thankful to them for, I wish half the maintenance on nuclear rearming was instead spent by DARPA on research projects and to help the NSF, but sadly it is not to be). Pretty much the only wing of government I'd be happy to pay much more tax to and not less, it's a pity we can't select what branches of government we commit resources to, that would be seriously innovative (and controversial lol).

Anyway, the Tor project was initially sponsored by the Office of Naval Research and DARPA (which also sponsored the Internet itself). After that it was spun out to the wider world, again, just as with the Internet technology, and the Electronic Frontier Foundation sponsored it for a while until the Tor project was out of the cradle and deployable for serious work. I'm not sure if the Tor project still receives grant money from the ONR, DARPA and the EFF, but in any case they can always do with donations if you experience good fortune.

I have some (still mewling pups/kittens) ideas for a system like Tor of my own, based on some rather obscure/poorly understood concepts from the world of econ theory which would turn the network's meta information flow into a sophisticated price system that would run itself in an organic way like the stock exchanges. The implications of being able to harness market power in service to such a network are actually terrifyingly cool.

However I know nowhere near enough about the Tor network to even have a remote possibility of  putting any of those ideas into practice, so I have a lot of work to do if any of them are to reach fruition. So many projects, and so little time ._.
Nice, was making sure I didn't just make that up cause I really don't remember where I read it. I don't think TOR is still receiving funding from them because one of the lead developers hinted that donations would make them work on bigger project and improve current project (tails, tor, etc). I donate whenever I have spare coins, we should get a sticky going so everyone can donate to the TOR developers. I keep trying to read about TOR but it's just way too complicated, I wish someone (maybe you pine?) could translate it into layman's terms about the innerworkings of TOR because as of now all I know is it's a huge network shared by people that connect to TOR and the more people that connect to TOR the more anonymous we become. I still don't understand how they can track you through exit nodes, that's the only part I'm confused/scared about. When the FBI caught the ring of pedophiles even though they were using TOR but finally got them through bad exit nodes, I still don't understand how that works. I'm assuming it was because they were sending files which we don't do on SR so I don't really worry about that.
Title: Re: How governments have tried to block Tor
Post by: Joy on August 27, 2012, 06:48 pm
Tor is an amazing tool, if you can run a Tor relay you should. The more Tor relay's in general the more anonymous users stay: https://www.torproject.org/docs/tor-doc-relay.html.en

There are arguments that if you also run a Tor Exit that it may be more "plausible deniability"

Although a little old, there is some really good info here:  Plausible Deniability ToolKit - http://www.nmrc.org/pub/pdtk/

Running as a Tor Exit sounds a bit risky. Considering the amount of shite that is floating about on the 'hidden web'. Couldn't it draw more attention to you if traffic containing CP happens to pass through your Exit?

That's why exit node operators (if they're smart) run their nodes out of a hosting facility, and not their own homes.

Guru

Guru,how to run nodes out of a hosting facility?  u can pm me if its private.thx guru!
Title: Re: How governments have tried to block Tor
Post by: justanotherrandomuser on August 27, 2012, 08:50 pm
Green: I more than agree with you, I am definitely not arguing in favor of people who may be "targets" running exit nodes...

Although it does also bring up another point: the fact that there are "BAD" exit nodes that are filtering, sifting and scooping your data as it goes through.

I run a TOR exit node, and while I wouldn't recommend doing so on a home internet line or the like,what I've ended up doing is Amazon has a program where you get 750 hours and 15G of bandwidth for free for a year, so what I do is run an EC2 instance running TOR set up to sleep once it reached 15G of traffic in a month and set to reboot every 24 hours (so it'll be a moving target IP wise).  I highly recommend everyone who feels able give it a shot, and if LEO wants to have a talk to me about it, they can get my stone face.  So yes, I accept that it may attract attention but at least it's not my home connection and I like the idea of using a big corp's infrastructure in the fight against oppression.

Also, I've sniffed the traffic on my exit node, just for kicks and while there were occasional tidbits of interesting information (namely HTTP gets containing user/id passwords for unencrypted gmail accounts but to me, it's like reading other people's email, it gets boring quick).  I personally have a "encrypt everthing/ssl everything" approach and that I think would serve most well.

Also, I believe the way TOR works, no particular exit node should be able to capture all of your traffic, there are timeouts to switch the routes but there is a danger in adversaries using multiple exit points.
Title: Re: How governments have tried to block Tor
Post by: kmfkewm on August 28, 2012, 04:12 am
Tor is an amazing tool, if you can run a Tor relay you should. The more Tor relay's in general the more anonymous users stay: https://www.torproject.org/docs/tor-doc-relay.html.en

There are arguments that if you also run a Tor Exit that it may be more "plausible deniability"

Although a little old, there is some really good info here:  Plausible Deniability ToolKit - http://www.nmrc.org/pub/pdtk/

Running a Tor exit node is a horrible idea unless you are okay with having your internet shut off, being sued, or being raided by feds or intelligence agencies. The people who run exit nodes tend to be universities, organizations, and anonymous people using servers in data centers that can not be tied to them. Running a Tor exit from home is just asking for trouble.
Title: Re: How governments have tried to block Tor
Post by: kmfkewm on August 28, 2012, 04:47 am
By failing mostly. Tor, while obviously imperfect as kmfkewn will inform you, is an extremely impressive piece of software. The more I examine it's capabilities, the more impressive it is.
Didn't the U.S. Defense Department create it? or at least fund it? I forgot where I read that but I always kept it in mind. I feel like the more that people use TOR the more powerful/unstoppable it becomes and of course the same goes for Bitcoin. The other day I read an article about why you should use TOR and it made a lot of sense, I hope enough to make common users use it as well.

