Slashdot Mirror

An Access Now report finds that Venezuela has blocked all access to the Tor network. "The latest block includes both direct connections to the network and connections over bridge relays, which had escaped many previous Tor blocks," reports The Verge. From the report: According to network metrics, Tor access in Venezuela had recently spiked in response to recent web blocks placed on local news outlets. Unlike previous blocks, the latest restrictions could not be circumvented by using a censorship-resistant DNS server like those provided by Google and CloudFlare. For many Venezuelans, Tor seems to have been the only way left to access the restricted content. "This is the latest escalation in Venezuela's internet censorship efforts, as it blocks higher-profile sites with more sophisticated methods," said Andres Azpurua of Venezuela Inteligente, in a statement provided through Access. "This is one of their boldest internet censorship actions yet."

"The Google App Engine is discontinuing a practice called domain fronting, which lets services use Google's network to get around state-level internet blocks," reports The Verge. While the move makes sense from a cybersecurity perspective as domain fronting is widely used by malware to evade network-based detection, it will likely frustrate app developers who use it to get around internet censorship. From the report: First spotted by Tor developers on April 13th, the change has been rolling out across Google services and threatens to disrupt services for a number of anti-censorship tools, including Signal, GreatFire.org and Psiphon's VPN services. Reached by The Verge, Google said the changes were the result of a long-planned network update. "Domain fronting has never been a supported feature at Google," a company representative said, "but until recently it worked because of a quirk of our software stack. We're constantly evolving our network, and as part of a planned software update, domain fronting no longer works. We don't have any plans to offer it as a feature."

Domain-fronting allowed developers to use Google as a proxy, forwarding traffic to their own servers through a Google.com domain. That was particularly important for evading state-level censorship, which might try to block all the traffic sent to a given service. As long as the service was using domain-fronting, all the in-country data requests would appear as if they were headed for Google.com, with encryption preventing censors from digging any deeper. We do not yet know exactly why and when Google is shutting down the practice, but will update this post once we learn more.

In 2012, researchers at Tor announced Ooniprobe, an open-source tool to collect data about local meddling with the computer's network connections, and also whether the government was censoring something. The team has now released a new app, available for Android and iOS, which makes it easier than ever to tell what your government is up to on the web. From a report on CNN Money: The Open Observatory of Network Interference (OONI), which monitors networks for censorship and surveillance, is launching Ooniprobe, a mobile app to test network connectivity and let you know when a website is censored in your area. The app tests over 1,200 websites, including Facebook, Twitter, and WhatsApp. You can decide how long to run the test, but the default is 90 seconds and would test between 10 and 20 websites depending on bandwidth. Links to blocked websites are listed in red, while available sites are green. Service providers, sometimes controlled by the government, don't always shutdown the internet entirely -- for instance, Facebook.com might be inaccessible while CNN.com still works. "Not only we will be able to gather more data and more evidence, but we will be able to engage and bring the issue of censorship to the attention of more people," Arturo Filasto, chief developer for the Ooniprobe app, told CNNTech.

An anonymous reader writes: To protect Tor users from FBI hacking tools that include all sorts of Firefox zero-days, the Tor Project started working on a sandboxed version of the Tor Browser in September. Over the weekend, the Tor Project released the first alpha version of the sandboxed Tor Browser. "Currently, this version is in an early alpha stage, and only available for Linux," reports BleepingComputer. "There are also no binaries available, and users must compile it themselves from the source code, which they can grab from here." The report notes: "Sandboxing is a security mechanism employed to separate running processes. In computer security, sandboxing an application means separating its process from the OS, so vulnerabilities in that app can't be leveraged to extend access to the underlying operating system. This is because the sandboxed application works with its own separate portion of disk and memory that isn't linked with the OS."

An anonymous reader writes: To protect Tor users from FBI hacking tools that include all sorts of Firefox zero-days, the Tor Project started working on a sandboxed version of the Tor Browser in September. Over the weekend, the Tor Project released the first alpha version of the sandboxed Tor Browser. "Currently, this version is in an early alpha stage, and only available for Linux," reports BleepingComputer. "There are also no binaries available, and users must compile it themselves from the source code, which they can grab from here." The report notes: "Sandboxing is a security mechanism employed to separate running processes. In computer security, sandboxing an application means separating its process from the OS, so vulnerabilities in that app can't be leveraged to extend access to the underlying operating system. This is because the sandboxed application works with its own separate portion of disk and memory that isn't linked with the OS."

An anonymous reader writes: To protect Tor users from FBI hacking tools that include all sorts of Firefox zero-days, the Tor Project started working on a sandboxed version of the Tor Browser in September. Over the weekend, the Tor Project released the first alpha version of the sandboxed Tor Browser. "Currently, this version is in an early alpha stage, and only available for Linux," reports BleepingComputer. "There are also no binaries available, and users must compile it themselves from the source code, which they can grab from here." The report notes: "Sandboxing is a security mechanism employed to separate running processes. In computer security, sandboxing an application means separating its process from the OS, so vulnerabilities in that app can't be leveraged to extend access to the underlying operating system. This is because the sandboxed application works with its own separate portion of disk and memory that isn't linked with the OS."

An anonymous reader quotes a report from Computerworld: A Firefox zero-day being used in the wild to target Tor users is using code that is nearly identical to what the FBI used in 2013 to unmask Tor-users. A Tor browser user notified the Tor mailing list of the newly discovered exploit, posting the exploit code to the mailing list via a Sigaint darknet email address. A short time later, Roger Dingledine, co-founder of the Tor Project Team, confirmed that the Firefox team had been notified, had "found the bug" and were "working on a patch." On Monday, Mozilla released a security update to close off a different critical vulnerability in Firefox. Dan Guido, CEO of TrailofBits, noted on Twitter, that "it's a garden variety use-after-free, not a heap overflow" and it's "not an advanced exploit." He added that the vulnerability is also present on the Mac OS, "but the exploit does not include support for targeting any operating system but Windows." Security researcher Joshua Yabut told Ars Technica that the exploit code is "100% effective for remote code execution on Windows systems." "The shellcode used is almost exactly the shellcode of the 2013 one," tweeted a security researcher going by TheWack0lian. He added, "When I first noticed the old shellcode was so similar, I had to double-check the dates to make sure I wasn't looking at a 3-year-old post." He's referring to the 2013 payload used by the FBI to deanonymize Tor-users visiting a child porn site. The attack allowed the FBI to tag Tor browser users who believed they were anonymous while visiting a "hidden" child porn site on Freedom Hosting; the exploit code forced the browser to send information such as MAC address, hostname and IP address to a third-party server with a public IP address; the feds could use that data to obtain users' identities via their ISPs.

An anonymous reader quotes a report from Computerworld: A Firefox zero-day being used in the wild to target Tor users is using code that is nearly identical to what the FBI used in 2013 to unmask Tor-users. A Tor browser user notified the Tor mailing list of the newly discovered exploit, posting the exploit code to the mailing list via a Sigaint darknet email address. A short time later, Roger Dingledine, co-founder of the Tor Project Team, confirmed that the Firefox team had been notified, had "found the bug" and were "working on a patch." On Monday, Mozilla released a security update to close off a different critical vulnerability in Firefox. Dan Guido, CEO of TrailofBits, noted on Twitter, that "it's a garden variety use-after-free, not a heap overflow" and it's "not an advanced exploit." He added that the vulnerability is also present on the Mac OS, "but the exploit does not include support for targeting any operating system but Windows." Security researcher Joshua Yabut told Ars Technica that the exploit code is "100% effective for remote code execution on Windows systems." "The shellcode used is almost exactly the shellcode of the 2013 one," tweeted a security researcher going by TheWack0lian. He added, "When I first noticed the old shellcode was so similar, I had to double-check the dates to make sure I wasn't looking at a 3-year-old post." He's referring to the 2013 payload used by the FBI to deanonymize Tor-users visiting a child porn site. The attack allowed the FBI to tag Tor browser users who believed they were anonymous while visiting a "hidden" child porn site on Freedom Hosting; the exploit code forced the browser to send information such as MAC address, hostname and IP address to a third-party server with a public IP address; the feds could use that data to obtain users' identities via their ISPs.

An anonymous reader quotes a report from Ars Technica: The Tor Project recently announced the release of its prototype for a Tor-enabled smartphone -- an Android phone beefed up with privacy and security in mind, and intended as equal parts opsec kung fu and a gauntlet to Google. The new phone, designed by Tor developer Mike Perry, is based on Copperhead OS, the hardened Android distribution profiled first by Ars earlier this year. "The prototype is meant to show a possible direction for Tor on mobile," Perry wrote in a blog post. "We are trying to demonstrate that it is possible to build a phone that respects user choice and freedom, vastly reduces vulnerability surface, and sets a direction for the ecosystem with respect to how to meet the needs of high-security users." To protect user privacy, the prototype runs OrWall, the Android firewall that routes traffic over Tor, and blocks all other traffic. Users can punch a hole through the firewall for voice traffic, for instance, to enable Signal. The prototype only works on Google Nexus and Pixel hardware, as these are the only Android device lines, Perry wrote, that "support Verified Boot with user-controlled keys." While strong Linux geekcraft is required to install and maintain the prototype, Perry stressed that the phone is also aimed at provoking discussion about what he described as "Google's increasing hostility towards Android as a fully Open Source platform." Copperhead OS was the obvious choice for the prototype's base system, Perry told Ars. "Copperhead is also the only Android ROM that supports verified boot, which prevents exploits from modifying the boot, system, recovery, and vendor device partitions," said Perry in his blog post. "Copperhead has also extended this protection by preventing system applications from being overridden by Google Play Store apps, or from writing bytecode to writable partitions (where it could be modified and infected)." He added: "This makes Copperhead an excellent choice for our base system." The prototype, nicknamed "Mission Improbable," is now ready to download and install. Perry said he uses the prototype himself for his personal communications: "E-mail, Signal, XMPP+OTR, Mumble, offline maps and directions in OSMAnd, taking pictures, and reading news and books." He suggests leaving the prototype in airplane mode and connecting to the Internet through a second, less-trusted phone, or a cheap Wi-Fi cell router.

