Slashdot Mirror

8.4. You should hide the list of Tor relays, so people can't block the exits.

There are a few reasons we don't:

1. We can't help but make the information available, since Tor clients need to use it, so if the "blockers" want it, they can get it anyway.
2. If people want to block us, we believe that they should be allowed to do so. Obviously, we would prefer for everybody to allow Tor users to connect to them, but people have the right to decide who their services should allow connections from, and if they want to block anonymous users, they can.
3. Being blockable also has tactical advantages: it may be a persuasive response to website maintainers who feel threatened by Tor. Giving them the option may inspire them to stop and think about whether they really want to eliminate private access to their system, and if not, what other options they might have. The time they might otherwise have spent blocking Tor, they may instead spend rethinking their overall approach to privacy and anonymity.

This attack is not using our network or our software, only abusing our reputation. We sent this release to slashdot and others, days ago:

====
The Tor Project, a US non-profit organisation producing Internet
privacy software, is issuing an urgent warning about a spam email
being circulated as a fake promotion for their software.

The real Tor software provides privacy on the Internet to journalists,
bloggers and human rights activists all over the world. The spam email
promotes the virtues of the software, but then directs people to a
series of fake websites that contain malicious code that will attempt
to take over visiting machines, and the downloaded software is fake
and equally dangerous to run.

The real website is hosted at http://tor.eff.org/ and the Tor
software can be downloaded from there. Users are able to check that
they have received the official version by following the instructions
at: http://wiki.noreply.org/noreply/TheOnionRouter/Ver ifyingSignatures

Shava Nerad, Development Director for the Tor Project said, "I am
disgusted that criminals who want to recruit more machines for their
illegal activities should trade on our reputation for providing
privacy on the Internet. Fortunately we already have systems in place
so that people can verify that they are downloading the official
software. But this is a distraction from our work that we could do
without."
====

This stuff makes us sad. But you won't even get a trojanned client, just a trojan. And the page you click through to will try to exploit holes in your browser security, so don't even click through.

Yrs,
Shava Nerad
Development Director
The Tor Project

We sent this notice to slashdot days ago as a story, but it wasn't apparently interesting enough to post then...

====
The Tor Project, a US non-profit organisation producing Internet
privacy software, is issuing an urgent warning about a spam email
being circulated as a fake promotion for their software.

The real Tor software provides privacy on the Internet to journalists,
bloggers and human rights activists all over the world. The spam email
promotes the virtues of the software, but then directs people to a
series of fake websites that contain malicious code that will attempt
to take over visiting machines, and the downloaded software is fake
and equally dangerous to run.

The real website is hosted at http://tor.eff.org/ and the Tor
software can be downloaded from there. Users are able to check that
they have received the official version by following the instructions
at: http://wiki.noreply.org/noreply/TheOnionRouter/Ver ifyingSignatures

Shava Nerad, Development Director for the Tor Project said, "I am
disgusted that criminals who want to recruit more machines for their
illegal activities should trade on our reputation for providing
privacy on the Internet. Fortunately we already have systems in place
so that people can verify that they are downloading the official
software. But this is a distraction from our work that we could do
without."
====

This attack does not, as reported elsewhere, download a trojaned version of Tor *or* use our network. All it (ab)uses is our reputation.

Shava Nerad
Development Director, The Tor Project

In later versions of Firefox, at least in the current version 1.5.0.1 under Linux and Windows XP, you can enable the browser to do remote domain name lookups. The option network.proxy.socks_remote_dns is available via about:config ... Be careful, though: In some versions of Firefox, it is possible that even with this option set remote DNS resolution will not work. In this case, you may want to use Privoxy or similar projects.

That's fine for small networks, but for a network with hundreds or thousands of nodes, controlling 5 to 10 percent may become infeasible.

...and here are some more softwares and guides related to privacy, pseudo/ano-nymity and security:

tor.eff.orgonion routing anonymizer
www.i2p.netsecure/anonymous interactive network
freenetproject.orgsecure/anonymous distributed file system
www.turtle4privacy.orgf2f peer network
gnunet.orgsecure p2p infrastructure
www.cspace.insecure p2p infrastructure
www.openswan.orgVPN with opportunistic encryption
silcnet.orgsecure internet live chat
ihu.sourceforge.netp2p VoIP with crypto

wiki.noreply.orgHow to give anonymous talks
azureus.sourceforge.netazureus over p2p
cryptnet.netguerrilla software development how to

Tor *IS* a peer-to-peer proxying system, that makes it extremely difficult to trace traffic back to a source. The anonymizing is its primary purpose, although it achieves that by implementing a network of p2p nodes. Like the article said, its ability to circumvent censoring firewalls is a secondary feature, more of a side effect (see this FAQ entry).

Also, AFAIK, Skype does not actually route the voip traffic over proxies.