Yes, actually the advanced military research wing of the US government (it has sponsored a great many weird and wonderful bluesky projects, for which we the public can all be thankful to them for, I wish half the maintenance on nuclear rearming was instead spent by DARPA on research projects and to help the NSF, but sadly it is not to be). Pretty much the only wing of government I'd be happy to pay much more tax to and not less, it's a pity we can't select what branches of government we commit resources to, that would be seriously innovative (and controversial lol).

Anyway, the Tor project was initially sponsored by the Office of Naval Research and DARPA (which also sponsored the Internet itself). After that it was spun out to the wider world, again, just as with the Internet technology, and the Electronic Frontier Foundation sponsored it for a while until the Tor project was out of the cradle and deployable for serious work. I'm not sure if the Tor project still receives grant money from the ONR, DARPA and the EFF, but in any case they can always do with donations if you experience good fortune.

I have some (still mewling pups/kittens) ideas for a system like Tor of my own, based on some rather obscure/poorly understood concepts from the world of econ theory which would turn the network's meta information flow into a sophisticated price system that would run itself in an organic way like the stock exchanges. The implications of being able to harness market power in service to such a network are actually terrifyingly cool.

However I know nowhere near enough about the Tor network to even have a remote possibility of  putting any of those ideas into practice, so I have a lot of work to do if any of them are to reach fruition. So many projects, and so little time ._.
Nice, was making sure I didn't just make that up cause I really don't remember where I read it. I don't think TOR is still receiving funding from them because one of the lead developers hinted that donations would make them work on bigger project and improve current project (tails, tor, etc). I donate whenever I have spare coins, we should get a sticky going so everyone can donate to the TOR developers. I keep trying to read about TOR but it's just way too complicated, I wish someone (maybe you pine?) could translate it into layman's terms about the innerworkings of TOR because as of now all I know is it's a huge network shared by people that connect to TOR and the more people that connect to TOR the more anonymous we become. I still don't understand how they can track you through exit nodes, that's the only part I'm confused/scared about. When the FBI caught the ring of pedophiles even though they were using TOR but finally got them through bad exit nodes, I still don't understand how that works. I'm assuming it was because they were sending files which we don't do on SR so I don't really worry about that.

First I think the tor developers do not want an organized effort on SR to send them money, that would be bad for their PR. Although if you do want to contribute by running a relay or donating go ahead, I just don't think Tor wants SR to be seen as sending them funding. Here I will explain how Tor works for you.

Tor is a low latency anonymity network. It gives users anonymity by routing their traffic through 'telescoping' encrypted tunnels through three nodes. The first node is the entry, the second is the middle and the third is the exit. The entry node knows who you are, but it can not see where you are surfing,  the middle node does not know who you are or where you are surfing, and the exit knows where you are surfing but not who you are. The exit node connects to the servers you communicate with. Traffic from the exit node to the destination you communicate with is not encrypted, so it can be intercepted and spied on by the exit node. This could compromise 'who you are' if you go to your facebook page for example, but it will not compromise where you are unless you leak that through the exit traffic as well somehow. The destination you communicate with can not trace you because they see the IP address of the exit node you are using, not your own IP address. In the best case scenario they will need to go back one hop at a time an. d get logs until the trail leads them back to you. Hopefully at least one of the three nodes you are using is not keeping logs or being passively monitored, in which case the trails will go dead at the first such node and you will remain anonymous.

Tor is not perfect. There are two sorts of attacker involved with traffic analysis, passive and active. Passive attackers monitor the links between nodes, such an attacker could be an ISP that several Tor nodes use, for example. An active attacker is one who adds nodes to the network and is able to view their internal state. Some attackers are combinations of active and passive. The more Tor nodes there are, the more protection you are afforded from an active attacker. After all, if there are ten nodes and an attacker owns one, they can monitor 10% of the network, but if there are 100 nodes and an attacker owns one they are only monitoring 1% of the network. It is important that nobody owns a large percentage of the nodes on the network, because Tor does not prevent traffic confirmation attacks. An attacker who can see packets at two points on the Tor network can use timing correlation attacks to link the packets together. This would be very bad if the attacker doing this sort of attack owned your entry and exit node, because then they could link the packets they see you sending through their entry node to the packets arriving at the destination, thus deanonymizing you with only two out of the three nodes on your circuit.