Kashmir Hill has a fascinating story today on what can go wrong when you solely rely on IP address in a crime investigation -- also highlighting how often police resort to IP addresses. In the story she follows a crime investigation that led police to raid a couple's house at 6am in the morning, because their IP address had been associated with the publication of child porn on notorious 4chan porn. The problem was, Hill writes: the couple -- David Robinson and Jan Bultmann -- weren't the ones who had uploaded the child porn. All they did was voluntarily use one of their old laptops as a Tor exit relay, a software used by activists, dissidents, privacy enthusiasts as well as criminals, so that people who want to stay anonymous when surfing the web could do so. Hill writes: Robinson and Bultmann had [...] specifically operated the riskiest node in the chain: the exit relay which provides the IP address ultimately associated with a user's activity. In this case, someone used Tor to make the porn post, and his or her traffic had been routed through the computer in Robinson and Bultmann's house. The couple wasn't pleased to have helped someone post child porn to the internet, but that's the thing about privacy-protective tools: They're going to be used for good and bad purposes, and to support one, you might have to support the other.Robinson added that he was a little let down because police didn't bother to look at the public list which details the IP addresses associated with Tor exit relays. Hill adds: The police asked Robinson to unlock one MacBook Air, and then seemed satisfied these weren't the criminals they were looking for and left. But months later, the case remains open with Robinson and Bultmann's names on police documents linking them to child pornography. "I haven't run an exit relay since. The police told me they'd be back if it happened again," Robinson said; he's still running a Tor node, just not the end point anymore. "I have to take the threat seriously because I don't want my wife or I to wake up with guns in our faces."Technologist Seth Schoen, and EFF Executive Director Cindy Cohn in a white paper aimed at courts and cops. "For many reasons, connecting an individual to a crime linked to an IP address, without any additional investigation, is irresponsible and threatens the civil liberties of innocent people."

Mozilla is investigating whether the fully patched version of Firefox is affected by the same cross-platform, malicious code-execution vulnerability patched on Friday in the Tor browser. Dan Goodin, reporting for ArsTechnica: The vulnerability allows an attacker who has a man-in-the-middle position and is able to obtain a forged certificate to impersonate Mozilla servers, Tor officials warned in an advisory. From there, the attacker could deliver a malicious update for NoScript or any other Firefox extension installed on a targeted computer. The fraudulent certificate would have to be issued by any one of several hundred Firefox-trusted certificate authorities (CA). While it probably would be challenging to hack a CA or trick one into issuing the necessary certificate for addons.mozilla.org, such a capability is well within reach of nation-sponsored attackers, who are precisely the sort of adversaries included in the Tor threat model. In 2011, for instance, hackers tied to Iran compromised Dutch CA DigiNotar and minted counterfeit certificates for more than 200 addresses, including Gmail and the Mozilla addons subdomain.

An anonymous reader writes: An internal group at the Tor Project is calling for a full 24-hour shutdown of the Tor network to protest the way the Tor Project dealt with the Jake Applebaum sexual misconduct accusations, and because of recent rumors it might be letting former government agents in its ranks. Two Tor members, also node operators, have shut down their servers as well, because of the same reason. They explained their motivations here and here.
"The protesters have made 16 demands," according to the article, six related to related to supposed infiltration of Tor by government agents, and 10 regarding the Appelbaum ruling and investigation -- including "asking all Tor employees that participated in this investigation to leave" and "the persons behind the JacobAppelbaum.net and the @JakeMustDie and @VictimsOfJake Twitter accounts to come forward and their identities made public."

An anonymous reader quotes a report from Engadget: Tor has published what it calls a "Social Contract" comprised of promises to users and the principles the team believes in. Whatever the reason is, its social contract contains one interesting pledge: "We will never implement front doors or back doors into our projects," the team wrote. Tor's ability to keep users anonymous made it the go-to browser of people looking for drugs, illegal firearms, hitmen, child porn and other things you won't find on eBay or YouTube. If there's a browser law enforcement agencies would want a backdoor to, it's Tor, especially since its main source of funding is the U.S. government. That's right -- the famous anonymizing network gets most of its money from a government known for conducting mass surveillance on a global scale. Loudly proclaiming that it will never build a backdoor into its services might not even matter, though. The government already proved once that it's capable of infiltrating the dark web. If you'll recall, the FBI identified 1,500 users of a child porn website called "Playpen" by deploying a Tor hacking tool. It led to numerous court battles that opened up the discussion on the validity of evidence obtained without warrant through malware. "We believe that privacy, the free exchange of ideas, and access to information are essential to free societies. Through our community standards and the code we write, we provide tools that help all people protect and advance these rights," Tor writes in the contract.

"I just set up a lot of Onion Services for many of Debian's static websites," announced Debian sys-admin Peter "weasel" Palfrader on Friday. "You can find the entire list of services on onion.debian.org. More might come in the future." Longtime Slashdot reader alfino writes: Yay for privacy. We don't care about where you come from, and now you don't even have to tell anyone that you're using Debian. The archive at ftp.debian.org is already in the list. Support for more redundant Debian archive access is expected to come When It's Ready.

An anonymous reader quotes a report from The Verge: The Tor Project, a nonprofit known for its online anonymity software, says it has verified claims that former employee Jacob Appelbaum engaged in "sexually aggressive behavior" with people inside and outside of its organization. "We have confirmed that the events did take place as reported," Shari Steele, Tor's executive director, tells The Verge. In a blog post today, Steele says that Tor began an investigation into Appelbaum's behavior after several people came forward with allegations of misconduct in late May. In a statement made in June, he said the allegations were "entirely false." He resigned from the Tor Project in May. "I want to thank all the people who broke the silence around Jacob's behavior," Steele writes. "It is because of you that this issue has now been addressed. I am grateful you spoke up, and I acknowledge and appreciate your courage." Steele says that Tor is now implementing a new anti-harassment policy, as well as a process for submitting complaints and having them reviewed. The changes will be put in place this week. Tor also announced last month that it would replace its entire board of directors.

An anonymous reader quotes a report from The Verge: The Tor Project, a nonprofit known for its online anonymity software, says it has verified claims that former employee Jacob Appelbaum engaged in "sexually aggressive behavior" with people inside and outside of its organization. "We have confirmed that the events did take place as reported," Shari Steele, Tor's executive director, tells The Verge. In a blog post today, Steele says that Tor began an investigation into Appelbaum's behavior after several people came forward with allegations of misconduct in late May. In a statement made in June, he said the allegations were "entirely false." He resigned from the Tor Project in May. "I want to thank all the people who broke the silence around Jacob's behavior," Steele writes. "It is because of you that this issue has now been addressed. I am grateful you spoke up, and I acknowledge and appreciate your courage." Steele says that Tor is now implementing a new anti-harassment policy, as well as a process for submitting complaints and having them reviewed. The changes will be put in place this week. Tor also announced last month that it would replace its entire board of directors.

An anonymous reader writes: The Tor Project announced today that is has elected an entirely new board of directors as part of a larger shake-up after accusations of misconduct by former employee Jacob Appelbaum. Appelbaum left the company in June after the nonprofit organization said it had received multiple accusations against him. The seven board members that are leaving the organization said in a statement today that it is their "duty to ensure that the Tor Project has the best possible leadership." The New York Times reports that the board agreed to step down following the controversy surrounding Appelbaum. Some of the board members who will be leaving include Tor Project co-founders Roger Dingledine and Nick Mathewson, who will continue to work on the organization's technical research and development team, according to the statement. They will be replaced with several prominent cryptographers and scholars, including University of Pennsylvania professor Matt Blaze, Electronic Frontier Foundation Executive Director Cindy Cohn, and security technologist Bruce Schneier. Meanwhile, researchers at MIT have been working on a new anonymity network that they say is more secure than Tor.

The version 6.0 of Tor Browser, a free software for enabling anonymous communication, is now available to download. The new version introduces several changes, including disabling SHA-1 support, and removing Mac Gatekeeper issue. Another big change is that Tor now uses DuckDuckGo for search results by default. The Tor Project, people behind Tor, add that the "updater is not relying on the signature alone, but is checking the hash of the downloaded update file as well before applying it." More details on NetworkWorld.

