Slashdot Mirror

← Back to Stories (view on slashdot.org)

Group Thinks Anonymity Should Be Baked Into the Internet Itself Using Tor

Posted by samzenpus on from the don't-track-me-bro dept.

Hugh Pickens DOT Com writes "David Talbot writes at MIT Technology review that engineers on the Internet Engineering Task Force (IETF), an informal organization of engineers that changes Internet code and operates by rough consensus, have asked the architects of Tor to consider turning the technology into an Internet standard. If widely adopted, such a standard would make it easy to include the technology in consumer and business products ranging from routers to apps and would allow far more people to browse the Web without being identified by anyone who might be spying on Internet traffic. The IETF is already working to make encryption standard in all web traffic. Stephen Farrell believes that forging Tor into a standard that interoperates with other parts of the Internet could be better than leaving Tor as a separate tool that requires people to take special action to implement. 'I think there are benefits that might flow in both directions,' says Farrell. 'I think other IETF participants could learn useful things about protocol design from the Tor people, who've faced interesting challenges that aren't often seen in practice. And the Tor people might well get interest and involvement from IETF folks who've got a lot of experience with large-scale systems.' Andrew Lewman, executive director of Tor, says the group is considering it. 'We're basically at the stage of 'Do we even want to go on a date together?' It's not clear we are going to do it, but it's worth exploring to see what is involved. It adds legitimacy, it adds validation of all the research we've done.'"

5 of 123 comments (clear)

  1. Re:interesting by Joce640k · · Score: 1, Interesting

    If you can tap into/analyze the internet backbones (as the NSA can) then Tor isn't very anonymous. They can track packets and figure out who's really connected to who even though the packets are relayed.

    I don't know if this can easily be fixed, but now would be the time to do it.

    --
    No sig today...
  2. There comes a time when splits are required. by Anonymous Coward · · Score: 3, Interesting

    How feasible would it be to split the internet right down the middle but share the same lines?

    So on one half you could keep the wild wild west net and on the other all the cry babies and censor-happy types can have their walled wide web.
    Then just onion-up the wild wild west side.

  3. Re:Isn't Tor compromised? by fa2k · · Score: 3, Interesting

    Owning exit nodes is not sufficient to reveal the identity of tor users. Owning a large percentage of relay nodes AND exit nodes could compromise the anonymity, as one could just follow the progression of any data throughout the network. If the traffic volume is small enough to be able to statistically separate the streams from various users, it may be sufficient to surveil relay and exit nodes, instead of actually owning the hardware.

    There are limitations: the exit node can mess with the data at will, in both directions, and this is how the FBI owned the visitors to a pedo site. They injected some HTML (I'm not positive that it was HTML/JS, but one would assume) to make the browsers of the users connect to FBI servers outside of Tor. It was a bug in firefox that allowed this.

    There are two strategies to protect against this,
    1) Encrypt everything; only access SSL sites over Tor. This works in theory because the exit node can no longer mess with the data stream. The only way to reliably use this strategy is to *block* non-SSL traffic. There are so many websites with mixed content, which may pull images and ads from non-SSL streams. Also, NSA may be able to break SSL either by a proper MITM attack (completely hypothetical, no evidence exists) or by owning private keys for some CAs.

    2) Block any non-tor access from the system used to access Tor. This is possible at the network level with extra hardware, VMs and possibly with SELinux. If the browser *cannot* communicate over the standard internet, only Tor, then one is moderately safe. It's still important to configure the browser to not send identifiable information for fingerprinting and tracking cookies.

    By doing 1 and 2 one is quite safe. It may be fine to use a less safe setup for non-secret stuff, like checking facebook, and contributing to flood the tor network with un-interesting traffic. If the "really anonymous" mode required restarting Tor, the NSA would be able to see this from ISP logs, of course.

  4. Re:interesting by UltraZelda64 · · Score: 4, Interesting

    While I do agree with you, an interesting negative to that would be:

    If everyone runs their own Tor exit node, including unknowingly every dumb Windows and Mac user out there, then malware writers (the NSA?) would have a field day writing bad stuff that attacks and takes advantage of a very large number of exit nodes. So which is better: fewer exit nodes but a few known bad ones as it is now, or shitloads of exit nodes where the vast majority cannot be trusted? All it would take is one major outbreak to basically destroy Tor's purpose...

  5. Re:interesting by WaffleMonster · · Score: 4, Interesting

    There is also some evidence from the Snowden leak that standards procedures and committees have been weakened by members acting overtly or secretly on behalf of government agencies. So they should be really cautious about such offers.

    In some ways IETF is almost a joke. "Consensus" building is supposed to be the key to movement yet there is no barrier to entry other than having sufficient number of brain cells to send a message to a mailing list. I have observed several instances of "ballot stuffing" where hoards of random people who very likely know and have contributed nothing at the last moment express support for x. The arbiter of what consensus means is always WG chair(s) who themselves mostly always work for a corporations with skin in the game.

    The IETF process is most successful as a middle ground where there is market incentive to work together. In the case of tor there is no market to speak of to incentivize such behavior.

    And why re-invent the wheel and make something fro scratch? Tor is working well, even too well in the eye of some people ...

    My guess they might start with existing specification and evolve standard based on IETF process.

    An example of this SSL v3 was mostly Netscape's doing while TLS v1 and later were products of the IETF. In this case there were no radical changes between versions and backwards compatibility was retained. There was also huge market incentive for broad compatibility and getting security right.