Tor Is Building the Next Generation Dark Net With Funding From DARPA

← Back to Stories (view on slashdot.org)

Tor Is Building the Next Generation Dark Net With Funding From DARPA

Posted by Soulskill on Monday April 20, 2015 @09:10PM from the seek-and-go-hide dept.

Patrick O'Neill writes: After years of relative neglect, Tor has been able to dedicate increasing time and resources to its hidden services thanks to funding in part by DARPA, as well as an upcoming crowdfunding campaign. DARPA's funding lasts 1-3 years and covers several projects including security and usability upgrades that close the gap between hidden services and the everyday Internet. "Next-generation hidden services may be run from multiple hosts to better deal with denial of service attacks and high traffic in general, a potentially big power boost that further closes the gap between the Dark Net and normal websites. ... Hidden services, which make up about 4 percent of the entire Tor network, have until recently been relatively neglected when it comes to funding and developing."

67 comments

Min score:

Reason:

Sort:

So..... by clark0r · 2015-04-20 21:17 · Score: 2

Services running from multiple hosts... load balancing? Wow, what an achievement.
1. Re:So..... by NotInHere · 2015-04-20 21:26 · Score: 4, Interesting
  
  Yes, This is pretty much press bloat. Improving hidden services has been a long time goal of them, read their blog. This is just a press release that they've got funding, and actually started working on that.
  There are multiple problems with hidden services, for example you can't delegate your domain, meaning that you can't keep a root key containing your master keys offline, and have a VPS or similar server (which you don't trust) run the onion page.
2. Re:So..... by rtb61 · 2015-04-21 05:47 · Score: 2
  
  You can not hide anything on a fibre optic network, photons most definitely are not free. You can of course hides all sorts of stuff in other places, the electrical grid, fresh water supply pipework and digital radio transmissions and of course what ever is left over of the copper phone network. Anything that can conduct an electric signal can conduct all sorts of hidden stuff at varying frequencies.
  Most likely they want to keep on talking to the stuff they have managed to hide in networks all over the world, as well as criminally insert new stuff. The problem is they still feel they own the whole world and demand full spectrum dominance. In the end, it might be their cables that just end up being cut. Fuck with things enough and simply cutting the cable will be the solution everyone reaches for.
  Keep being dicks and the undersea cable will start having accidents all over the place.
  
  --
  Chaos - everything, everywhere, everywhen
3. Re: So..... by vadim_t · 2015-04-21 06:15 · Score: 1
  
  Er. What?
  Darknets have nothing to do with fiber optics
4. Re: So..... by Anonymous Coward · 2015-04-21 07:53 · Score: 0
  
  You can't have a darknet made of light.
5. Re: So..... by Anonymous Coward · 2015-04-21 10:20 · Score: 0
  
  Sure you can you just need to find the darkness in the light.
6. Re:So..... by psyclone · 2015-04-21 10:49 · Score: 1
  
  You have the same key problem with SSL/TLS certificates -- can't use your cert without your private key on the VPS.
7. Re:So..... by NotInHere · 2015-04-21 20:10 · Score: 1
  
  You can however at least limit the time that certificate is valid.
Trus but verify... not by Cornwallis · 2015-04-20 21:20 · Score: 5, Informative

So, the gubmint agency that built the Internet... "owned" by the same gubmint that built NSA wants to build the new TOR to increase privacy?
Sounds trustworthy to me.
1. Re:Trus but verify... not by Xenna · 2015-04-20 21:27 · Score: 2
  
  P'haps they wanna fix it till it's broke...
2. Re:Trus but verify... not by Anonymous Coward · 2015-04-20 22:07 · Score: 5, Interesting
  
  "The government" isn't one big entity. There are a lot of agencies in it and some have very conflicting goals. Even in the NSA itself some will be working on securing everything more so that their government is safe from spying while others will be working on breaking everything more, so that other governments can be spied on.
  And isn't this just really a grant? Its not like darpa controls the implementation, they just point out what they want to be worked on, no?
3. Re:Trus but verify... not by Anonymous Coward · 2015-04-20 22:28 · Score: 5, Interesting
  