An anonymous reader quotes a report from Softpedia: Tor developers have been working on the next iteration of the Tor network and its underbelly, the Onion routing protocol, in order to create a stronger, harder-to-crack anonymous communications system. To advance the project, the developer team schedules brainstorming and planning meetings at regular intervals. The most recent of these meetings took place last week, in Montreal, Canada. In this session, the team tested the next generation of the Tor network working on top of a revamped Onion protocol that uses a new algorithm for generating random numbers, never before seen on the Internet. The Tor Project says it created something it calls "a distributed RNG" (random number generator) that uses two or more computers to create random numbers and then blends their outputs together into a new random number. The end result is something that's almost impossible to crack without knowing which computers from a network contributed to the final random number, and which entropy each one used. Last week, two University of Texas academics have made a breakthrough in random number generation. The work is theoretical, but could lead to a number of advances in cryptography, scientific polling, and the study of various complex environments such as the climate.

Patrick O'Neill writes: Matt Edman is a cybersecurity expert who worked as a part-time employee at Tor Project, the nonprofit that builds Tor software and maintains the network, almost a decade ago. Since then, he's developed potent malware used by law enforcement to unmask Tor users. It's been wielded in multiple investigations by federal law-enforcement and U.S. intelligence agencies in several high-profile cases. The Tor Project has confirmed this report in a statement after being contacted by the Daily Dot, "It has come to out attention that Matt Edman, who worked with the Tor Project until 2009, subsequently was employed by a defense contractor working for the FBI to develop anti-Tor malware." Maybe Tor users will now be less likely to anonymously check Facebook each month...

An anonymous reader writes: CloudFlare's co-founder Matthew Prince has publicly appealed to work with the Tor Project on implementing a solution that will stop the high incidence of Tor users being challenged by CAPTCHAs whilst browsing. Prince proposes the implementation of a Tor plugin that would communicate with CloudFlare servers to provide temporary, anonymous identification to bypass the CAPTCHAs, and has presented the code on GitHub. Other possibilities mooted include the adoption of higher-level encryption, which would be likely to adversely influence a network which already has native (and inevitable) latency issues. CloudFlare's public post on the matter comes after five turbulent weeks of comments-section debate between CloudFlare and Tor, and seems to be an appeal for public arbitration on the matter.Prince further noted that 94% of the traffic CloudFlair sees is "per se malicious." From his blog post: That doesn't mean they are visiting controversial content, but instead that they are automated requests designed to harm our customers. A large percentage of the comment spam, vulnerability scanning, ad click fraud, content scraping, and login scanning comes via the Tor network. To give you some sense, based on data from Project Honey Pot, 18% of global email spam, or approximately 6.5 trillion unwanted messages per year, begin with an automated bot harvesting email addresses via the Tor network.

itwbennett writes: The Tor Project, which provides more anonymous browsing across the Internet using a customized Firefox Web browser. is fortifying its software so that it can quickly detect if its network is tampered with. To address worries that Tor could either be technically subverted or subject to court orders, Tor developers are now designing the system in such a way that many people can verify if code has been changed and 'eliminate single points of failure,' wrote Mike Perry, lead developer of the Tor Browser, on Monday. 'Even if a government or a criminal obtains our cryptographic keys, our distributed network and its users would be able to detect this fact and report it to us as a security issue,' said Perry.

An anonymous reader writes: The way you move your mouse is unique, like fingerprints, and can be used by dark forces to track you on supposedly anonymous and secure networks like Tor, according to a Barcelona researcher. Because the Tor Project has failed to address a ten-month-old issue regarding "time measurement via JavaScript," there are a series of user fingerprinting techniques that are quite accurate at identifying users based on their mouse movements, scrolling speed, and how their browser and hardware reacts to certain JavaScript code. If a user visits a "fingerprinting" website via Tor and then via a normal browser, an attacker can have a general idea about their identity and can even pinpoint them to real IPs. The data that is usually logged in fingerprinting schemes is not 100% reliable or accurate for that matter, but it provides a starting point for future investigations.

An anonymous reader writes: The anonymous community Tor Project has released a beta version of its Tor Messenger app – a chat platform which it intends to promote among users concerned with digital privacy and security. Like the onion routing Tor Browser, the app has been designed to protect the location and the routing data of the user, and transferred information via the open source Off-The-Record (OTR) protocol.

An anonymous reader writes: The Tor Project has announced a new initiative to open exit relays in public libraries. "This is an idea whose time has come; libraries are our most democratic public spaces, protecting our intellectual freedom, privacy, and unfettered access to information, and Tor Project creates software that allows all people to have these rights on the internet." They point out that this is both an excellent way to educate people on the value of private internet browsing while also being a practical way to expand the Tor network. A test for this initiative is underway at the Kilton Library in Lebanon, New Hampshire, which already has a computing environment full of GNU/Linux machines.

vivaoporto writes A GSM/GPS tracking device was found this March 4 on an activist's car attending the Circumvention Tech Festival in Valencia, Spain, a festival that proposes to gather "the community fighting censorship and surveillance for a week of conferences, workshops, hackathons, and social gatherings, featuring many of the Internet Freedom community's flagship events." They are now asking for the internet tech community for help in order to identify the device. Below verbatim is the plea for help published on the Tor Project website. The fine article also contains pictures of the device.

"On March 4th, 2015, we found a tracking device inside of the wheel well of a car belonging to an attendee of the Circumvention Tech Festival in Valencia, Spain. This was reported in the local media.

If you have information about this device — please send information to jacob at appelbaum dot net using gpg.

The device was magnetically mounted inside of the left wheel well of the car. The battery is attached by cable to the tracking device. The battery was magnetically mounted to the frame of the car. The tracking device was similarly magnetically mounted. The device itself has an external magnetically mounted GPS antenna. It has a very simple free hanging GSM antenna. The device included a Movistar SIM card for GSM network access. The entire device was wrapped in black tape."

A while ago you had a chance to ask Executive Director of the Tor project Andrew Lewman about fighting laws and technology that threaten anonymity and the importance of privacy. Below you'll find his answers to your questions. The NSA TrueCrypt Ploy Again?
by TechForensics

How can we ever be sure Tor has not morphed into an eviscerated TrueCrypt and that at some point, after achieving their means of compromise, the NSA won't force a version they can easily backdoor on the public?

They like to compromise software and then put it back, so it becomes an intelligence asset. In my understanding only a legal technicality allowed TrueCrypt to issue a cryptic public announcement which effectively let the public know TrueCrypt was potentially compromised. I wonder whether the NSA will even allow Tor to recommend a transparently ineffective alternative.

Lewman: No agency has ever asked Tor to put in lawful intercept access, also known as a “backdoor.” Tor is not subject to the same legal requirements as other Internet service providers or content providers to incorporate that into the system. Our FAQ answer states this clearly.

How can strategies be drawn so if Tor is easily, possibly undetectably breached, the public will have some inkling of it?

Lewman: Tor maintains an open community and believes in transparency. We always strive to report out as quickly as we can about any issues affecting the Tor network.



Cryptowall 2.0
by Anonymous Coward

Cryptowall 2.0 is using state of the art cryptographic services like Tor, Bitcoin, and file encryption, combined with standard exploits to hold data ransom. I think it's among the more sophisticated attacks I've ever seen. How do you think more malware of this type will pressure you to change the service?

Lewman: Tor is used by millions of people for legitimate purposes and certainly anytime someone uses technology in a way that harms other people, we are disheartened. Our approach to this is, and has been, to work with malware researchers and law enforcement to help people remove the malware or to change the incentives behind including Tor in the malware at all.



Tor connections
by Anonymous Coward

Why hasn't TOR moved towards a connectionless routing between the client and the exit node? A permanent connection is being established each time with the same pattern: computer -> entry node -> middle node -> exit node -> website. This can lead to a traffic pattern analysis, given an observer with enough "peer exchange nodes" under his monitoring. In some cases all the connections could be monitored with only country/continent level entry points. Wouldn't a bunch of state-less P2P like connections between the client and the exit node be better suited against such traffic inspection?

Lewman: We would love to get to the point that Tor could provide a connectionless routing between client and exit node that does not compromise anonymity. It is something that we have thought about for a while and started research on a while back. More research on this needs to be done in order to roll it out to the Tor network. We would love for someone to help further study that and help us figure out how to make that happen.



Have you used I2P...
by Anonymous Coward

And what are your thoughts on its design compared to Tor and as a complement to it?

Lewman: We try to keep up with any new technology that emerges and have tried many of the different online privacy products and software out there- I2P, Freenet, Retroshare, GNUNet and others certainly have some interesting work and research about online privacy. We are open to collaborating with anyone that shares our mission of protecting online security and anonymity for users.



Balance between simple privacy and lawlessness
by TWX

Tor can be used for good and for evil. How do you go about attempting to design the features of Tor to maximize one and minimize the other?

Lewman: The Tor network is designed to provide protection online for ordinary citizens, victims of abuse, and individuals in dangerous parts of the world share information over public networks without compromising their anonymity. Most of the people that use Tor have legitimate uses for wanting privacy such as activists or reporters that need to keep their locations private. Criminals can already do bad things and there are certainly lots of options available to them for breaking the laws.



Re:Balance between simple privacy and lawlessness
by mlts

Along the lines to this question, how can Tor's PR be helped? As of now, part of an IT person's job is to block Tor's exit nodes, on the application, kernel, and router level, because those nodes to be a source of many attacks. So, because of the bad reputation, it gets entirely locked out of many websites. This can be fixed by running a VPN over Tor so the exit comes from the VPN's servers, but there goes the anonymity for the most part.