Passive attackers are generally (but not necessarily) more powerful than active attackers. An attacker who owns the ISP used by one hundred Tor nodes is capable of monitoring the traffic into and out of those Tor nodes as well as if they ran the Tor nodes themselves. Again, if a passive attacker can monitor your entry and exit traffic they can use timing correlation attack to link them together and thus deanonymize you. Having more nodes on the network does not inherently protect from such an attacker, however having location diversity in the nodes on the network does protect from this sort of attacker. If the Tor network consisted of nodes all in one data center, the owner of the data center could deanonymize all Tor circuits without owning a single Tor node, regardless of how many nodes were on the network. However, if the nodes are in data centers distributed around the world, it becomes far less likely that the owner of a single data center can deanonymize Tor circuits by themselves. Thankfully there middle nodes as well, so even if your entry and exit are being monitored by different attackers, unless they are already colluding and sharing intelligence with each other they will not be able to identify each other to request collusion in specific cases unless they can get the middle node to cooperate to introduce them to each other. One of the most powerful sorts of attacker is called global passive, and this means that they are able to monitor the links between every node on a network (if they are global in the context of the network, some may argue that a true global passive adversary can monitor all links on the internet, but I find this definition to be irrelevant when a specific sub network is being discussed). Tor is completely incapable of offering any protection from such an attacker, but such attackers are likely very few and far between if any even exist. NSA would likely be the closest attacker to a GPA although some other signals intelligence agencies such as GCHQ may come close as well. Certainly the Swedish signals intelligence agency monitors all traffic in and out of Sweden, that is not GPA but is still a fairly powerful attacker, and it is likely impossible for Swedish people to anonymously access servers in Sweden unless they stay within their own country at entry or exit.

Connections to hidden services don't use exit nodes in the same sense as connections to the clearnet do, but the same general principles apply to them. Hidden services are actually much easier to deanonymize than clients, because clients can force them to open an arbitrary number of new circuits and send them packets + watch for the packets at malicious nodes until they trace up to their entry guards. Three entry guard nodes that make direct contact with a hidden service server can be enumerated in about a minute, and then for a passive capable attacker it is just a matter of monitoring one of them to deanonymize the hidden service. For an active attacker it is a little bit harder, they need to force the hidden service to use one of their entry guards, and the quickest way to do this involves DOSing guard nodes until you get lucky or run out of resources.




Title: Re: How governments have tried to block Tor
Post by: Delta11 on August 28, 2012, 05:34 am
By failing mostly. Tor, while obviously imperfect as kmfkewn will inform you, is an extremely impressive piece of software. The more I examine it's capabilities, the more impressive it is.
Didn't the U.S. Defense Department create it? or at least fund it? I forgot where I read that but I always kept it in mind. I feel like the more that people use TOR the more powerful/unstoppable it becomes and of course the same goes for Bitcoin. The other day I read an article about why you should use TOR and it made a lot of sense, I hope enough to make common users use it as well.

Yes, actually the advanced military research wing of the US government (it has sponsored a great many weird and wonderful bluesky projects, for which we the public can all be thankful to them for, I wish half the maintenance on nuclear rearming was instead spent by DARPA on research projects and to help the NSF, but sadly it is not to be). Pretty much the only wing of government I'd be happy to pay much more tax to and not less, it's a pity we can't select what branches of government we commit resources to, that would be seriously innovative (and controversial lol).

Anyway, the Tor project was initially sponsored by the Office of Naval Research and DARPA (which also sponsored the Internet itself). After that it was spun out to the wider world, again, just as with the Internet technology, and the Electronic Frontier Foundation sponsored it for a while until the Tor project was out of the cradle and deployable for serious work. I'm not sure if the Tor project still receives grant money from the ONR, DARPA and the EFF, but in any case they can always do with donations if you experience good fortune.

I have some (still mewling pups/kittens) ideas for a system like Tor of my own, based on some rather obscure/poorly understood concepts from the world of econ theory which would turn the network's meta information flow into a sophisticated price system that would run itself in an organic way like the stock exchanges. The implications of being able to harness market power in service to such a network are actually terrifyingly cool.

However I know nowhere near enough about the Tor network to even have a remote possibility of  putting any of those ideas into practice, so I have a lot of work to do if any of them are to reach fruition. So many projects, and so little time ._.
Nice, was making sure I didn't just make that up cause I really don't remember where I read it. I don't think TOR is still receiving funding from them because one of the lead developers hinted that donations would make them work on bigger project and improve current project (tails, tor, etc). I donate whenever I have spare coins, we should get a sticky going so everyone can donate to the TOR developers. I keep trying to read about TOR but it's just way too complicated, I wish someone (maybe you pine?) could translate it into layman's terms about the innerworkings of TOR because as of now all I know is it's a huge network shared by people that connect to TOR and the more people that connect to TOR the more anonymous we become. I still don't understand how they can track you through exit nodes, that's the only part I'm confused/scared about. When the FBI caught the ring of pedophiles even though they were using TOR but finally got them through bad exit nodes, I still don't understand how that works. I'm assuming it was because they were sending files which we don't do on SR so I don't really worry about that.

First I think the tor developers do not want an organized effort on SR to send them money, that would be bad for their PR. Although if you do want to contribute by running a relay or donating go ahead, I just don't think Tor wants SR to be seen as sending them funding. Here I will explain how Tor works for you.