  A large chunk of DARPA do not like NSA.
  Hell, a large chunk of NSA don't like NSA either.
  Not everyone agrees with the shit they have been doing to (not) catch criminals.
4. Re:Trus but verify... not by rvw · 2015-04-20 22:53 · Score: 1
  
  "The government" isn't one big entity. There are a lot of agencies in it and some have very conflicting goals. Even in the NSA itself some will be working on securing everything more so that their government is safe from spying while others will be working on breaking everything more, so that other governments can be spied on.
  And isn't this just really a grant? Its not like darpa controls the implementation, they just point out what they want to be worked on, no?
  I suppose the code is open source, and I guess that code will be closely monitored. If they really want secure code, to secure agents abroad or even locally to make sure they cannot be tracked down, this is a good thing for everybody.
5. Re:Trus but verify... not by Anonymous Coward · 2015-04-21 00:39 · Score: 0
  
  Ask NIST what they think of NSA.
6. Re:Trus but verify... not by gatkinso · 2015-04-21 01:21 · Score: 0
  
  Sorry to burst your fantasy bubble, but both DARPA and NSA are components of the Department of Defense.
  
  --
  I am very small, utmostly microscopic.
7. Re:Trus but verify... not by Anonymous Coward · 2015-04-21 01:28 · Score: 0
  
  And the DOD is the sub-ordo of the Illuminati.
  Be afraid, citizen.
8. Re:Trus but verify... not by Anonymous Coward · 2015-04-21 01:39 · Score: 0
  
  DARPA doesn't issue grants like NSF or NIH, it issues contracts. It means a researcher has less (often none) flexibility in the direction of the research. Also it means that DARPA contracts are micromanaged by DARPA.
9. Re:Trus but verify... not by fulldecent · 2015-04-21 01:47 · Score: 4, Informative
  
  Speaking with experience on the receiving side of DARPA contract negotiations.
  DARPA projects are not like kickstarter (BYO vision and get money) or like NIH (have reputation and get money); rather they do require actual competency and demonstrated ability to win them. The projects are managed like real engineering projects, requiring lots of documentation up front, thorough project planning, and plenty of checkpoints. However, aside from this good accountability, they do not exert direction on the projects, prescribe technical solutions or gain direct contact to your engineers for day-to-day operations.
  
  --
  -- I was raised on the command line, bitch
10. Re:Trus but verify... not by michelcolman · 2015-04-21 02:14 · Score: 1
  
  The new Tor network, funded by the government, and with no back doors! Really, we promise!
11. Re:Trus but verify... not by meta-monkey · 2015-04-21 02:15 · Score: 3, Insightful
  
  The truly gifted insight of the Founding Fathers was that pretty much everybody who wants power is sociopath, so they split up the powers of government into different branches, offices, and institutions, all with checks and balances on each other. Essentially saying "maybe regular people can just get on with their lives while the sociopaths over here fight it out with the sociopaths over there." Even different parts of the DoD have different budgets and competing interests, so there's hope.
  That said, what I found truly, pants-crappingly heart-stoppingly terrifying about the Snowden revelations was the reactions of politicians in the aftermath, that they were all basically united. So far off script. If Obama announced he liked ice cream, I'd expect John Boehner to hold an immediate press conference about how evil secret muslim atheist communists like ice cream, and real Americans eat their apple pie no "a la mode" which sounds French, and therefore cowardly. But when that shit came out? No blaming Obama for "stealin' yer freedoms!" from the Repubs, and no "Nuh uh, huh uh Bush did it!" from the Dems. Just lockstep "Everything's fine here! Programs are all legal, and well over-seen! Bipartisan, too!"
  When Obama, and McCain, and Feinstein, and Cheney, all agree on something, be very, very afraid...
  