Lewman: With so much concern these days about people’s privacy being compromised online, I would love more businesses to take a look at how Tor could help them protect their confidential documents like patents, product development ideas, or financial documents. Even in some situations when a company is doing competitive intelligence research online and it's important that the competitor does not know, it keeps the competitor from knowing that someone is looking at them online.



What is your biggest fear?
by AmiMoJo

What is your biggest fear? After the TrueCrypt developers were apparently threatened or otherwise convinced to abandon development, does the NSA worry you? The FBI has been complaining about encryption lately too, as have law enforcement agencies in other countries. Or is there something else that concerns you?

Lewman: My biggest concern is making sure that the 2.5 million people around the world that currently use Tor and the thousands of new people that download it every day, have a safe, reliable way to protect their privacy online.



Tor has been compromised
by kheldan

News stories I've read lately seem to indicate that the Tor exit nodes have been and still are being compromised by organizations and some oppressive governments. What are you doing about this?

Lewman: The Tor network has been around for 10 years and it has never been successfully hacked. Many have tried and many more will try. We work with researchers all the time to improve the network.



Darknet takedowns.
by brokenin2

Do you know how the takedown of so many "darknet" sites was accomplished recently, or do you at least have some suspicions? The government seems to by lying about how they took down the original Silk Road site, and I'm wondering if you believe this is to: a) Hide a technical solution that they have at their disposal, or b) Hide the egregiously illegal/inadmissable things they did to accomplish this, or c) some of each.

Lewman: We have no knowledge of how the agencies working together "took down” silkroad and other darknet sites but news reports vary widely on the actual number of sites that were taken down. We've been watching carefully to try and learn if there are any flaws with Tor that we need to correct. Nothing so far about this case makes us think they found a way to compromise the Tor software or network. The FBI says that their suspect made mistakes in operational security and was found through actual detective work.

A while ago you had a chance to ask Executive Director of the Tor project Andrew Lewman about fighting laws and technology that threaten anonymity and the importance of privacy. Below you'll find his answers to your questions. The NSA TrueCrypt Ploy Again?
by TechForensics

How can we ever be sure Tor has not morphed into an eviscerated TrueCrypt and that at some point, after achieving their means of compromise, the NSA won't force a version they can easily backdoor on the public?

They like to compromise software and then put it back, so it becomes an intelligence asset. In my understanding only a legal technicality allowed TrueCrypt to issue a cryptic public announcement which effectively let the public know TrueCrypt was potentially compromised. I wonder whether the NSA will even allow Tor to recommend a transparently ineffective alternative.

Lewman: No agency has ever asked Tor to put in lawful intercept access, also known as a “backdoor.” Tor is not subject to the same legal requirements as other Internet service providers or content providers to incorporate that into the system. Our FAQ answer states this clearly.

How can strategies be drawn so if Tor is easily, possibly undetectably breached, the public will have some inkling of it?

Lewman: Tor maintains an open community and believes in transparency. We always strive to report out as quickly as we can about any issues affecting the Tor network.



Cryptowall 2.0
by Anonymous Coward

Cryptowall 2.0 is using state of the art cryptographic services like Tor, Bitcoin, and file encryption, combined with standard exploits to hold data ransom. I think it's among the more sophisticated attacks I've ever seen. How do you think more malware of this type will pressure you to change the service?

Lewman: Tor is used by millions of people for legitimate purposes and certainly anytime someone uses technology in a way that harms other people, we are disheartened. Our approach to this is, and has been, to work with malware researchers and law enforcement to help people remove the malware or to change the incentives behind including Tor in the malware at all.



Tor connections
by Anonymous Coward

Why hasn't TOR moved towards a connectionless routing between the client and the exit node? A permanent connection is being established each time with the same pattern: computer -> entry node -> middle node -> exit node -> website. This can lead to a traffic pattern analysis, given an observer with enough "peer exchange nodes" under his monitoring. In some cases all the connections could be monitored with only country/continent level entry points. Wouldn't a bunch of state-less P2P like connections between the client and the exit node be better suited against such traffic inspection?

Lewman: We would love to get to the point that Tor could provide a connectionless routing between client and exit node that does not compromise anonymity. It is something that we have thought about for a while and started research on a while back. More research on this needs to be done in order to roll it out to the Tor network. We would love for someone to help further study that and help us figure out how to make that happen.



Have you used I2P...
by Anonymous Coward

And what are your thoughts on its design compared to Tor and as a complement to it?

Lewman: We try to keep up with any new technology that emerges and have tried many of the different online privacy products and software out there- I2P, Freenet, Retroshare, GNUNet and others certainly have some interesting work and research about online privacy. We are open to collaborating with anyone that shares our mission of protecting online security and anonymity for users.



Balance between simple privacy and lawlessness
by TWX

Tor can be used for good and for evil. How do you go about attempting to design the features of Tor to maximize one and minimize the other?

Lewman: The Tor network is designed to provide protection online for ordinary citizens, victims of abuse, and individuals in dangerous parts of the world share information over public networks without compromising their anonymity. Most of the people that use Tor have legitimate uses for wanting privacy such as activists or reporters that need to keep their locations private. Criminals can already do bad things and there are certainly lots of options available to them for breaking the laws.



Re:Balance between simple privacy and lawlessness
by mlts

Along the lines to this question, how can Tor's PR be helped? As of now, part of an IT person's job is to block Tor's exit nodes, on the application, kernel, and router level, because those nodes to be a source of many attacks. So, because of the bad reputation, it gets entirely locked out of many websites. This can be fixed by running a VPN over Tor so the exit comes from the VPN's servers, but there goes the anonymity for the most part.

Lewman: With so much concern these days about people’s privacy being compromised online, I would love more businesses to take a look at how Tor could help them protect their confidential documents like patents, product development ideas, or financial documents. Even in some situations when a company is doing competitive intelligence research online and it's important that the competitor does not know, it keeps the competitor from knowing that someone is looking at them online.



What is your biggest fear?
by AmiMoJo

What is your biggest fear? After the TrueCrypt developers were apparently threatened or otherwise convinced to abandon development, does the NSA worry you? The FBI has been complaining about encryption lately too, as have law enforcement agencies in other countries. Or is there something else that concerns you?

Lewman: My biggest concern is making sure that the 2.5 million people around the world that currently use Tor and the thousands of new people that download it every day, have a safe, reliable way to protect their privacy online.



Tor has been compromised
by kheldan

News stories I've read lately seem to indicate that the Tor exit nodes have been and still are being compromised by organizations and some oppressive governments. What are you doing about this?

Lewman: The Tor network has been around for 10 years and it has never been successfully hacked. Many have tried and many more will try. We work with researchers all the time to improve the network.



Darknet takedowns.
by brokenin2

Do you know how the takedown of so many "darknet" sites was accomplished recently, or do you at least have some suspicions? The government seems to by lying about how they took down the original Silk Road site, and I'm wondering if you believe this is to: a) Hide a technical solution that they have at their disposal, or b) Hide the egregiously illegal/inadmissable things they did to accomplish this, or c) some of each.

Lewman: We have no knowledge of how the agencies working together "took down” silkroad and other darknet sites but news reports vary widely on the actual number of sites that were taken down. We've been watching carefully to try and learn if there are any flaws with Tor that we need to correct. Nothing so far about this case makes us think they found a way to compromise the Tor software or network. The FBI says that their suspect made mistakes in operational security and was found through actual detective work.

Earthquake Retrofit writes The Register is reporting that the Tor Project has warned that its network – used to mask peoples' identities on the internet – may be knocked offline in the coming days. In a Tor blog post, project leader Roger 'arma' Dingledine said an unnamed group may seize Tor's directory authority servers before the end of next week. These servers distribute the official lists of relays in the network, which are the systems that route users' traffic around the world to obfuscate their internet connections' public IP addresses.

tsu doh nimh writes: A new report from the U.S. Treasury Department found that nearly $24 million in bank account takeovers by hackers (and other cyber theft over the past decade) might have been thwarted had affected institutions known to look for and block transactions coming through the Tor anonymity network. Brian Krebs cites from the non-public report, which relied on an analysis of suspicious activity reports filed by banks over the past decade: "Analysis of these documents found that few filers were aware of the connection to Tor, that the bulk of these filings were related to cybercrime, and that Tor-related filings were rapidly rising. Our BSA [Bank Secrecy Act] analysis of 6,048 IP addresses associated with the Tor darknet found that in the majority of the SAR filings, the underlying suspicious activity — most frequently account takeovers — might have been prevented if the filing institution had been aware that their network was being accessed via Tor IP addresses." Meanwhile, the Tor Project continues to ask for assistance in adapting the technology to an Internet that is increasingly blocking users who visit from Tor.

HughPickens.com writes: Jeremy Kirk writes at PC World that in the aftermath of U.S. and European law enforcement shutting down more than 400 websites (including Silk Road 2.0) which used technology that hides their true IP addresses, Tor users are asking: How did they locate the hidden services? "The first and most obvious explanation is that the operators of these hidden services failed to use adequate operational security," writes Andrew Lewman, the Tor project's executive director. For example, there are reports of one of the websites being infiltrated by undercover agents and one affidavit states various operational security errors." Another explanation is exploitation of common web bugs like SQL injections or RFIs (remote file inclusions). Many of those websites were likely quickly-coded e-shops with a big attack surface. Exploitable bugs in web applications are a common problem says Lewman adding that there are also ways to link transactions and deanonymize Bitcoin clients even if they use Tor. "Maybe the seized hidden services were running Bitcoin clients themselves and were victims of similar attacks."