Tor is a low latency anonymity network. It gives users anonymity by routing their traffic through 'telescoping' encrypted tunnels through three nodes. The first node is the entry, the second is the middle and the third is the exit. The entry node knows who you are, but it can not see where you are surfing,  the middle node does not know who you are or where you are surfing, and the exit knows where you are surfing but not who you are. The exit node connects to the servers you communicate with. Traffic from the exit node to the destination you communicate with is not encrypted, so it can be intercepted and spied on by the exit node. This could compromise 'who you are' if you go to your facebook page for example, but it will not compromise where you are unless you leak that through the exit traffic as well somehow. The destination you communicate with can not trace you because they see the IP address of the exit node you are using, not your own IP address. In the best case scenario they will need to go back one hop at a time an. d get logs until the trail leads them back to you. Hopefully at least one of the three nodes you are using is not keeping logs or being passively monitored, in which case the trails will go dead at the first such node and you will remain anonymous.

Tor is not perfect. There are two sorts of attacker involved with traffic analysis, passive and active. Passive attackers monitor the links between nodes, such an attacker could be an ISP that several Tor nodes use, for example. An active attacker is one who adds nodes to the network and is able to view their internal state. Some attackers are combinations of active and passive. The more Tor nodes there are, the more protection you are afforded from an active attacker. After all, if there are ten nodes and an attacker owns one, they can monitor 10% of the network, but if there are 100 nodes and an attacker owns one they are only monitoring 1% of the network. It is important that nobody owns a large percentage of the nodes on the network, because Tor does not prevent traffic confirmation attacks. An attacker who can see packets at two points on the Tor network can use timing correlation attacks to link the packets together. This would be very bad if the attacker doing this sort of attack owned your entry and exit node, because then they could link the packets they see you sending through their entry node to the packets arriving at the destination, thus deanonymizing you with only two out of the three nodes on your circuit.

Passive attackers are generally (but not necessarily) more powerful than active attackers. An attacker who owns the ISP used by one hundred Tor nodes is capable of monitoring the traffic into and out of those Tor nodes as well as if they ran the Tor nodes themselves. Again, if a passive attacker can monitor your entry and exit traffic they can use timing correlation attack to link them together and thus deanonymize you. Having more nodes on the network does not inherently protect from such an attacker, however having location diversity in the nodes on the network does protect from this sort of attacker. If the Tor network consisted of nodes all in one data center, the owner of the data center could deanonymize all Tor circuits without owning a single Tor node, regardless of how many nodes were on the network. However, if the nodes are in data centers distributed around the world, it becomes far less likely that the owner of a single data center can deanonymize Tor circuits by themselves. Thankfully there middle nodes as well, so even if your entry and exit are being monitored by different attackers, unless they are already colluding and sharing intelligence with each other they will not be able to identify each other to request collusion in specific cases unless they can get the middle node to cooperate to introduce them to each other. One of the most powerful sorts of attacker is called global passive, and this means that they are able to monitor the links between every node on a network (if they are global in the context of the network, some may argue that a true global passive adversary can monitor all links on the internet, but I find this definition to be irrelevant when a specific sub network is being discussed). Tor is completely incapable of offering any protection from such an attacker, but such attackers are likely very few and far between if any even exist. NSA would likely be the closest attacker to a GPA although some other signals intelligence agencies such as GCHQ may come close as well. Certainly the Swedish signals intelligence agency monitors all traffic in and out of Sweden, that is not GPA but is still a fairly powerful attacker, and it is likely impossible for Swedish people to anonymously access servers in Sweden unless they stay within their own country at entry or exit.

Connections to hidden services don't use exit nodes in the same sense as connections to the clearnet do, but the same general principles apply to them. Hidden services are actually much easier to deanonymize than clients, because clients can force them to open an arbitrary number of new circuits and send them packets + watch for the packets at malicious nodes until they trace up to their entry guards. Three entry guard nodes that make direct contact with a hidden service server can be enumerated in about a minute, and then for a passive capable attacker it is just a matter of monitoring one of them to deanonymize the hidden service. For an active attacker it is a little bit harder, they need to force the hidden service to use one of their entry guards, and the quickest way to do this involves DOSing guard nodes until you get lucky or run out of resources.
+1 Simple enough to understand, I didn't even know about active/passive attackers. So would you say it would be wise to use a VPN > TOR? I've been researching this question forever and I get mixed answers. I'm thinking a VPN > TOR would be beneficial only if your VPN does not keep logs and you can pay anonymously or would it only make it easier for someone to deanonymize you?
Title: Re: How governments have tried to block Tor
Post by: Joy on August 28, 2012, 05:11 pm
https://blog.torproject.org/running-exit-node

Thx shan.
Title: Re: How governments have tried to block Tor
Post by: Dugers on August 30, 2012, 12:30 am
Thanks for this link Joy!  These guys are good in how they plan for much of the various attacks before they ever happen!  ;D
Title: Re: How governments have tried to block Tor
Post by: Joy on September 02, 2012, 03:05 pm
Thanks for this link Joy!  These guys are good in how they plan for much of the various attacks before they ever happen!  ;D

Anytime man,fuck the goverment & police! 
Title: Re: How governments have tried to block Tor
Post by: BigEasy on September 02, 2012, 05:41 pm
So would you say it would be wise to use a VPN > TOR? I've been researching this question forever and I get mixed answers. I'm thinking a VPN > TOR would be beneficial only if your VPN does not keep logs and you can pay anonymously or would it only make it easier for someone to de-anonymize you?