  --
  We don't have a state-run media we have a media-run state.
12. Re:Trus but verify... not by dave420 · 2015-04-21 02:20 · Score: 1
  
  Which matters naught, as they can still have different, contradictory goals. One department might be hardening the US's equipment, while another seeks to infiltrate similar equipment (as other countries use it). Not too difficult, is it?
13. Re:Trus but verify... not by gweihir · 2015-04-21 02:51 · Score: 1
  
  Indeed. "Has something to do with the NSA" is not a valid way to determine trustworthiness of an organization. And there are even good things that came out of the NSA, like SELinux. The NSA is not a monolithic body and has its internal politics and a large faction that is dedicated to making people on the Internet more secure. That current politics is do afraid of the population that they do not want that does not make that go away, just harder to see.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
14. Re:Trus but verify... not by tlhIngan · 2015-04-21 04:08 · Score: 1
  
  So, the gubmint agency that built the Internet... "owned" by the same gubmint that built NSA wants to build the new TOR to increase privacy?
  Sounds trustworthy to me.
  You missed the fact the government created TOR in the first place... (TOR was created by the US Navy).
  TOR is basically a US government project. Which is why it's funny when everyone says to go use it to protect your privacy. After all, doesn't the NSA run huge farms of exit nodes which can capture a good chunk of traffic?
15. Re:Trus but verify... not by Anonymous Coward · 2015-04-21 04:51 · Score: 0
  
  You didn't actually burst any bubble with that statement. Not sure if you are aware, but there you have it.
16. Re:Trus but verify... not by Anonymous Coward · 2015-04-21 05:09 · Score: 0
  
  Yeah, the same people that are bitching about TOR are fixing it.
  The NSA/US gov shills here will claim that they're not all bad, that there are still good people in the agencies, etc.
  PsyOps is becoming boringly predictable.
17. Re:Trus but verify... not by Anonymous Coward · 2015-04-21 05:23 · Score: 0
  
  NSA isn't about catching criminals. They're a spy agency.
18. Re:Trus but verify... not by lister+king+of+smeg · 2015-04-21 05:35 · Score: 3
  
  The new Tor network, funded by the government, and with no back doors! Really, we promise!
  Tor has always been funded by the government. The part that built Tor wants a secure way to communicate with undercover government operatives and foreign dissidents. the government isn't homogenous with one goal it has competing faction with their own conflicting goals.
  
  --
  ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
19. Re:Trus but verify... not by Anonymous Coward · 2015-04-21 05:51 · Score: 0
  
  Funding always exerts on behaviors and outcomes. Always.
20. Re:Trus but verify... not by SuricouRaven · 2015-04-21 06:44 · Score: 1
  
  One government department is often working in direct opposition to another. This is especially true in the US.
21. Re:Trus but verify... not by ArylAkamov · 2015-04-21 10:03 · Score: 1
  
  The politics between FBI, CIA, DARPA and NSA are fairly interesting. A number of alphabet agencies dislike other alphabet agencies in surprising ways, most people think they are united.
22. Re:Trus but verify... not by Anonymous Coward · 2015-04-22 00:48 · Score: 0
  
  Who did you think built it in the first place?
Freenet by Anonymous Coward · 2015-04-20 21:26 · Score: 1

There is already a darknet which does load balancing and more and it has been out there for a while. It's called Freenet, look it up.
as long as they implement this interface... by tommeke100 · 2015-04-20 21:43 · Score: 0, Flamebait

public void executeRemoteBackdoor( byte[] payload, String magic_DARPA_key);
1. Re:as long as they implement this interface... by Anonymous Coward · 2015-04-20 21:51 · Score: 1
  
  If you just want to complain why don't you fork the code and make a more trust worthy version or pony up the cash to pay someone else to do so?
  I'll take NSA financed bug fixes over unpublished 0-days.
2. Re:as long as they implement this interface... by garlicbready · 2015-04-20 22:22 · Score: 1
  
  I hear the random number generation is one of the new key features
  int darpaRandomNumber()
  {
  return 4; // chosen by fair dice roll. guaranteed to be random.
  }
3. Re:as long as they implement this interface... by LordLimecat · 2015-04-21 05:17 · Score: 1
  
  Wouldnt you want that to return a boolean or a pointer?
4. Re:as long as they implement this interface... by Anonymous Coward · 2015-04-21 07:07 · Score: 0
  