However the number of takedowns and the fact that Tor relays were seized could also mean that the Tor network was attacked to reveal the location of those hidden services. "Over the past few years, researchers have discovered various attacks on the Tor network. We've implemented some defenses against these attacks (PDF), but these defenses do not solve all known issues and there may even be attacks unknown to us." Another possible Tor attack vector could be the Guard Discovery attack. The guard node is the only node in the whole network that knows the actual IP address of the hidden service so if the attacker manages to compromise the guard node or somehow obtain access to it, she can launch a traffic confirmation attack to learn the identity of the hidden service. "We've been discussing various solutions to the guard discovery attack for the past many months but it's not an easy problem to fix properly. Help and feedback on the proposed designs is appreciated."

According to Lewman, the task of hiding the location of low-latency web services is a very hard problem and we still don't know how to do it correctly. It seems that there are various issues that none of the current anonymous publishing designs have really solved. "In a way, it's even surprising that hidden services have survived so far. The attention they have received is minimal compared to their social value and compared to the size and determination of their adversaries."

HughPickens.com writes: Jeremy Kirk writes at PC World that in the aftermath of U.S. and European law enforcement shutting down more than 400 websites (including Silk Road 2.0) which used technology that hides their true IP addresses, Tor users are asking: How did they locate the hidden services? "The first and most obvious explanation is that the operators of these hidden services failed to use adequate operational security," writes Andrew Lewman, the Tor project's executive director. For example, there are reports of one of the websites being infiltrated by undercover agents and one affidavit states various operational security errors." Another explanation is exploitation of common web bugs like SQL injections or RFIs (remote file inclusions). Many of those websites were likely quickly-coded e-shops with a big attack surface. Exploitable bugs in web applications are a common problem says Lewman adding that there are also ways to link transactions and deanonymize Bitcoin clients even if they use Tor. "Maybe the seized hidden services were running Bitcoin clients themselves and were victims of similar attacks."

However the number of takedowns and the fact that Tor relays were seized could also mean that the Tor network was attacked to reveal the location of those hidden services. "Over the past few years, researchers have discovered various attacks on the Tor network. We've implemented some defenses against these attacks (PDF), but these defenses do not solve all known issues and there may even be attacks unknown to us." Another possible Tor attack vector could be the Guard Discovery attack. The guard node is the only node in the whole network that knows the actual IP address of the hidden service so if the attacker manages to compromise the guard node or somehow obtain access to it, she can launch a traffic confirmation attack to learn the identity of the hidden service. "We've been discussing various solutions to the guard discovery attack for the past many months but it's not an easy problem to fix properly. Help and feedback on the proposed designs is appreciated."

According to Lewman, the task of hiding the location of low-latency web services is a very hard problem and we still don't know how to do it correctly. It seems that there are various issues that none of the current anonymous publishing designs have really solved. "In a way, it's even surprising that hidden services have survived so far. The attention they have received is minimal compared to their social value and compared to the size and determination of their adversaries."

HughPickens.com writes: Jeremy Kirk writes at PC World that in the aftermath of U.S. and European law enforcement shutting down more than 400 websites (including Silk Road 2.0) which used technology that hides their true IP addresses, Tor users are asking: How did they locate the hidden services? "The first and most obvious explanation is that the operators of these hidden services failed to use adequate operational security," writes Andrew Lewman, the Tor project's executive director. For example, there are reports of one of the websites being infiltrated by undercover agents and one affidavit states various operational security errors." Another explanation is exploitation of common web bugs like SQL injections or RFIs (remote file inclusions). Many of those websites were likely quickly-coded e-shops with a big attack surface. Exploitable bugs in web applications are a common problem says Lewman adding that there are also ways to link transactions and deanonymize Bitcoin clients even if they use Tor. "Maybe the seized hidden services were running Bitcoin clients themselves and were victims of similar attacks."

However the number of takedowns and the fact that Tor relays were seized could also mean that the Tor network was attacked to reveal the location of those hidden services. "Over the past few years, researchers have discovered various attacks on the Tor network. We've implemented some defenses against these attacks (PDF), but these defenses do not solve all known issues and there may even be attacks unknown to us." Another possible Tor attack vector could be the Guard Discovery attack. The guard node is the only node in the whole network that knows the actual IP address of the hidden service so if the attacker manages to compromise the guard node or somehow obtain access to it, she can launch a traffic confirmation attack to learn the identity of the hidden service. "We've been discussing various solutions to the guard discovery attack for the past many months but it's not an easy problem to fix properly. Help and feedback on the proposed designs is appreciated."

According to Lewman, the task of hiding the location of low-latency web services is a very hard problem and we still don't know how to do it correctly. It seems that there are various issues that none of the current anonymous publishing designs have really solved. "In a way, it's even surprising that hidden services have survived so far. The attention they have received is minimal compared to their social value and compared to the size and determination of their adversaries."

msm1267 writes: The keepers of Tor commissioned a study testing the defenses and viability of their Firefox-based browser as a privacy tool. The results (PDF) were a bit eye-opening since the report's recommendations don't favor Firefox as a baseline for Tor, rather Google Chrome. But Tor's handlers concede that budget constraints and Chrome's limitations on proxy support make a switch or a fork impossible.

An anonymous reader writes: Last week, we discussed news that a presentation had been canceled for the upcoming Black Hat security conference that involved the Tor Project. The researchers involved hadn't made much of an effort to disclose the vulnerability, and the Tor Project was scrambling to implement a fix. Now, the project says it's likely these researchers were actively attacking Tor users and trying to deanonymize them. "On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks. ...We know the attack looked for users who fetched hidden service descriptors, but the attackers likely were not able to see any application-level traffic (e.g. what pages were loaded or even whether users visited the hidden service they looked up). The attack probably also tried to learn who published hidden service descriptors, which would allow the attackers to learn the location of that hidden service." They also provide a technical description of the attack, and the steps they're taking to block such attacks in the future.

alphadogg writes A presentation on a low-budget method to unmask users of a popular online privacy tool Tor will no longer go ahead at the Black Hat security conference early next month. The talk was nixed by the legal counsel with Carnegie Mellon's Software Engineering Institute after a finding that materials from researcher Alexander Volynkin were not approved for public release, according to a notice on the conference's website. Tor project leader Roger Dingledine said, "I think I have a handle on what they did, and how to fix it. ... Based on our current plans, we'll be putting out a fix that relays can apply that should close the particular bug they found. The bug is a nice bug, but it isn't the end of the world." Tor's developers were "informally" shown materials about the bug, but never saw any details about what would be presented in the talk.

alphadogg writes A presentation on a low-budget method to unmask users of a popular online privacy tool Tor will no longer go ahead at the Black Hat security conference early next month. The talk was nixed by the legal counsel with Carnegie Mellon's Software Engineering Institute after a finding that materials from researcher Alexander Volynkin were not approved for public release, according to a notice on the conference's website. Tor project leader Roger Dingledine said, "I think I have a handle on what they did, and how to fix it. ... Based on our current plans, we'll be putting out a fix that relays can apply that should close the particular bug they found. The bug is a nice bug, but it isn't the end of the world." Tor's developers were "informally" shown materials about the bug, but never saw any details about what would be presented in the talk.

An anonymous reader writes "Almost every modern abusive relationship has a digital component, from cyberstalking to hacking phones, emails, and social media accounts, but women's shelters increasingly have found themselves on the defensive, ill-equipped to manage and protect their clients from increasingly sophisticated threats. Recently the Tor Project stepped in to help change that. Andrew Lewman, executive director of the project, 'thinks of the digital abuse epidemic like a doctor might consider a biological outbreak. "Step one, do not infect yourself. Step two, do not infect others, especially your co-workers. Step three, help others," he said. In the case of digital infections, like any other, skipping those first two steps can quickly turn caretakers into infected liabilities. For domestic violence prevention organizations that means ensuring their communication lines stay uncompromised. And that means establishing a base level of technology education for staff with generally little to no tech chops who might not understand the gravity of clean communication lines until faced with a situation where their own phone or email gets hacked.'"

IamTheRealMike (537420) writes "In recent months fake PGP keys have been found for at least two developers on well known crypto projects: Erinn Clark, a Tor developer and Gavin Andresen, the maintainer of Bitcoin. In both cases, these PGP keys are used to sign the downloads for popular pieces of crypto software. PGP keys are supposed to be verified through the web of trust, but in practice it's very hard to find a trust path between two strangers on the internet: one reply to Erinn's mail stated that despite there being 30 signatures [attached to] her key, [the respondent] couldn't find any trust paths to her. It's also very unclear whether anyone would notice a key substitution attack like this. This leaves three questions: who is doing this, why, and what can be done about it? An obvious candidate would be intelligence agencies, who may be trying to serve certain people with backdoored binaries via their QUANTUMTHEORY man-in-the-middle system. As to what can be done about it, switching from PGP to X.509 code signing would be an obvious candidate. Both Mac and Windows support it, obtaining a forged certificate is much harder than simply uploading a fake PGP key, and whilst X.509 certs can be issued in secret until Google's Certificate Transparency system is fully deployed, finding one would be strong evidence that an issuing CA had been compromised: something that seems plausible but for which we currently lack any evidence. Additionally, bad certificates can be revoked when found whereas beyond making blog posts, not much can be done about the fake PGP keys."

