Slashdot Mirror
Tor Is Building an Anonymous Instant Messenger
An anonymous reader writes in with news about a new anonymous instant messenger client on the way from Tor. "Forget the $16 billion romance between Facebook and WhatsApp. There's a new messaging tool worth watching. Tor, the team behind the world's leading online anonymity service, is developing a new anonymous instant messenger client, according to documents produced at the Tor 2014 Winter Developers Meeting in Reykjavik, Iceland."
Now I'll be able to communicate with some random, anonymous Internet person.
Slashdot is doomed.
"National Security is the chief cause of national insecurity." - Celine's First Law
Tor? The 'dark net' who's largest nodes are run by the NSA doing traffic analysis? That Tor?
The one that brought down silkroad?
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
Now, stick end-to-end encryption with OTR authentication and that's it. Truly secure communications!
As seen spammed in every other story posted today...
http://en.wikipedia.org/wiki/Dorsai!
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
Leave it on Deborah's desk?
Got any barbecue sauce?
Did Ian Clarke's similar project Tahrir ever make it out of the planning stages?
IM services were set up in conjunction with Intelligence agencies as a specific way to gather communication with the least amount of effort. Did you know EVERY IM service commonly in use requires your text messages to pass through their servers, before they reach the recipient? Now why do you think that is? Today, the 'excuse' given to the sheeple is so that your text can be data-mined for targeted advertising, but this excuse was thought up many many years after IM services first became commonplace.
The real question, however, is why every user effectively engaged in P2P communication (like webchat, IM, or Skype), allows a man-in-the-middle attack to collect and process their personal data, when the ONLY useful aspect of the service is connecting the users together in the first place.
Internet users have been GROOMED to conflate 'directory' and 'connection' services with the method used to handle and move the data from user to user, and yet their is no possible logical reason why, once connected, fully end-point encrypted P2P techniques cannot be used to make the user data fully private to the communicating parties alone.
So, why haven't services appeared on the Internet that focus purely on allowing users to 'find' one another, but then expect client-side applications with encryption to handle the actually communication, P2P? TOR is no answer. Most sane Humans across the world won't touch TOR with a barge-pole, because their law enforcement automatically assumes anyone using TOR is a suspect for very serious investigation.
Deborah's still angry over the fish you left in her pencil sharpener last week.
Try Katherine this time. . She's always a good sport
Will need that too, to compete. Plus a useful directory.. And most average people want to talk to people they know, sort of blows staying anonymous on a large scale.
---- Booth was a patriot ----
Is this to replace Facebook's?
== Jez ==
Do you miss Firefox? Try Pale Moon.
Tor users are being attacked by government agencies and those whom haven't followed the advice of the project are becoming victims of there own stupidity. It has nothing to do with Tor having backdoors in it. Neither the Tor Browser Bundle nor Tails were vulnerable to the attacks by governments agents for users who maintained there system and updated daily.
Now the freedom hosting bust may have been different. I don't think we know in regards to that bust how the guy in charge of freedom hosting got caught. What we do know in the case of freedom hosting is they were able to gain access to freedom hosting's servers and infect them with malicious code that targeted a vulnerability in firefox. That vulnerability was patched in the Tor browser bundle and the only reason some end-users of these hidden services may have been caught up in that is because they failed to follow the directions. They failed to maintain there security updates and specifically the Tor Browser Bundle. The most critical component.
More appropriately, some random, anonymous Internet entity will be able to communicate with you. Of course, the NSA will know who that entity is, so they are really only keeping their identity secret from you. Pretty much like all that spam email that you receive now.
I'm an American. I love this country and the freedoms that we used to have.
Okay, first off, the nature of instant messaging is such that you can't truly have an anonymous system. After all, while "the network" may not know Alice, Bob, and Carole, the three of them must know each other and be able to distinguish between them...otherwise you've simply got ChatRoulette and the purpose of IM is largely moot.