I think there are possible benefits to this as, but only if the criteria you mention is No Logs and Anonymous Payment. The LOGS issue, you may not never know, which means, possibly logging in from an "anonymous" wifi or internet connection. The VPN will hide your TOR usage from the ISP your using to get internet from and add another layer of encryption (and slow things down ;( )

Quote from: kmfkewm
Running a Tor exit node is a horrible idea unless you are okay with having your internet shut off, being sued, or being raided by feds or intelligence agencies. The people who run exit nodes tend to be universities, organizations, and anonymous people using servers in data centers that can not be tied to them. Running a Tor exit from home is just asking for trouble.

Yes as I said _Tor Relay_ and would NOT suggest an exit node. When you are running an Relay Node, all traffic that comes in and leaves your Exit Node is encrypted. Unlike an Exit Node.



Title: Re: How governments have tried to block Tor
Post by: raveryote on September 03, 2012, 02:50 am
First I think the tor developers do not want an organized effort on SR to send them money, that would be bad for their PR. Although if you do want to contribute by running a relay or donating go ahead, I just don't think Tor wants SR to be seen as sending them funding. Here I will explain how Tor works for you.

Tor is a low latency anonymity network. It gives users anonymity by routing their traffic through 'telescoping' encrypted tunnels through three nodes. The first node is the entry, the second is the middle and the third is the exit. The entry node knows who you are, but it can not see where you are surfing,  the middle node does not know who you are or where you are surfing, and the exit knows where you are surfing but not who you are. The exit node connects to the servers you communicate with. Traffic from the exit node to the destination you communicate with is not encrypted, so it can be intercepted and spied on by the exit node. This could compromise 'who you are' if you go to your facebook page for example, but it will not compromise where you are unless you leak that through the exit traffic as well somehow. The destination you communicate with can not trace you because they see the IP address of the exit node you are using, not your own IP address. In the best case scenario they will need to go back one hop at a time an. d get logs until the trail leads them back to you. Hopefully at least one of the three nodes you are using is not keeping logs or being passively monitored, in which case the trails will go dead at the first such node and you will remain anonymous.

Tor is not perfect. There are two sorts of attacker involved with traffic analysis, passive and active. Passive attackers monitor the links between nodes, such an attacker could be an ISP that several Tor nodes use, for example. An active attacker is one who adds nodes to the network and is able to view their internal state. Some attackers are combinations of active and passive. The more Tor nodes there are, the more protection you are afforded from an active attacker. After all, if there are ten nodes and an attacker owns one, they can monitor 10% of the network, but if there are 100 nodes and an attacker owns one they are only monitoring 1% of the network. It is important that nobody owns a large percentage of the nodes on the network, because Tor does not prevent traffic confirmation attacks. An attacker who can see packets at two points on the Tor network can use timing correlation attacks to link the packets together. This would be very bad if the attacker doing this sort of attack owned your entry and exit node, because then they could link the packets they see you sending through their entry node to the packets arriving at the destination, thus deanonymizing you with only two out of the three nodes on your circuit.

Passive attackers are generally (but not necessarily) more powerful than active attackers. An attacker who owns the ISP used by one hundred Tor nodes is capable of monitoring the traffic into and out of those Tor nodes as well as if they ran the Tor nodes themselves. Again, if a passive attacker can monitor your entry and exit traffic they can use timing correlation attack to link them together and thus deanonymize you. Having more nodes on the network does not inherently protect from such an attacker, however having location diversity in the nodes on the network does protect from this sort of attacker. If the Tor network consisted of nodes all in one data center, the owner of the data center could deanonymize all Tor circuits without owning a single Tor node, regardless of how many nodes were on the network. However, if the nodes are in data centers distributed around the world, it becomes far less likely that the owner of a single data center can deanonymize Tor circuits by themselves. Thankfully there middle nodes as well, so even if your entry and exit are being monitored by different attackers, unless they are already colluding and sharing intelligence with each other they will not be able to identify each other to request collusion in specific cases unless they can get the middle node to cooperate to introduce them to each other. One of the most powerful sorts of attacker is called global passive, and this means that they are able to monitor the links between every node on a network (if they are global in the context of the network, some may argue that a true global passive adversary can monitor all links on the internet, but I find this definition to be irrelevant when a specific sub network is being discussed). Tor is completely incapable of offering any protection from such an attacker, but such attackers are likely very few and far between if any even exist. NSA would likely be the closest attacker to a GPA although some other signals intelligence agencies such as GCHQ may come close as well. Certainly the Swedish signals intelligence agency monitors all traffic in and out of Sweden, that is not GPA but is still a fairly powerful attacker, and it is likely impossible for Swedish people to anonymously access servers in Sweden unless they stay within their own country at entry or exit.