IamTheRealMike (537420) writes "In recent months fake PGP keys have been found for at least two developers on well known crypto projects: Erinn Clark, a Tor developer and Gavin Andresen, the maintainer of Bitcoin. In both cases, these PGP keys are used to sign the downloads for popular pieces of crypto software. PGP keys are supposed to be verified through the web of trust, but in practice it's very hard to find a trust path between two strangers on the internet: one reply to Erinn's mail stated that despite there being 30 signatures [attached to] her key, [the respondent] couldn't find any trust paths to her. It's also very unclear whether anyone would notice a key substitution attack like this. This leaves three questions: who is doing this, why, and what can be done about it? An obvious candidate would be intelligence agencies, who may be trying to serve certain people with backdoored binaries via their QUANTUMTHEORY man-in-the-middle system. As to what can be done about it, switching from PGP to X.509 code signing would be an obvious candidate. Both Mac and Windows support it, obtaining a forged certificate is much harder than simply uploading a fake PGP key, and whilst X.509 certs can be issued in secret until Google's Certificate Transparency system is fully deployed, finding one would be strong evidence that an issuing CA had been compromised: something that seems plausible but for which we currently lack any evidence. Additionally, bad certificates can be revoked when found whereas beyond making blog posts, not much can be done about the fake PGP keys."

itwbennett (1594911) writes "For the past several months Tor developers have unsuccessfully been trying to convince Apple to remove from its iOS App Store what they believe to be a fake and potentially malicious Tor Browser application. According to subsequent messages on the bug tracker, a complaint was filed with Apple on Dec. 26 with Apple reportedly responding on Jan. 3 saying it would give a chance to the app's developer to defend it. More than two months later, the Tor Browser app created by a developer named Ronen is available still in the App Store. The issue came into the public spotlight Wednesday when people involved in the Tor Project took to Twitter to make their concerns heard. Apple did not respond to IDG News Service's request for comment."

An anonymous reader writes in with news about a new anonymous instant messenger client on the way from Tor. "Forget the $16 billion romance between Facebook and WhatsApp. There's a new messaging tool worth watching. Tor, the team behind the world's leading online anonymity service, is developing a new anonymous instant messenger client, according to documents produced at the Tor 2014 Winter Developers Meeting in Reykjavik, Iceland."

An anonymous reader points out this recently published study (PDF) on detecting malicious (or at least suspicious) Tor exit relays. From their conclusions: "After developing a scanner, we closely monitored all ~1000 exit relays over a period of four months. Wed discovered 25 relays which were either outright malicious or simply misconfigured. Interestingly, the majority of the attacks were coordinated instead of being isolated actions of independent individuals. Our results further suggest that the attackers made an active effort to remain under the radar and delay detection." One of the authors, Philipp Winter, wrote a followup blog post to help clarify what the paper's findings mean for Tor users, including this clarification: "First, it's important to understand that 25 relays in four months isn't a lot. It is ultimately a very small fraction of the Tor network. Also, it doesn't mean that 25 out of 1,000 relays are malicious or misconfigured (we weren't very clear on that in the paper). We have yet to calculate the churn rate of exit relays which is the rate at which relays join and leave the network. 1,000 is really just the approximate number of exit relays at any given point in time. So the actual number of exit relays we ended up testing in four months is certainly higher than that. As a user, that means that you will not see many malicious relays 'in the wild."

benrothke writes "Of the books that author Pete Loshin has written in the past, a number of them are completely comprised of public domain information that he gathered. Titles such as Big book of Border Gateway Protocol (BGP) RFCs, Big Book of IPsec RFCs, Big Book of Lightweight Directory Access Protocol (LDAP) RFCs, and others, are simply bound copies of publicly available information. In two of his latest books, Practical Anonymity: Hiding in Plain Sight Online and Simple Steps to Data Encryption: A Practical Guide to Secure Computing, Loshin doesn't do the wholesale cut and paste like he did from the RFC books, but on the other side, doesn't offer much added information than the reader can get online." Read below for the rest of Ben's review. Simple Steps to Data Encryption: A Practical Guide to Secure Computing/ Practical Anonymity: Hiding in Plain Sight Online author Pete Loshin pages 86/ 128 publisher Syngress rating 1/10 reviewer Ben Rothke ISBN 978-0124114838/ 978-0124104044 summary Avoid these books. Use the free and better online documentation references The software tools detailed in the books are open source tools; and the open source community has done a fantastic job of not only making the software free, but creating documentation that is also free and rivals commercial technical guides.

Practical Anonymity is basically an overview of the basics of Tor. The truth is that all that it takes to use Tor is to download it and then click on Start Tor Browser. For those that want to read the manuals, the Tor documentation repository has detailed information that includes everything a user needs to know about using the product. The Tor site has numerous manuals, FAQ's and more. There is likely enough information there for about 98% of Tor and potential Tor users.

At 130 pages, the book is useful for those that want a hard copy to read on a bus or plane and for whatever reason, don't want to print out the references from the Tor site. Loshin does a decent job of presenting the topic, including why Tor is important, and who it could most benefit.

Tor was first released in 2002. But since it became known that the NSA was viewing data, Tor usage has doubled, as detailed in a recent Washington Post article.

One of the main drawbacks of Tor, as the book notes in chapter 2 (and also detailed in the Tor FAQ) is that Tor is slow; really slow. The FAQ notes that here are many reasons why the Tor network is currently slow. It is first off important to know that Tor is never going to be extremely fast. All Tor traffic is bouncing through volunteers computers in various parts of the world, and bottlenecks and network latency will always be present. The current Tor network is small compared to the number of people trying to use it, and Tor cant always handle file-sharing traffic load.

The book also spends a large amount of space detailing Tails, which is a Linux distro that can booted as a CD or on a USB. The benefit of Tails is that no trace of it will be left on the host it was run off of.

Like Tor, the Tails documentation repository has a large set of documents and FAQs covering all areas of the product. For those on a budget, this site has everything that they need to know about using Tails.

Practical Anonymity: Hiding in Plain Sight Online is a decent start for those who want to be more anonymous. It is far from a comprehensive guide, as using Tor is just the beginning to start being anonymous, but far from the only resource or method.

In Simple Steps to Data Encryption: A Practical Guide to Secure Computing, Loshin attempts to provide an overview of why you need encryption, and how to use it. The book barely succeeds at doing that, but there are certainly other titles that do it either more articulately or at least without charging for it. In addition, the book seems like it was rushed to print, and could have used a better technical editor.

In fact, the book starts with an overview of how to use GnuPG (Gnu Privacy Guard). And like Tor, there are numerous free references at the GnuPG documentation site that provide many useful references.

At $60 for the pair, the books provide little added value to the free online documentation. For those that want a bound hard copy of a book, these two titles may suit them. For other who want to save trees and their money, and get the same and improved information direct from the source, the respective documentation sites are but a click away.

Reviewed by Ben Rothke

You can purchase Simple Steps to Data Encryption: A Practical Guide to Secure Computing and Practical Anonymity: Hiding in Plain Sight Online from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "Of the books that author Pete Loshin has written in the past, a number of them are completely comprised of public domain information that he gathered. Titles such as Big book of Border Gateway Protocol (BGP) RFCs, Big Book of IPsec RFCs, Big Book of Lightweight Directory Access Protocol (LDAP) RFCs, and others, are simply bound copies of publicly available information. In two of his latest books, Practical Anonymity: Hiding in Plain Sight Online and Simple Steps to Data Encryption: A Practical Guide to Secure Computing, Loshin doesn't do the wholesale cut and paste like he did from the RFC books, but on the other side, doesn't offer much added information than the reader can get online." Read below for the rest of Ben's review. Simple Steps to Data Encryption: A Practical Guide to Secure Computing/ Practical Anonymity: Hiding in Plain Sight Online author Pete Loshin pages 86/ 128 publisher Syngress rating 1/10 reviewer Ben Rothke ISBN 978-0124114838/ 978-0124104044 summary Avoid these books. Use the free and better online documentation references The software tools detailed in the books are open source tools; and the open source community has done a fantastic job of not only making the software free, but creating documentation that is also free and rivals commercial technical guides.

Practical Anonymity is basically an overview of the basics of Tor. The truth is that all that it takes to use Tor is to download it and then click on Start Tor Browser. For those that want to read the manuals, the Tor documentation repository has detailed information that includes everything a user needs to know about using the product. The Tor site has numerous manuals, FAQ's and more. There is likely enough information there for about 98% of Tor and potential Tor users.

At 130 pages, the book is useful for those that want a hard copy to read on a bus or plane and for whatever reason, don't want to print out the references from the Tor site. Loshin does a decent job of presenting the topic, including why Tor is important, and who it could most benefit.

Tor was first released in 2002. But since it became known that the NSA was viewing data, Tor usage has doubled, as detailed in a recent Washington Post article.

One of the main drawbacks of Tor, as the book notes in chapter 2 (and also detailed in the Tor FAQ) is that Tor is slow; really slow. The FAQ notes that here are many reasons why the Tor network is currently slow. It is first off important to know that Tor is never going to be extremely fast. All Tor traffic is bouncing through volunteers computers in various parts of the world, and bottlenecks and network latency will always be present. The current Tor network is small compared to the number of people trying to use it, and Tor cant always handle file-sharing traffic load.