Retroshare provides fully decentralized IM, pseudo-email, and file transfers. It's a wonderful tool in this regard. It solves the problem of $IM_SERVICE keeping a record of your chats, because there isn't one. It solves the problem of packet sniffing, because it's all PGP based and thus there is no such thing as an unencrypted packet that enters or leaves the software. It solves the problem of needing a server, because everyone is a peer. All of the things that this Tor program seems to solve, has already been solved, and then some. "Well then,why doesn't everyone use it?" Well, the nature of Retroshare makes it difficult to gain critical mass. You have to understand, at some level, how PGP works - instead of a 'friend request' with that person's actual name, you get to share public keys to 'add' them. This is fine and dandy, but opens up a few new problems. First, even cutting-and-pasting something the size of a PGP key and then reciprocating it to the other person is going to cause the eyes of most people to glaze over. Second, you'll need to exchange keys somehow; if you're e-mailing keys back and forth, most people would say "...so just e-mail the damn message". This is where the file sharing half comes into play, since users can trade files directly without having to do much else. However, with Dropbox/Gdrive/1Drive/etc making transfers stupid simple, the practical application for Retroshare in the eyes of Facebook Chat and Whatsapp users starts to wane significantly when put up against "use an already-functional communication medium to do a PGP exchange that will facilitate another communication medium." Bonus points for Retroshare being a smidge petulant when it comes to port forwarding, and not having a mobile version for any platform.
Conversely, we have IRC. it's ancient, and the UI of mIRC doesn't jive well with the Instagram crowd, but anyone with some semblance of tech skills can run an IRC server. Set that up with SSL and your communications are encrypted, with nothing more than a generic handle to identify you with. The problem is that you'll need someone who can set up such a protected server, and by definition, you have a single point of failure. IRC's other failure (which may apply to Retroshare as well) vs Tor is that IRC does involve IP addresses, so you'll still need a proxy of some kind (or Tor itself) to obfuscate that little nugget.
Tor routing communications through other users as a part of the protocol is the one problem it solves. Secure transmission of text-based messages has been solved pretty well already, "Anonymous IM" is an oxymoron based on the fact that IM in itself usually assumes a prior relationship of some kind between the two parties, and even if it didn't, each user will need *some* sort of unique identifier to ensure that Alice gets messages meant for her, Bob gets his, and Carole gets hers.
TOR not only attract the watchers with black helicopters and black vans, it's said to be vulnerable to timing attacks esp. by those same entities with extremely large means. So why isn't this news about anonymous IM on a garlic routing network or something?, either switch to a new network or upgrade TOR and call it TOR 2.0 or TOR 1.1 or something but please, something has to be done.
You're friends with some dude and some dude. Some dude's pretty cool, but some dude keeps posting goats.cx pictures on your news page. You keep trying to unfriend him, but you keep accidentally unfriending some dude instead. Some dude offered to sell you weed but when you tried to take him up on it and asked him where to send your money, he accused you of being a cop and unfriended you. You put up with it because it's still less annoying than Facebook.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
This has been a troll message in the other article threads for some time. Verbatim. Even thinking about it for a second, "anonymous instant messenger" is ridiculous.
That's like saying that there's no such thing as privacy. After all, the government could break into your house and install surveillance equipment!
But the reality is, the mere fact that someone with enough resources could find out your name doesn't mean that anonymity doesn't exist all. You can make it fairly difficult by not giving away a bunch of your information.
the CIA runs Tor
Anonymity on the Internet is an illusion.
This is similar to vole:
http://vole.cc/
https://github.com/vole/vole
Its called I2P-Bote, a messaging system based on DHT. Its a part of I2P which is included in the TAILS distro along with Tor.
Once the I2P bittorrent clients experimented with DHT and succeeded, some people figured they could pull off a messenger that was truly decentralized.
And speaking of decentralization, Tor's underlying protocol and topology may not have enough of it to remain viable for too long. OTOH, I2P users contribute to routing bandwidth by default, and nodes recognize each others' contribution to bandwidth... Its a general-purpose P2P networking protocol for real.
More than anywhere else, this is not a problem geeks alone can solve. The perfect chat client is worthless if none of your friends use it. WhatsApp was huge because everyone used it - network effect.