OpenBSD, FreeBSD, Linux, OS X (Tiger) WinXP and Win2003 can all encrypt swap without much effort.

http://wiki.noreply.org/noreply/TheOnionRouter/Ope rationalSecurity

You can move your temp folder to the encrypted partition if you are worried about it. You can also set up a scheduled task to secure-wipe all free space on a regular basis, if you are really paranoid.

Perhaps this will help spark more interest in anonymous web browsing.

Your other choice would be setting up ssh on your home machine, and then bringing putty with you on a thumbdrive (assuming the machines you're using are running Windows). You can also run ssh over a port like 443 or 80, to decrease the chances of it being blocked.

Many IRC networks just ban every Tor exitnode outright in fear of abuse. The list of exitnodes is available and it's not going to be hidden.

You don't capitalize every letter in the name.

Not interesting

As far as I know and read the Tor documentation, Tor doesn't keep logs.

Read first, then post.

By default, Tor logs to the screen (it's called "standard out", or "stdout" for short) at log-level notice. However, some Tor packages (notably the ones for OS X, Debian, Red Hat, etc) change the default logging so it logs to a file, and then Tor runs in the background.

This is no different to not letting someone view a website because they're not using Internet Explorer. Once you put something up on the 'net it should be available to everyone or available to no-one. A website should not care (content wise) where their visitors are coming from and no matter how you may consider this being self-censorship, it flies directly in the face of free information flow on the Internet. This is another reason why networks like http://tor.eff.org/ Tor exist. The less you know about who is coming to your site and how, the less effect your freaky censorship will have on me.

As an aside I recently started seeding a Linux based Tor Virtual Appliance. You can find it linked in the Tor wiki http://wiki.noreply.org/noreply/TheOnionRouter if you're interested.

Only by using private VPNs (like The pirate party one) or by using additional software higher up the network stack like Tor can basic anonymity be enabled.

If by "basic anonymity", you mean lack of trusted anonymity or NO anonymity, then we all agree. It is a pretty simple (and common) matter to become a maliscious Tor node. Google it.

"So I'm totally anonymous if I use Tor?"
"No."

From TOR's FAQ

http://wiki.noreply.org/noreply/TheOnionRouter/Tor FAQ#TotallyAnonymous
7.3. So I'm totally anonymous if I use Tor?

'No.'

TFA doesnt even mention the onion router.

ac (heheh)

Ironic that Bell Security Solutions (a division of the very same Bell Canada) has been funding Tor development. No, put your tin foil hats away: there is no way for Bell to get any sort of "backdoor access" nor is there any indication that they want to. Probably Bell's legal department just wanted to be up-front with their customers for when (if?) the Modernization of Investigative Techniques Act gets revived in the autumn. PIPEDA privacy legislation probably makes such open disclosure obligatory, even when the third party requesting the information is the government.

So there's really no confusion.

How about a complete Linux OS on a USB drive configured to run everything through Tor, an anonymous overlay network?

Buy it ready to go for $45 or build it yourself with 3 simple commands.

Searching about it in Wikipedia reminded me of two additional P2P Free Software anonymity "frameworks" (in lack of a better word):
Freenet (even mentioned in the Wikipedia article about anoNet as similar to it) and GNUnet.
Personally I don't have much experience with them, so if someone can give a more elaborate account of their relative weaknesses and advantages it would be nice...
The TorFAQ has this to say about Freenet relative to Tor:
Tor and Freenet work on different levels: Tor is about transport, and Freenet is about storage/retrieval. So it would make perfect sense (assuming we become happy with the scalability and decentralization properties) to use Tor to get anonymous transport between Freenet nodes. In fact, because Freenet aims to provide anonymity in the sense of deniability ("you know I was the one who gave you that file, but you can't prove I am the original author"), Tor's notion of anonymity ("you can't find my location") is complementary.

Nothing can stop Google from loggin everything you do over their servers. What you can do is make it pointless:
- use Gaim with
- OTR for all your chat, routing it via
- TOR by TORifying Gaim

Furthermore you better create a fresh account for this, using an invite that you got through a non-traceable route (for instance using Firefox with the Switchproxy plugin according to Tor's guidelines.) Don't forget to install Privoxy for this and configure your browser correctly or your DNS requests are still going over open channels. For more information you can refer to the documentation on the TOR website.

Yes you miss out on the new coolness, yes you have to have alternative channels to verify fingerprints to really be certain there's no man-in-the-middle and yes I'm really paranoid.

Questions?

I don't know tor all that well, but I'd be damn surprised if they were bouncing each conn off < N boxes, where N is probably greater than 5.

Actually N is 3. It's not known if N > 3 will provide greater anonymity. See the Tor FAQ for more details.

Jason.

boo hoo, somebody might listen in on your messages informing others how '31337' you are, because you installed a Windows service pack.