Connections to hidden services don't use exit nodes in the same sense as connections to the clearnet do, but the same general principles apply to them. Hidden services are actually much easier to deanonymize than clients, because clients can force them to open an arbitrary number of new circuits and send them packets + watch for the packets at malicious nodes until they trace up to their entry guards. Three entry guard nodes that make direct contact with a hidden service server can be enumerated in about a minute, and then for a passive capable attacker it is just a matter of monitoring one of them to deanonymize the hidden service. For an active attacker it is a little bit harder, they need to force the hidden service to use one of their entry guards, and the quickest way to do this involves DOSing guard nodes until you get lucky or run out of resources.

+1 Simple enough to understand, I didn't even know about active/passive attackers. So would you say it would be wise to use a VPN > TOR? I've been researching this question forever and I get mixed answers. I'm thinking a VPN > TOR would be beneficial only if your VPN does not keep logs and you can pay anonymously or would it only make it easier for someone to deanonymize you?

I have been considering this for some time. I think it really depends on your VPN, and whether you use obfsproxy and bridge relays as your entry guard nodes.

If you wanted to host a hidden service somewhere, I would probably use both a VPN to hide the physical location of the server cluster itself, and from the VPN's IP address set, connect to a set of private bridge relays trusted friends run on your behalf.

It would probably be a good idea to run obfsproxy to obfuscate your traffic so it is not immediately recognizable as tor traffic. From those private bridge relays, hidden service rendezvous traffic would then connect to their own sets of entry guards, and it would be very difficult to deanonymize such a service unless the service itself or one of their administrators seriously failed.
Title: Re: How governments have tried to block Tor
Post by: kmfkewm on September 03, 2012, 06:28 pm
I think in general people get hung up on thinking that VPN's are a lot more helpful than they really are.
Title: Re: How governments have tried to block Tor
Post by: raveryote on September 05, 2012, 03:39 am
I think in general people get hung up on thinking that VPN's are a lot more helpful than they really are.

True. VPNs can only do so much. They are still legally liable for their connections, and though many VPNs refuse to keep logs, you still have to trust them.

obfsproxy and bridge relays are really cool. everyone on the Road should read about them if they ever consider upgrading to vendor status.
Title: Re: How governments have tried to block Tor
Post by: microlab on September 09, 2012, 11:34 am
good video? thanx)
Title: Re: How governments have tried to block Tor
Post by: Joy on September 10, 2012, 12:20 am
good video? thanx)

 :)no problemo.
Title: Re: How governments have tried to block Tor
Post by: pine on September 10, 2012, 12:39 am
Wow, pine actually admits to wanting to pay more taxes!

Haha! You agent provocateur you! ;)

I want to pay far less tax (if you want a number, I think 15-20% flat tax and nothing else would be enough), but what taxes I pay I would prefer to have relatively fine grained control over. e.g. deciding how much of my tax I pay to certain government departments.

Some people think this is a screwy idea, but I think it's far far superior an idea than what we have currently, it would bring accountability to the federal government in a big way.

I think of the government as a corporation that offers a service (governance) and if I don't like what they're doing, I feel I should be able to give them the finger and obtain the services of their competitors. Unfortunately this today means moving country, a risky proposition. With you personally directing government cash flow, you can be supporting the government departments you think are doing a good job, and be giving less economic leverage to those you think are being unreasonable with their powers e.g. the DEA for example.

You want want millions of people being harnessed for smoking weed, or a couple of new rocket ships? Stop persecuting the pyschonauts and send up more astronauts.

It's not a crazy idea, it just hasn't been tried before now. The USA has voluntary entrance to the Army, yet we have the most highly effective Army in the planet. We're not suddenly going to not have an Army to defend us if everybody votes with their tax dollars, people are not stupid. Occasionally yes, but not over periods of time, there is a sort of efficient market thing going on with people's opinions, they're only intractable in the short term. The problem is judging the timing of when you get to vote in blocks of time. e.g. 1 or 2 months (short lived government initiatives) 1 year (regular departments) 5 years (Army) 10 years or more (intelligence programs, NSA, other long term projects etc).

We need a way to dynamically change the resolution (using time periods) of when decisions are made about government resources, so that there is no normatives, no fixed time periods for anything. I mean, other than simplicity, why is it the case that 1 president gets control in 4 year blocks? The way we control our government resembles a child's drawing on a fridge in comparison to the artistry of the fine grained touch of the markets. A market can punch like a giant and touch like a feather by using a price system, seems to me there's something to learn there, no matter how left-on a socialist somebody might be.

Most importantly, people would become much more excited about decision making that affect their lives if they have some control over the process. Bluntly, I think modern day democracy is doing a fucking terrible job at representing our interests, but I don't believe in giving over my money/rights/power to some small group of people to make all the decisions either (technocrats, dictators, congresspersons...).

I mean, you guys know as well as I do, that congressmen and congresswomen barely read the propositions they pass laws on. Indivdually most of them are smart people, but as a collective they might as well be a Alzheimer's patient.