  The return type is an 'int' you idiot !! Quit confusing things let's finish this program.
Isn't the most likely hack by Cafe+Alpha · 2015-04-20 22:17 · Score: 2

Not of the code but of the keys?
If they have the private keys of the master keys then can play man in the middle and control the list of servers you see, and what keys you see for them too.
Of course you'd only use that on an occasional target, not on a whole population.
To target the whole population they would simply supply a majority of the server power to Tor. Then if you were unlucky enough to pick all compromised hops they've got you.
Darkside by Anonymous Coward · 2015-04-20 22:35 · Score: 1

The Darkside joined they have.
Re:More criminality by Anonymous Coward · 2015-04-20 22:50 · Score: 4, Insightful

Exactly right. The drug war and the 'think of the children' meme are two of the worst things about the US. We could stop a lot of harm if we abolished them both.
Isn't weird? by lasermike026 · 2015-04-20 23:56 · Score: 1

Isn't it weird that DARPA would fund Tor and NSA/FBI would resist Tor?
1. Re:Isn't weird? by gatkinso · 2015-04-20 23:57 · Score: 1
  
  Google the following statement: "selling out."
  
  --
  I am very small, utmostly microscopic.
2. Re:Isn't weird? by the_B0fh · 2015-04-21 00:04 · Score: 1
  
  How the hell is it "selling out" when TOR was *STARTED* by the military?
3. Re: Isn't weird? by Anonymous Coward · 2015-04-21 00:11 · Score: 1
  
  Google Tor's history. They were the bastard love child of the Navy and State Department. The bulk of their funding over the course of their existence came from State Department sources, often through intermediaries.
4. Re: Isn't weird? by Anonymous Coward · 2015-04-21 01:22 · Score: 0
  
  No.
5. Re:Isn't weird? by gatkinso · 2015-04-21 01:25 · Score: 1
  
  Ha! So it would seem! When I thought about it at all I thought Tor Project was a bunch of civvies out of MA who were Stallmanesque EFF types.
  
  --
  I am very small, utmostly microscopic.
6. Re:Isn't weird? by the_B0fh · 2015-04-21 01:59 · Score: 1
  
  It was started by the military so that people trying to overthrow oppressive governments have a tool they can use.
7. Re:Isn't weird? by gweihir · 2015-04-21 02:52 · Score: 1
  
  Not at all. It just requires a bit of understanding how things actually work. The government is not an unified body.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
8. Re:Isn't weird? by gweihir · 2015-04-21 02:54 · Score: 1
  
  And Roger has never hidden that fact and was always able to explain it well and convincingly. What is an actual risk is all the wannabe security experts here that want to drive people away from TOR and to less secure alternatives.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
9. Re:Isn't weird? by lasermike026 · 2015-04-21 04:52 · Score: 1
  
  I am aware that Tor came out off US Naval Research and DARPA but it was a different time back then. I would think that the NSA would have the institutional power to kill or poison Tor. If this is legit then perhaps I've over estimate NSA's clout. At this point I'm only left with distrust.
10. Re:Isn't weird? by gweihir · 2015-04-21 09:39 · Score: 1
  
  As I know a few people in that community, my guess would be that it very much depends on whom they try to get to put in backdoors. The TOR team seems to be a very bad bet for such an attempt, especially as we are not talking about them only passively looking on and they are not all based in the US. Roger Dingledine himself also strikes me as a very bad bet in that regard, as he has invested more than a decade of his life in this and really believes a secure TOR benefits society a lot more than it does harm. As any backdoor would be discovered sooner or later and then completely destroy TOR, my take would be that any such request made with force would just piss him off. (Any request not made with threats would likely lead to him explain patiently why that was a very bad idea....)
  But that is just my personal take and I have met Roger several times, first over a decade ago.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Re:More criminality by Maritz · 2015-04-20 23:59 · Score: 2

Don't worry, the jackbooted goose-stepping fascist future you yearn for is closer than ever. Keep the faith. And keep whinging about paedos and terrorists, it's working.