Seriously, though, RTFM. This is answered in the Tor FAQ: http://wiki.noreply.org/noreply/TheOnionRouter/Tor FAQ#head-5e18f8a8f98fa9e69ffac725e96f39641bec7ac1

The Tor project has a FAQ about abuse, from the perspective of Tor server operators and other folks on the internet. Of particular interest are:

• Tor is banned from the IRC network I want to use
• I want to ban the Tor network from my service

Also of interest on the main Tor FAQ is:

• You should hide the list of Tor servers, so people can block the exits.

Basically, Tor goes through some effort in order to be easy to block, by making sure that you can easily get a list of exactly the Tor nodes that allow connections to your servers. If you don't think people who want privacy belong on your service, you don't need to support them; it's your service after all. (Some people have already written RBL-like tools, but I haven't seen any that I like so far; all the ones I've seen list all Tor servers, even the ones that do not permit outgoing connections and so cannot deliver unwanted connections.)

On the other hand, if you do think that privacy is a useful thing, there are ways to allow anonymous users without allowing unlimited abuse. See the first link above.

check the wiki from the tor site, im sure it can be done, and done quite easily

http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ

The image graphs can be found here [noreply.org].
--
Latest: Can you believe the media? [ioerror.us]

It's really worth reading the Tor FAQ on this. Most of these questions are answered - it's very hard, for instance, to use Tor for mail spam. And Tor is a lot easier to block, should you need to, than a zombie network or an open proxy list, or any of the other ways to flood sites. They even give you a way to list all the IPs that could potentially attack your site so you can block them.

It's really worth reading the Tor FAQ on this. Most of these questions are answered - it's very hard, for instance, to use Tor for mail spam. And Tor is a lot easier to block, should you need to, than a zombie network or an open proxy list, or any of the other ways to flood sites. They even give you a way to list all the IPs that could potentially attack your site so you can block them.

I'd really like to allow legit use of Tor on my services, but there are some jackasses that flood from within Tor that make it impossible.

there's nothing stopping you from blindly blocking access to your own servers; however in most cases, that'd probably be just an overreaction.

there are hundreds, if not thousands, of publically accessible proxys and anonymous surfing tools besides tor. you'd likely spend more time trying to keep your filter or block lists up-to-date than you would dealing with any mess left behind if you didn't bother.

you could set up multi-tiered authentication for whatever services you needed to.

for instance. you run a web blog or wiki that allows anonymous postings. you could easily disallow anon postings from users coming in via tor exit nodes or other anon services, while not restricting the anon posting privs to others.

note that tor's default configuration disables outgoing port 25 traffic. it is up to an end node to enable it if they wanted to (deal with the potential flood of abuse emails).

read more at tor's faq: http://wiki.noreply.org/noreply/TheOnionRouter/Tor FAQ#head-ee021d915c36011fbd7dd70bd922b14d3aaed95a

besides tor's anon features (and using privoxy to scrub out the junk); tor has the added benefit of an encrypted connection from client to the tor 'network' (see http://tor.eff.org/overview.html) meaning it's a nice added layer of web security when you're connected to the web via a wireless connection, whether it's a home network, your isp connection, or you're at a hotspot somewhere; especially considering the number of sites and services out there that don't use SSL at all, not even for authentication.

A verified node is not the same as a node, and we now have 100 VERIFIED nodes. RTFFAQ

My node, lemonmirangue, is within the past month, so was probably in the 90s. Someday, I'll get to brag about that.

The image graphs can be found here.

As far as spam goes, Tor nodes will be blocked only by mail server admins who don't know how Tor works or that the default exit policy is to disallow outbound port 25.

Details

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.2.6 (GNU/Linux)