Basically, the USA is a Republic, and while that's an improvement on direct democracy in terms of reaction time, the concept of "Republic" has had its day. We need a different abstraction now. The Chinese rightly laugh at us compelling them to become a democracy when technically we don't have one either, our system is closer to theirs than a direct democracy, I don't think Americans have been paying too much attention in Civics class. China actually does have a democracy. People vote there alright, but you have to be part of the Communist Party to make it mean anything. What they actually lack is a genuine Republic. That's not quite the same thing is it?

I think this is a place where Left wingers and Right wingers can amicably meet each other in the middle, agree to disagree on some things, and make some real progress.

The main problem is the apathy you see today. People have lost faith, big time, in government. Then they see potholes in the roads while whompingly large sums of money are wasted on stupid things like 1 trillion dollars down the drain on the Air force's new fighter jets, which still don't really exist yet and have just 1 or 2  air to air missiles per craft, and they become more apathetic, which is understandable, but it's not going to change until they fight back and change shit.

I do think things will change in the early 21st century, but I'm not sure if it's going to involve votes or bullets to be honest, I think we may be overdue a genuine revolution, pitchforks and all.
Title: Re: How governments have tried to block Tor
Post by: impatiens on September 13, 2012, 10:51 pm
HI
while using Tor allows us to use the web anonymously, can it still be seen by those looking that I was on Tor (and when and for how long) even though they cannot tell who I am on Tor or what I am doing?
Thanks
Title: Re: How governments have tried to block Tor
Post by: pine on September 14, 2012, 07:06 am
HI
while using Tor allows us to use the web anonymously, can it still be seen by those looking that I was on Tor (and when and for how long) even though they cannot tell who I am on Tor or what I am doing?
Thanks

That is correct. We aren't saying it is done, only that it can be done. Without actual detective work, this could become, ah, expensive.

There are two issues.

1. Tor traffic uses TCP and looks a bit like SSL traffic, but the size of the packets (actually cells in Tor terminology I think) is not consistent with SSL packets, so it is possible detect traffic heading to the Tor network. You can avoid DPI (deep packet inspection) techniques to find Tor users by using Obfsproxy.

DPI is used by surveillance states to spy on their civilians. Think of it as a preemptive search warrant. It should illegal, but the public haven't a clue what's really going on. They don't realize it's the equivalent of the state knowing the exact contents of all their snail mail (but without opening it). Worse yet, they intend to store this information for years with the insane data retention programs they are currently devising. It makes the Stazi look like innocent doe eyed kindergarden pupils. The consequences of this are unbelievable. One day people will rue the day they didn't understand this was going on, but I shall not be one of those people. The concept of Anonymity vs Identity is going to become a very political issue in the mainstream, I think that is an understatement if anything.

2. The entry node (entry guards) are not secret information. (These are the computers you connect to in order to enter the Tor network) So if your ISP sees you connecting to them, it knows you're using Tor. This can be avoided by the use of bridges. Read the Tor documentation in 'Help' for setting up a Tor public bridge, it is trivial to do (go to https://bridges.torproject.org, copy paste the bridges into "Settings -> Tick my ISP prevents me using Tor and enter into the box that appears"). Ideally you should use private bridges, but that's another story. You should be using ~3 bridges with SSL (denoted by IP address with port 443 such as 123.123.123:443) but not dozens or hundreds of them (or you'll eventually wind up on a bridge run by the adversary). Ideally you want just 1 permanently on bridge, what is called a persistent entry guard, which is where private bridges come in.

1. If the enemy knows you are connecting to the Tor network, it knows who you are but not what you are doing.

2. If the enemy then uses a timing or statistical attack on exit node traffic, it then knows what you are doing.

Together, both elements blow your anonymity sky high.

This does not however, apply to the hidden services in onionland because using these services does not involve the use of exit nodes (or DNS since you're not on the web, which means the web could be DNS blocked (unless you have memorized the IP addresses for all the sites you visit) and Tor would still work, cool huh?).

Better yet, do all the above (private obfsproxy bridges), and run Tor which connects to those private obfsproxy bridges remotely at the other side of the globe. Then aircrack some wifi networks in order to connect to that remote machine. That would be a helluva step by step tutorial. Anybody up for it? ;)

--

kmfkewm/shannon and others, can you check the above to doublecheck what I'm saying is basically correct about the Tor network and the semantics are appropriate? I do not wish to be passing on misleading/inaccurate information accidentally, thanks.

impatiens; if there is anything unclear, ask questions, this is after all an agora.