So Tor - yes, definitely a good step. But you need a good client, ease-of-use is as important as cryptography, and details such as automatically finding your friends who also use it. Threema has a nice solution for that with their hashed address books.
So please look beyond the backend code.
Assorted stuff I do sometimes: Lemuria.org
You want security at the expense of usability? build layers!
A single system can be hacked, a single OS has bugs, a single app has backdoors, a single protocol has explots etc etc
Use LESS popular services in combination with layers of security. For instance; You can use the Tor Network to SSH into a proxy to tunnel chat with pidgin & OTR plugin. If you're even more paranoid assume your OS is already hacked, use some exotic image like Qubes, create temporary destructible VMs to carry information...there are options and many of them make basic functionality a nightmare.
If you really care that much about having your idle chitchat being "secure" you can always assume everything is being listened to. Good old fashion message encryption is probably much better than a special app.
I am quite happy there's more focus on security but let's be serious here, Tor is a target for snoops. they will find a way in because they already proved they can.
A 'singular oddity' is an event that cannot be explained and only happens when you are alone.
know how to use punctuation anymore?
Honestly, unless you build it yourself, how do you know it's doing what it says it's doing? The client is on iOS or Android? Wasn't there a story this week about about a key logging exploit for iOS? It may not matter that it's secure if there's a better attack vector on a device. Personally, I would never take a claim for security seriously, you're better off using whatever flawed IM service is out there already and just treat every message as a public broadcast.
Bitmessage already does this.
never had much of an instant experience with Tor
It would be better to call it "not traceable".
Here the meaning of "anonymous" being that NSA can't tie an actual identity to the peers of a chat (by using the already well tested Tor network), and that they can't eavesdrop into the conversation (by using the already well tested OTR standard).
i.e.: Bob1983 and Alice_696969 happily chat to each other about how much they dislike the current political situation in Kiev or brainstrom about better methods to circumvent the Chinese Great Firewall.
They might know each other on-line since a while, enough to trust each other to talk about such objects freely (they might or might not have already met in real life but at least they are not completely anonymous to each other. At minimum they are pseudonymous. That's important because the "socialist millionaire" protocol to weed out man in the middle attacks requires them to know each other at least a bit)
Thanks to Tor, none of the concerned government (or any of they allies) will be able to know if one of those holding these subversive discussion is actually a citizen inside the country.
Thanks to OTR, nobody beside the two chatter will be able to actually know the content of the chat.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Tor isn't the NSA.
But some Tor nodes have six figure monthly bandwidth bills, and the feds have used traffic analysis to bust some Tor users.
Nobody can prove the Tor nodes are operated by the NSA, but the NSA would need such nodes to do the traffic analysis they have been doing.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
It's also possible that those pieces of evidence were discovered _after_ some other, illegal methods were used.
Except that, in this case it wouldn't have required any *illegal* method (1) (2).
It would have required method which go against anything that is currently known in cryptography.
The cryptographic methods which form the basis of Tor are sound and unbroken as of yet.
Tor is sufficiently well designed to avoid bugs and exploits that might lead to leaks (Side-channels, etc.)
To actual crack Tor open, you need to beat modern cryptography.
And the NSA doesn't have a monopoly on brains, and modern research is (as always) standing on the shoulder of giant.
Public academic research has brains involved, and has access to previous research, just like the NSA.
Chance are, if researcher at the NSA find a way to break open modern cryptography, research in universities will end up discovering the same findings on their own too. If nobody in the academic field is suspecting any danger on modern cryptography, chance are that the NSA can't find way around it neither.
(That's why the Snowden revelations, although suprising for the general population, wheren't that much a surprise for the specialist in that fields: it's merely a confirmation for methods which were suspected for a while).
Traffic analysis can't help you to beat Tor, simply due to the latency of the network and the wide usage:
So okay, you want to monitor entry and exit nodes to match them. You got a positive hit on an exit node connecting to a known "enemy location" (an anti-government website), what next? Well, any of the entry node (not only those you're watching, but the other too) could have initiated the request, and that request hasn't been issued right now, but somewhen in the past, over a period corresponding of the typical latencies you see on Tor network.