The book also spends a large amount of space detailing Tails, which is a Linux distro that can booted as a CD or on a USB. The benefit of Tails is that no trace of it will be left on the host it was run off of.

Like Tor, the Tails documentation repository has a large set of documents and FAQs covering all areas of the product. For those on a budget, this site has everything that they need to know about using Tails.

Practical Anonymity: Hiding in Plain Sight Online is a decent start for those who want to be more anonymous. It is far from a comprehensive guide, as using Tor is just the beginning to start being anonymous, but far from the only resource or method.

In Simple Steps to Data Encryption: A Practical Guide to Secure Computing, Loshin attempts to provide an overview of why you need encryption, and how to use it. The book barely succeeds at doing that, but there are certainly other titles that do it either more articulately or at least without charging for it. In addition, the book seems like it was rushed to print, and could have used a better technical editor.

In fact, the book starts with an overview of how to use GnuPG (Gnu Privacy Guard). And like Tor, there are numerous free references at the GnuPG documentation site that provide many useful references.

At $60 for the pair, the books provide little added value to the free online documentation. For those that want a bound hard copy of a book, these two titles may suit them. For other who want to save trees and their money, and get the same and improved information direct from the source, the respective documentation sites are but a click away.

Reviewed by Ben Rothke

You can purchase Simple Steps to Data Encryption: A Practical Guide to Secure Computing and Practical Anonymity: Hiding in Plain Sight Online from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "Of the books that author Pete Loshin has written in the past, a number of them are completely comprised of public domain information that he gathered. Titles such as Big book of Border Gateway Protocol (BGP) RFCs, Big Book of IPsec RFCs, Big Book of Lightweight Directory Access Protocol (LDAP) RFCs, and others, are simply bound copies of publicly available information. In two of his latest books, Practical Anonymity: Hiding in Plain Sight Online and Simple Steps to Data Encryption: A Practical Guide to Secure Computing, Loshin doesn't do the wholesale cut and paste like he did from the RFC books, but on the other side, doesn't offer much added information than the reader can get online." Read below for the rest of Ben's review. Simple Steps to Data Encryption: A Practical Guide to Secure Computing/ Practical Anonymity: Hiding in Plain Sight Online author Pete Loshin pages 86/ 128 publisher Syngress rating 1/10 reviewer Ben Rothke ISBN 978-0124114838/ 978-0124104044 summary Avoid these books. Use the free and better online documentation references The software tools detailed in the books are open source tools; and the open source community has done a fantastic job of not only making the software free, but creating documentation that is also free and rivals commercial technical guides.

Practical Anonymity is basically an overview of the basics of Tor. The truth is that all that it takes to use Tor is to download it and then click on Start Tor Browser. For those that want to read the manuals, the Tor documentation repository has detailed information that includes everything a user needs to know about using the product. The Tor site has numerous manuals, FAQ's and more. There is likely enough information there for about 98% of Tor and potential Tor users.

At 130 pages, the book is useful for those that want a hard copy to read on a bus or plane and for whatever reason, don't want to print out the references from the Tor site. Loshin does a decent job of presenting the topic, including why Tor is important, and who it could most benefit.

Tor was first released in 2002. But since it became known that the NSA was viewing data, Tor usage has doubled, as detailed in a recent Washington Post article.

One of the main drawbacks of Tor, as the book notes in chapter 2 (and also detailed in the Tor FAQ) is that Tor is slow; really slow. The FAQ notes that here are many reasons why the Tor network is currently slow. It is first off important to know that Tor is never going to be extremely fast. All Tor traffic is bouncing through volunteers computers in various parts of the world, and bottlenecks and network latency will always be present. The current Tor network is small compared to the number of people trying to use it, and Tor cant always handle file-sharing traffic load.

The book also spends a large amount of space detailing Tails, which is a Linux distro that can booted as a CD or on a USB. The benefit of Tails is that no trace of it will be left on the host it was run off of.

Like Tor, the Tails documentation repository has a large set of documents and FAQs covering all areas of the product. For those on a budget, this site has everything that they need to know about using Tails.

Practical Anonymity: Hiding in Plain Sight Online is a decent start for those who want to be more anonymous. It is far from a comprehensive guide, as using Tor is just the beginning to start being anonymous, but far from the only resource or method.

In Simple Steps to Data Encryption: A Practical Guide to Secure Computing, Loshin attempts to provide an overview of why you need encryption, and how to use it. The book barely succeeds at doing that, but there are certainly other titles that do it either more articulately or at least without charging for it. In addition, the book seems like it was rushed to print, and could have used a better technical editor.

In fact, the book starts with an overview of how to use GnuPG (Gnu Privacy Guard). And like Tor, there are numerous free references at the GnuPG documentation site that provide many useful references.

At $60 for the pair, the books provide little added value to the free online documentation. For those that want a bound hard copy of a book, these two titles may suit them. For other who want to save trees and their money, and get the same and improved information direct from the source, the respective documentation sites are but a click away.

Reviewed by Ben Rothke

You can purchase Simple Steps to Data Encryption: A Practical Guide to Secure Computing and Practical Anonymity: Hiding in Plain Sight Online from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page.

hypnosec writes "A cyber defense and IT security company has claimed that the reason behind recent surge in number of clients connecting to Tor is in fact a relatively unknown botnet and not NSA or genuine adoption of Tor. In late August there was a huge increase in Tor network traffic and number of clients connecting to the Tor network. As of this writing number of connections has quadrupled with over 2,500,000 clients connecting to the network. According to Fox-it, the surge in traffic is because of a botnet dubbed 'Mevade.A,' which is known to have Tor connectivity features. The company noted that the botnet may have links to a previously detected botnet dubbed 'Sefnit,' which also featured Tor connectivity. Fox-it claimed that they have found "references that the malware is internally known as SBC to its operators.""

hypnosec writes that the Tor network has witnessed a massive rise in the number of users connecting to it for the month of August. "The privacy-enhancing network is known for providing an anonymous browsing experience through the use of a series of encrypted relays, and has had as many as 500k users throughout this year so far. But if we check the latest statistics available through Tor Metrics Portal there has been a whopping 100 percent increase in the number of Tor clients and as many as 1,200,000 users are connecting to the network. The previous peak for the network was in January 2012, when it saw as many as 950,000 users."

Slashdot contributor Bennett Haselton writes with "a response to some of the objections raised to my last article, about a design for a distributed social networking protocol, which would allow for decentralized (and censorship-resistant) hosting of social networking accounts, while supporting all of the same features as sites like Facebook." Social networking is no longer new; whether you consider it to have started with online communities in the mid-90s or with the beginnings of sites many people still use today. As its popularity has surged, it has grown in limited ways; modern social networks have made communication between users easier, but they've also made users easier to market to advertisers as well. There's no question that the future of social networking holds more changes that can both help and harm users — perhaps something like what Bennett suggests could serve to mitigate that harm. Read on for the rest of his thoughts.

In an article last month, I argued that users would be better served by a centralized social networking system where users could store profiles on a server of their choice, rather than a centralized system like Facebook that stores everyone's accounts for them. My main point was that if you could switch your account easily between different hosting providers (preferably if the protocol allowed you to link your account to a domain name that you own, the way that website owners can easily switch from one hosting company to another if they own their own domain name), then it would be much harder to censor content in a distributed system. If a hosting provider removed your content or threatened to kick you off unless you removed it yourself, you could just migrate your profile to a new hosting provider, and all of your existing links to friends/groups/events would continue to work.

Many commenters raised objections, some of which I think can be countered fairly simply, and others that raise more complicated issues. I usually don't do follow-up articles addressing all of the objections to a previous article (unless I'm running a contest asking people to submit the best arguments against an idea of mine), but I think the migration to an open social networking protocol is such an important long-term goal, that I want to give voice to the objections and present what I think is the best counter-argument against each of them.

The skeptics' questions fell into two categories: (1) Why would anybody ever switch away from Facebook to trying out the new system? and (2) Even if people did switch, would the new distributed system be better? ("Better" both in the short term -- would trial users see enough benefit to get them to keep using it regularly? — and in the long term — would spammers and other attackers be able to undermine it?)

To begin with the question of why anybody would switch: I don't think that most people would switch because they had analyzed the arguments for and against a distributed vs. centralized system. I think the only reason most users would ever try a social networking site other than Facebook, would be because a trendy company like Google launched it and threw their weight behind it. Why else have 400 million people signed up for Google+, almost half as many as are on Facebook? Despite the hype about features like "circles", I think it's safe to say that most of people jumped on board because Google launched it and gave it a big push, and Google is cool. (As one commenter "DragonWriter" pointed out, Google had earlier launched or collaborated on some projects for open social networking -- but none of these were ever given the big push that accompanied the release of Google+. So that's probably why we never heard of those other projects, not because of any intrinsic merits of the ideas themselves. To get people using something, Google would have to launch it and promote it — but if Google does do those things, people will sign up.)

So imagine if, at the same time that Google had released Google+, they had also released an open source server package that anybody could use to set up their own Google+ node, completely interoperable with all Google-hosted accounts, and where the user could have complete control over their hosted content. Presumably those 400 million users who signed up with Google+, would have still signed up for this hypothetical "open Google+", since it does everything that the real Google+ does. Some of those users would have taken the option to run their own nodes, if it had been available. And then you'd have additional users who didn't sign up with the real Google+, but who would sign up for an "open Google+" precisely because they would have control over all their own content.