If anybody wants lots more information there is a website par excellence:

http://en.flossmanuals.net/bypassing-censorship/

Read all of it! Lulz. But seriously, it's a fine site and more people should read it.
Title: Re: How governments have tried to block Tor
Post by: kmfkewm on September 14, 2012, 07:38 am
Mostly correct or at least correct enough. Tor traffic is not consistent with normal internet traffic but it isn't inconsistent with SSL considering it uses SSL ;). That is just semantics though. DPI is pretty much the state knowing the contents of snail mail by opening it up and looking in it, but the spirit of what you said is correct. You should probably use at least two bridges but not more than three. Attackers don't need to do timing attacks at the exit node to see what you are doing, they need to do timing attacks at the entry and exit to correlate the traffic and link you to your destination though. Technically connections to hidden services are just as vulnerable to timing attacks as websites on the clearnet are, although it might be slightly more difficult for an attacker to know they are watching the entry node of a hidden service. If you run a Tor node and want to see if you are the entry guard for a given hidden service it is really easy, you can just send the hidden service a stream of packets with some pattern of modulation down a few dozen circuits and then see if you detect any streams with the same modulation passing through your relay and to a non Tor node IP address. Likewise it is easy for a passive attacker to determine if a node they are monitoring is the entry guard for a given hidden service, in the same exact way. It is also easy to trace hidden services up to their entry guards with that active attack from 06, although there are ways to greatly slow down that attack. In fact your DNS servers could go down and you can still access clearnet websites with Tor since it identifies relays by IP address only and uses the same DNS servers as the exit node on your circuit.
Title: Re: How governments have tried to block Tor
Post by: kmfkewm on September 14, 2012, 07:58 am
well your entry nodes will always be three of the same set of nodes and only change once every month to two months, the middle and final node should change more frequently though especially to a hidden service. Although the high bandwidth Tor nodes are of course selected more often than others, so it is not uncommon for circuits to frequently use familiar looking nodes.
Title: Re: How governments have tried to block Tor
Post by: echo_ on September 14, 2012, 10:22 am
Just connect to tor through a VPN that pops out on a different continent. Takes care of almost all your problems.

I would still like, however, a good Obfsproxy tutorial as I have not been able to figure out how to set it up.
Title: Re: How governments have tried to block Tor
Post by: bp on September 14, 2012, 11:39 am
<quote>The implications of being able to harness market power in service to such a network are actually terrifyingly cool.</quote>
Yeah, things like hairless apes with iphones buying prohibited substances from all over the globe could come of something like that')

That actually does pique my curiosity. It has all of trappings of the socialist Calculation Debate, or more accurately Mises demolition of every socialist theoritician to approach him to this day. The best they could come up with was that they could use computers to perform the enormous calculations necessary for a real-time managed industrial economy. And at that th
ime the computing power didb't exist in supply to get the presumed esta\imate of crunching done fast enough to not be late for the sale every time.

But Mises most valid point was something else, that if real reward and risk are present, if the central actor in the modern econmoy, the entrapanuer, is not out there putting his balls on the block, it's just playing market.
And there is never true socialism until it is all encompassing. Until then any pocket of socialist (mal)production is but a post office or a dmv in a world of capitalism, borrowing from the price system it generates.

I'd love to see what you come up with. I know the file sharing guys are always looking at thier systems in terms of a monetary parralel but they game the system so much it makes modern corperatism look almost honest by comparison. I'm no coder but the crelative system cost of spawning a thread and running processes is another I keep coming back to.

This model seems flawed in that outside of the benefit users get from the machines churning away inside the machine itself it seem a zero sum game. No actors to choose, have changes of need, want, taste or fashion to keep the wheel rolling and allow for continued transformation to become wealth accumulation that I can see. But I'm not AI either :)
Title: Re: How governments have tried to block Tor
Post by: bp on September 14, 2012, 11:46 am
Quote
The implications of being able to harness market power in service to such a network are actually terrifyingly cool.
Yeah, things like hairless apes with iphones buying prohibited substances from all over the globe could come of something like that')

That actually does pique my curiosity. It has all of trappings of the socialist Calculation Debate, or more accurately Mises demolition of every socialist theoritician to approach him to this day. The best they could come up with was that they could use computers to perform the enormous calculations necessary for a real-time managed industrial economy. And at that th
ime the computing power didb't exist in supply to get the presumed esta\imate of crunching done fast enough to not be late for the sale every time.

But Mises most valid point was something else, that if real reward and risk are not present, if the central actor in the modern econmoy, the entrapanuer, is not out there putting his balls on the block, it's just playing market.
And there is never true socialism until it is all encompassing. Until then any pocket of socialist (mal)production is but a post office or a dmv in a world of capitalism, borrowing from the price system it generates.

I'd love to see what you come up with. I know the file sharing guys are always looking at thier systems in terms of a monetary parralel but they game the system so much it makes modern corperatism look almost honest by comparison. I'm no coder but the crelative system cost of spawning a thread and running processes is another I keep coming back to.

This model seems flawed in that outside of the benefit users get from the machines churning away inside the machine itself it seem a zero sum game. No actors to choose, have changes of need, want, taste or fashion to keep the wheel rolling and allow for continued transformation to become wealth accumulation that I can see. But I'm not AI either :)
[/quote]
Title: Re: How governments have tried to block Tor
Post by: cutcorners on October 03, 2012, 04:47 am
http://www.youtube.com/watch?v=GwMr8Xl7JMQ&feature=related

Wow!  Fascinating video and highly informative.  Thanks Joy.
Title: Re: How governments have tried to block Tor
Post by: midnightcreeper on October 03, 2012, 08:26 am
Though a lot of what they said flew high over my head, I still heard things that coincide with or confirm what I already knew/ suspected. Any one should watch this who wish to broaden their horizons not just on TOR, but some realities of the current global governmental/ corporate control grab.