hQIOA2aMkJCD4Z8/EAgAktK5J6LdP1sAPtgqQPQ7TwOi3ypZ7d TJ3SHl+tkUn+cQ
KYh1ghgS5t0aer8TnB5jCHgNCtJaB2mKO0LQFFYY2vKcrHTcxB mBpwlz1vwhbBeD
u582Ys4+hUhzZZU0MJFHvVHU4pTHDzkdPcMVt9je0jUiCOtusl uuFEVryqhkoadU
r9ZeqORjsNg0hZmOHP5kK++clkPlLKOQTR8JEL3HleM9mlwADV C23Mm5apu0n5Te
FN0E/lVS3NrGmOveNi2I2Q0d2Q8XJXnoaF7xzyDNGoCYiv/7I0 2tXbjiu/4gjEi3
/8gHerbn38Pn3+RGSYcvUQa2tONxBz8t7gTI/FSENAf/b/GoHH xmyMRfojZM4DLS
Qrssc99HUg2VNLQD2RWDvEMV8XyKP4erWsQhsr4tJ22W8jMGZE 3Dydj3jzV3bZsH
8VzweULmi45lzq5SWakW7TTy7Ie1iKoVktOJFivsXaiSInRVg+ VaDMyFd9B6i++H
PK4wXt3r/hr0mgVekyVjwDP9wUHUTLvelSeSUSk3HDy0gPkK+n d3H+9+L91n85KD
QmTnTJ9El+G8NA2qWLD+8eB5u1gXcY32CbBkJzPApMiv2HGAVm DU6RFOrGHEhFIX
xo/868UemsgdrPQiZVm0WZhDGFjE35ojFH3EX5g3gqeUftiikb xQYEgqmN/YD+u4
iIUBDgPQcNGYscGwIRAEALNtgqN+FSjUqKM2HUp/myNorcGAe8 1cRfIsOub4NDLt
Gr+bvVs7FR7tdsF9bwkoyGQQQUxdARiWfZ3aBAPSVJ9MB4dQt7 fMkeDNWypljEu4
rxXlo+SuQpYfGlC+r+Ms0ZKsgqgp0IyxMAE3SplOH+gutKzQ6t xKA1trCjXCFlMV
A/sHZY/ZOZdHpQaN8yZnD27/haeKOFxckZ7ufc79XhOb/GJVh/ OMMFqh2WO9X0fn
c/CUWKjreeVOHXGC9xzIxvsdDwFydQYE4nFQcAV3sFfOH6UZz7 NvBlv3ZPvsVxzV
LcfCPxvc/RNmB5OfBevOZ2ZHzXWw60wtjfgZI1NiuBV1J9K9AT +p5+K3NPJMiJ4P
HT0n9L2vNS8o+SSkf7OvzSuwX7Mn5vnv8Dno6StLTPw/tpQXwa kRYRa6zL6EBCpw
HlBYZvYBWphFcKW6PWOGcpswR2+16Jw7j8HZVmRHT4vzjSB/Jo MyClyazaotOtpi
cnTogkkhUMv9J/yMMUl8/dbPVD8R3NriPKEP0WjNXSA7+qIB9c sBBxMnmt3yVXpc
oTkguFbWIIKXfC0fKeFW2rZy6uE0096worJef8k2EPf9
=FseG
-----END PGP MESSAGE-----

public key

I've seen /.'ers suggesting freenet as possible {il,}legal content distribution method. I'd like to disagree with this methodology.

There is already a working way to have anonymous BitTorrent - using Onion Routing protocol. It's great for privacy concerned netizens and if more people set up Tor Servers, Tor would gain critical mass needed to support both tracker AND data connections for BT.

Most of torrent clients supports Tor out-of-the-box, as tor is nothing but socks proxy for your programs. Torifying various applications is really a snap and there is a detailed guide on how to make Azureus BT client work flawlessly with Tor (see section 2.2 Totally Anonymous BitTorrent).

Currently, the only concern for the Tor authors is the fact, that the Tor network may not be able to handle the amounts of traffic, bittorent is able to generate.
However, if each one of you would set up a server with couple of kbps spare bandwidth, the tor network would immediately start scaling up.

Since BT relies on multiple (slow) transmissions occuring at the same time to create the "torrent effect", even if all the transmissions pick different routes trough tor network (taking slight performance hit), the overall performance of BT would remain unchanged.

There is also a very important aspect of tor. It allows you to create hidden services. Basically they are accesible via bogus URLs (like LKbalkbsflKflasbd.onion). The anonymity of the server is assured. More about hidden services at this address.

So, before you let the *oids start reinventing the wheel (and charge an arm and a leg for it), do your bloody homework and use what's already there :)

PS. tor is free software.

Look the documentation

2. Decide what exit policy you want. By default your server allows access to many popular services, but we restrict some (such as port 25) due to abuse potential. You might want an exit policy that is either less restrictive or more restrictive; edit your torrc appropriately. If you choose a particularly open exit policy, you might want to make sure your upstream or ISP is ok with that choice.

6.1. Can exit nodes eavesdrop on communications? Isn't that bad? Yes, the guy running the exit node can read the bytes that come out there. Our first answer is "then use end-to-end encryption such as SSL", which is great but not always practical. (The corollary to this answer is that if you are worried about somebody intercepting your traffic and you're *not* using end-to-end encryption at the application layer, then something has already gone wrong and you shouldn't be thinking that Tor is the problem.) Our second answer is that in a future release, we plan to have Tor clients recognize when the destination is co-located with a Tor server, and exit from that Tor server. So for example, people using Tor to get to the EFF website would automatically exit from the EFF Tor server (assuming it's nearby in network geography), thus getting *better* encryption and authentication properties than just browsing there the normal way. But this has a variety of technical problems we need to overcome first (the main one being "how does the Tor client learn which servers are associated with which websites in a decentralized yet non-gamable way?"). Stay tuned.

http://keyserver.noreply.org/~weasel/PGP%20Keyserv er%20Schema/