--
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
Tor 2.0 will be awesome by Anonymous Coward · 2015-04-21 00:33 · Score: 0

Tor 1.0 was so good, they forgot the backdoor.
we will win by AndyCanfield · 2015-04-21 01:28 · Score: 0

In 1968 I was in U.C. Berkeley; Uncle Sam was in Saigon, scared. We whipped his ass.
Yesterday I was in the new U.S.Embassy in Vientiane; Uncle Sam was hiding in the USNSA. We will win again; those idiots couldn't invade Pittsburg.
We will, we will rock you.
Re: More criminality by Anonymous Coward · 2015-04-21 02:09 · Score: 0

I invoke Godwin's law
hidden services? by Anonymous Coward · 2015-04-21 03:44 · Score: 0

If hidden services make up about 4 percent of the entire Tor network, what makes up the other 96%? Just asking.
1. Re:hidden services? by zlives · 2015-04-21 09:49 · Score: 1
  
  pron
Your Government Inaction/In Action by swschrad · 2015-04-21 04:28 · Score: 1

while the government agencies DHS and MPAA/RIAA work to close the torrents, DARPA is working to build the torrents. your tax dollars at work.

--
if this is supposed to be a new economy, how come they still want my old fashioned money?
1. Re:Your Government Inaction/In Action by lister+king+of+smeg · 2015-04-21 05:31 · Score: 1
  
  torrents != tor
  
  --
  ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
2. Re:Your Government Inaction/In Action by Impy+the+Impiuos+Imp · 2015-04-21 05:54 · Score: 2
  
  torrents != tor != Tor (Sci-fi book company) != Tor, regular in Ed Wood movies, along with Vampirella and Bela Lugosi
  
  --
  (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
I'm not saying to be afraid, but... by StikyPad · 2015-04-21 04:34 · Score: 1

If the history of NSA vulnerability disclosures (nearly none), the use of Stingrays, and the push for backdoor encryption are any reflection of the government's interest in network security, then the only possible conclusion is that they want to use Tor for its offensive capabilities rather than defensive. Like a basement-dwelling hacker, they want the ability to remain anonymous, and the ability to unmask anyone else. And they have the resources of the most wealthy nation on earth with which to do it.

--
https://www.eff.org/https-everywhere
1. Re:I'm not saying to be afraid, but... by Anonymous Coward · 2015-04-21 08:37 · Score: 0
  
  If the NSA wanted Tor to do something different, why would they wait until right now instead of any of the numerous times in the past DARPA has given Tor money?
  I just don't see why this forth infusion of money from DARPA would change anything what so ever regarding the NSA.
  The NSA is fully capable of issuing their own gag orders completely independent of DARPA funding.
  The NSA has had over 10 years to do so or to have already done so, again completely independent of DARPA funding.
  If this one additional funding round from DARPA changes your opinion on Tor in any way, you are just fucked in the head.
  Either the NSA hasn't done anything to Tor and thus still hasn't, or the NSA has already done their thing to Tor and it has already been done years ago.
  If you fear Tor due to the NSA, you should have started a decade ago and not changed your opinion now for the better.
  If you didn't fear Tor from the start, you have zero additional reasons now to start.
Zooko's Triangle by whh3 · 2015-04-21 05:36 · Score: 1

I am glad that they got this funding and can't wait to see what they are able to do with it. I hope that they look closely at secure ways to improve their naming. In other words, I hope that they are looking at any ways that they can "square" Zooko's Triangle (https://en.wikipedia.org/wiki/Zooko%27s_triangle). The reason that I am not as confident using DarkNet services as I am the "regular" .com is because of the naming system.
To anyone from Tor reading this: keep up the great work!
Will

--
remove nospam. to email!
The irony by Anonymous Coward · 2015-04-21 16:29 · Score: 0

You're right. Everyone who craves power is a sociopath.
Especially people who want power so they can help other people remain anonymous...
doh ;-)
Not just that by Ilgaz · 2015-04-22 07:51 · Score: 1

The most secure operating system out of the box is SELinux which is maintained by the mighty NSA themselves.
Open source is a strange revolution.