Of course, even if Google+ had been launched as a distributed platform, users would still have the option of signing up for an account hosted on Google's servers, and indeed that would probably be the default choice for most people. (This answers the objection, raised by "0racle", "Havenwar", and others, that it would be "too complicated" for users to sign up for such a service. Certainly most users would not be expected to host and maintain their own nodes in the distributed system. Most of them would just sign up for an account with the largest node, like Google+.)

So that answers the question of how to get people to try it out. The continued relative obscurity of the Diaspora Project — the largest existing open social networking system — does not mean that the idea itself doesn't have merit, or that users wouldn't sign up for such a system if it were launched and promoted by a big company. The second challenge would be to get people to stay, something that users apparently did not do after trying out Google+.

Which brings us to the next set of objections, most of which asked: Would the new distributed system really be better than a centralized one? A big enough improvement to get people to keep using it, and to withstand attacks by spammers and other abusers? In this category of objections, there are some that I think can be answered easily, and some that are hard. So, the easy ones first.

A few users ("Havenwar", "tonywestonuk", and others) said that a distributed protocol would be inferior without integrated support for games or payments. But there's no reason a distributed protocol couldn't include support for other games or other types of apps to be built on top of it. An app could be installed to your profile and, using an API supported by the networking protocol, could send data over the Internet to your friend's profile on another server, if they had the same app installed, allowing you to make "moves" in a game you were playing against your friend. And you could specify which, if any, of your data you wanted the app to have access to. Similarly, if a developer wanted to charge money to users for installing an application, they could just give users a link to a third-party payment system like Paypal where the users would pay in order to download or activate the app. (Yes, people could download pirated versions of the app from BitTorrent sites and install them to their own server for free, but that's a problem for anyone selling commercial software.)

Other users (such as "History's Coming To" and one Anonymous Coward) said that the system I've described was essentially the same as the Web or the blogosphere (perhaps focusing on how I described the "news feed" aspect of a distributed system, which would pull in updates from all of your friends, much like Facebook's news feed does today). I disagree for two reasons: (1) it's much easier to sign up for a social networking account than it is to set up your own website or your own blog, so the proportion of high school students who have their own Facebook is much higher than the proportion that ever had their own Web page; and (2) the Web and the blogosphere do not allow for the creation of objects such as "groups" that you can join and send group messages to, or "events" where you can set a date and a time and invite friends and send messages to all of the invitees, or "games" that allow you to connect your profile with those of your friends and exchange data with them in an application-specific manner. These are all features I would hope to see in an open social networking protocol (although I could live without games).

Now for the harder objections. User "Requiem18th" pointed out that in a distributed system, if you chose to share anything only with your friends (who could access it through their profiles on their own servers), then an attacker could steal the data by attacking the least secure of any of your friends' servers. Even worse, if you'd chosen to share data with "friends of friends", then the attacker could get it by attacking the least secure of the servers of all of your friends-of-friends. True, but generally if I've shared something with all of my friends on Facebook (and even more so if I've shared it with all of my friends-of-friends), I consider that data to have been "compromised" in a certain sense already. If I had shared anything that I wanted to keep private, I'd be far more concerned about one of my so-called "friends" intentionally sharing it beyond the intended audience, than about their account being hacked. We know from hacks of people's email accounts that when attackers gain control of someone's account, they generally don't go through looking for private information, they just spam all of that person's friends with some Viagra ads and then move on.

Some users might have only a limited circle of friends on this distributed-social-networking system, and would share only very private information with them, and in that case their privacy concerns would be more serious. But users who were being that cautious, could set extra privacy on their accounts so that non-friends cannot see who is in their friends list. That would make it impossible for an attacker to spider their list of friends and then try to attack the friends with the least secure servers.

What about spam, fake accounts, and unwanted porn showing up in your news feed? A few commenters ("jeffmeden", "Havenwar", and another Anonymous Coward) said that there's a good reason, after all, that Facebook removes some content and terminates some people's accounts. Impersonation is an interesting problem in this context. There would be no technical barrier to stop someone from creating an account pretending to be someone else. If the impostor hosted the account on their own server, then they would get caught if the police got involved (or their upstream provider might cut them off if someone complained). But the impostor could also just try out many different profile hosting companies on the web, and create the impostor account with the hosting company that seemed to be the most lax about responding to abuse reports. If they use an anonymizing service like Tor to create and log in to the fake account, there's no evidence trail leading back to them at all.

Let me first point out, though, that the same is true for email -- I can create a Hotmail or Gmail account claiming to be anyone I want, and write to friends of that person hoping that they won't notice the message coming from a new email address. In fact, it would be easier to get away with this trick in email, because if I want to pretend to be Alice and send a message to Bob, all I have to do is create an account with Alice's first and last name, and send Bob a message hoping he doesn't notice that it's not coming from Alice's usual email address. If I wanted to do the same thing on an open social networking protocol, on the other hand, I would have to create my fake Alice account and then send a message or a request to "Bob". If Bob is already friends with the real Alice, he'll think it strange that he's getting a request from another "Alice" account, or a message from a user identifying as "Alice" but where the message is flagged as not coming from someone already in his friends list. Plus, once you have a friend relationship with the fake Alice, if your friends list is public, other users may notice the new "Alice" account and warn you about them. (With email, by contrast, no one else would ever see that you're in a thread with a fake "Alice" account, and wouldn't have a chance to warn you.)

So for all of these reasons, I would think that impersonation would be a bigger threat in email than it would be in an open social networking protocol. And yet, I never even heard of any of my friends being taken in by someone impersonating one of their acquaintances by email. However much it was ever happening in the world, it certainly wasn't enough for people to propose moving email to a centralized system where everyone used the same server and rogue accounts could be shut down.

What about spam from strangers? (A good deal of the spam would be porn, so I'm considering the "porn" objection to be a subset of this. If you're seeing porn in your feed because you opted in to see it, that's a feature, not a bug!) The mechanism of the "spam" would depend on whether the open protocol would allow non-friends to send you messages. On Facebook, if you send a message to a non-friend, it gets routed not to your Inbox but to a folder labeled "Other", where it's far less likely to be seen. (The Facebook interface and phone app won't notify that user that they have a new message in that case.) The only type of Facebook communication that you can send to a non-friend that Facebook will actually notify them of, is a friend request. Now, if our new open protocol allows for messages from non-friends to be delivered to your "Inbox", then spammers would indeed probably bombard users with spam. On the other hand, if the only communication we allow from non-friends is friend requests, then the spam would come in the form of the friend requests themselves (many guys would probably accept a friend request from a hot girl, even if the social networking protocol dutifully warned them that they had no friends in common). Even if you were smart enough to realize that most "friend requests" from unknown hot women were fake, they could still clog up your friend request queue and make you more likely to miss requests from real users.

The simplest solution would seem to be that if Bob starts getting too many spam requests, he can turn on a feature that requires other users to complete a CAPTCHA before being able to send Bob a friend request. (And users would also have to complete a CAPTCHA to send Bob a message if they weren't already in his friends list.) After enabling the CAPTCHA feature, all of Bob's existing friend relationships would remain in place, but the CAPTCHA barrier would stop spammers from clogging up his inbound friend request queue. With the CAPTCHA barrier in place, we could even allow non-friends to send Bob a message without it being dumped into his "Other" folder.

What if Bob's account gets hacked and his account starts spamming his friends, where the messages would not be stopped by any CAPTCHA barrier because Bob is already friends with all of those users? Much as people's existing Hotmail and Gmail accounts often get hacked, and the perpetrator immediately spams everyone in that person's address book — and that type of spam often gets through spam filters, because it's coming from someone that you've corresponded with, from a server that you generally trust. Of course those spams are annoying, but they haven't gotten to the point of making email unusable. And if a user in this distributed social system has hundreds of thousands of friends or "fans" — so that someone who hacked their account would be able to reach a large audience — then presumably they would be able to afford the security measures to keep their accounts safe. Much in the same way that many websites and blogs get hacked every day, but if you run a blog or a website that reaches millions of people, it behooves you to use tighter security measures than the average webmaster, and most people in that position can afford to do so. Nobody thinks that Web and email are unusable (or should be moved to a centralized system) just because websites and email accounts get hacked.

In sum, I don't think of the objections raised are fatal to the whole concept, although some of the objections made me think of improvements to the original idea (e.g. an API to build games and apps that could communicate over the Internet with other installations of the same app, or the use of CAPTCHAs to stop spam). The real barrier, as I've said all along, is that nobody would join in the first place, unless the project was launched by a company so popular that they could get new users to sign up just by announcing it. So there's not much that I, or anybody else outside of those behemoth companies, can do except to sit back and wait for someone like Google to try it. All we can do is lay out the case for why, if they did, it would change everything. Not to mention, if they made their own servers the largest node for hosting free ad-supported accounts under this open social networking protocol, it would make them a lot of money at the same time.

An anonymous reader writes "N+1 has an interview with Jacob Appelbaum (who is part of the Tor project) titled 'Leave Your Cellphone at Home.'" Jacob has a lot to say about privacy, data security, and surveillance. He ought to know. Among other things, he's had his email seized, been relieved of his phone, been the subject of a National Security Letter (video) and generally had his travel disrupted.