So you need to be lucky that the entry node was one you're watching.
And you have to correlate your hit with *ALL THE TRAFFIC* from *ALL THE NODES YOU'RE WATCHING* over a *LONG DELAY IN THE PAST* (instead of exactly the same time). That's a metric fuck ton of data. Your important match is lost in a sea of noise. The 1 single contact to a subversive site is just lost under a sea of avarage users surfing porn and simply using Tor for the added anonymity and to circumvent restrictions.
You can't make a correlation, because there are simply too many orders of magnitude difference between the signal and all the noise to be able to make any significant and relevant statistics. Traffic Analysis can't help you get Tor down.
Until now, all attacks against Tor haven't been against its cryptographic basis, nor have been against its complex network. The attacks have been against stupid mistakes and blunders, like vulnerabilities inside the browser used to surf on tor (for exemple, an older unpatched firefox was used by some)
So intelligence services are able sometime to get some info out. But this isn't because of Tor itself (Tor didn't bring down Silk Road). It isn't because of Traffic Analysis either. It's because some users used an unpatched browser and got hacked, just like any other common driver-by attack.
Tor network can be trusted to keep secrets. Buggy software can't.
----
(1): Well except under weird legislation, where DCMA do apply and where breaking any form of encryption is illegal. So in the case of Silk Raod and USA, such methods might indeed have been illegal.
(2): "Illegal". Well mostly because you want to keep the first lead *secret* (either because it's illegal, or because it's a state secret). You know X is guilty, but you can't build a case because the method is illegal. So you keep watching the known guilty X, until he does other mistakes that reveal him and use these to build the legal case.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Where is a more recent credible assessment of adversary capabilities specifically to the TOR network?
The fact that NSA dosn't have a monopoly on brains. The fact that research is done by advancing previous research (and rarely appearing out of the blue), and universities have access to the same historical previous research that secret researcher hidden in the NSA do.
And despite this, none of the academics working on it has been able to demonstrate any actual failure of principles behind Tor.
There *is* a prestige incentive to be the first research group to demonstrate an actual good failure. But until now, such papers have been limited to though experiment (if you could monitor nearly every entry and exit node on the network, and suddenly the traffic was very low [all the porn, all the chinese simply using it to communicate outside the great firewall, etc. all suddenly disapeared], then maybe it would be feasible to find some suspects by using traffic analysis. But that's not actually the case in real life. You can thank PORN for that)
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
That's actually their plan:
- Use Tor for network anonymity
- Use OTR for content protection.
And they also have a 3rd step:
- Use the open source InstantBird. It's opensource so it's possible to make it secure.
(basically, yet another chat system that relies on Pidgin's libPurple. Like Adium and co)
(except that one runs on mozilla's xul, so there some code share with firefox, the other software that is bundled next to tor in their bundle)
And probably (not mentioned yet but likely to happen):
- Deploy some Jabber/XMPP server running as a ".onion" tor-only darknet server.
So people have additional choices next to the classic XMPP (for Google or Facebook) etc.
(Note: as long as you use Tor and OTR, and that you use a separate Google or Facebook identity when chatting, they are perfectly secure enough too. Meaning that they are probably not absolutely secure, but on the other hand, thanks to Tor+OTR, there is no compromising information leaking through them).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
The most obvious attack is control of a majority of the network, and of course correlations attacks which require access to many ISPs.
The *owning* itself might be achievable (and even that is going to be complicated because you need to own significantly more than other governments trying to achieve the same and non-governmental legitimate users)
*BUT* even then extracting any meanfingful data is complicated. The more people use tor for anything else beside what you're targetting, the higher the noise level among which you're searching for signal, and thus the lower significance of anything you might try to analyse.
Beyond some point, your better of using a random generator, that is going to give results as statistically significant as what analysis method give out.
Remember, whenever you use Tor to surf for porn, not only are you protecting a bit your privacy, but even more: you're helping intelligence service drown under too much to be able to analyse Tor.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]