Slashdot Mirror

← Back to Stories (view on slashdot.org)

Academics Build a New Tor Client Designed To Beat the NSA

Posted by timothy on from the non-spy-vs-spy dept.

An anonymous reader writes: In response to a slew of new research about network-level attacks against Tor, academics from the U.S. and Israel built a new Tor client called Astoria designed to beat adversaries like the NSA, GCHQ, or Chinese intelligence who can monitor a user's Tor traffic from entry to exit. Astoria differs most significantly from Tor's default client in how it selects the circuits that connect a user to the network and then to the outside Internet. The tool is an algorithm designed to more accurately predict attacks and then securely select relays that mitigate timing attack opportunities for top-tier adversaries.

17 of 63 comments (clear)

  1. So where is the source code? by Anonymous Coward · · Score: 3, Informative

    no source code == no story

  2. written by the NSA by MooseTick · · Score: 4, Interesting

    If the NSA were going to create a TOR substitute, wouldn't this be how they would want to describe it?

    --
    Ninjas don't carry tic tacs
    1. Re:written by the NSA by Anonymous Coward · · Score: 5, Informative

      TOR was originally developed by the Navy to hide CIA and NSA traffic. It was released to the public specifically to allow everybody's lesser-importance traffic to provide cover for said spies.

    2. Re:written by the NSA by Anonymous Coward · · Score: 2

      Why would they want to?

      They know the security features of Tor and probably need them for themselves. They also know they can classify tor users as suspicious based on their tor usage alone. They don't need to make a substitute, it would probably even be bad for them. They have stated quite often that they only work with metadata and its probably correct, metadata is a lot easier to work with than the actual data and it gives them all they need. With tor they will know the metadata but might not know the actual data, does that matter to them? Never mind that being the top predator in the internet business, they, with the GCHQ are probably the only ones that might be able to see the whole tor network. You can't use tor to hide from somebody if they can follow every hop you make. They don't need to own any tor nodes if they just watch everything. So they have no good reason to destroy tor while they have plenty of good reason to keep it (if they are confident that nobody else has their capabilities).

      You can't hide among people like you if the target is people like you. You need something like tor that is used by many different people if you want to hide among them.

    3. Re:written by the NSA by Anonymous Coward · · Score: 2, Insightful

      Paranoia on a site hosted in a country where Sgt. Friendly of the local Police dept. rides around on an APC in full riot gear ready to pepper spray protesters in the face in a country with "free speech" written as an inalienable right?

      Trust has been eroding steadily for decades

    4. Re:written by the NSA by MrNiceguy_KS · · Score: 2

      For Tor to be effective, more people need to use Tor. The problem is, people using Tor are usually people needing to (or wanting to) hide something, not the "more" people needed.

      This is why I make it a point to fire up the Tor browser at least a couple of times a week. It's not because I'm doing something I want to hide, it's that everybody should be free from having to live under the all-seeing Eye of Sauron. If they're going to watch all Tor traffic, they can watch my webcomics and funny cat pictures.

      --
      Redundancy is good And also good.
  3. Bad headline by OverlordQ · · Score: 5, Insightful

    Should be 'Academics hypothesize better tor client', since all they're giving out is their analysis and not sourcecode there's no way to verify their claims.

    --
    Your hair look like poop, Bob! - Wanker.
    1. Re:Bad headline by Anonymous Coward · · Score: 2, Interesting

      Nah, should be: Academics Build a Hypothetical Framework for the NSA to Beat Before It's Ever Implemented. ... then again I would title it: Academics Continue to Ignore that NSA can NSA can inject exploits into any Tor Exit Node's traffic. You're fucked once the Ferret Cannon has you in its sights. All you need to do is be interesting and access HTTPS:// since the NSA assumes any encrypted traffic is non-USA-ian because they can't prove origin without hacking it.

      Aside: This combined with the fact that the TLS/PKI Certificate Authority system is a complete security theater, I find Mozilla's opting for HTTPS only to be the only reason I need never to use their browser again. Think about it: If only HTTPS traffic is allowed then all the govs need to do to silence a site is revoke the cert. Talk about a single point of failure. Personally, I'm thinking that "the web" is dead, Internet enabled applications are better at basically everything. Long Live The Internet, but fuck the web.

    2. Re:Bad headline by skids · · Score: 2

      Transmission encryption without authentication is useless in the vast majority of cases.

      No, it isn't. Because in the vast majority of cases your traffic wasn't interesting enough to MITM the first time you connected to the server, and after that, you've stored the key you found there and can be alerted if it changes. Also you can post-verify to see whether you've been MITMd if you care to know whether the horse is out of the barn, which isn't as useful as keeping the horse in the barn, but still qualifies as useful.

      --
      Someone had to do it.
  4. Link padding by Anonymous Coward · · Score: 2, Interesting

    the article seems to miss on the details. How can you choose "safe" circuits when it is assumed that all points are compromised?

    The best defense is chatty end points. Just spew requests continuously and that defeats traffic analysis. They used to call it link padding.

    1. Re:Link padding by Anonymous Coward · · Score: 2, Informative

      The problem with link padding is that it would be very costly for Tor nodes and for usability.

      Firstly, link padding would require rate-limiting each link to something quite small to keep bandwidth reasonable. If you think Tor is slow now, it would be much slower with padding.

      Secondly, link padding also requires batching circuit construction. If a new link comes in, you can't immediately allow the Tor user to open a new link out. You have to wait and batch multiple outgoing link requests. That increases latency significantly to something much more than people already tolerate. Likewise, when a circuit is destroyed you can't immediately close all the links. You have to batch closure. In the meantime those links are just eating up bandwidth.

      Thirdly, link padding _ideally_ requires propagating packet delays, similar to the the way you batch circuit constructions and closure. If the network did this, it would be trivial to DoS the Tor network because the network would amplify disruptions. But in practice I don't think this would ever be implemented.

      Tor has succeeded mostly because of it's popularity. Even with link padding improving the security, you still need a large, active community using the network to maintain anonymity. Basically, as is typical you must rely on the pr0n and file-sharing subset to build the critical mass. Those folks are especially sensitive to bandwidth and latency.

      Yes, link padding (which is the basis of Wei Dai's original pipenet proposal*, which itself predated the Navy's Onion Routing project) is the ideal. It's basically how e-mail mixers work. But it would also make the network as useable as e-mail mixers are, which is not very useable in the context of the web.

      * http://www.weidai.com/pipenet.txt

  5. israel? by mOzone · · Score: 2

    i never seen anything come out of israel that wasnt backdoored.. Icq skype etc
    i think showden files had things about this also

  6. mod parent up! by Presto+Vivace · · Score: 3, Informative

    Almost everyone involved in developing Tor was (or is) funded by the US government

  7. Not foolproof by dmaul99 · · Score: 3, Insightful

    Just remember: if somebody is interested in finding out what you are doing, and they have unlimited resources to do so, then you WILL get caught no matter how good you think your tools are, no matter how careful you think you are.

    1. Re: Not foolproof by BaronAaron · · Score: 3, Insightful

      Luckily there is no such thing as infinite resources.

  8. Re:King Frosty The First Beats All! by MobSwatter · · Score: 2

    I.T. is the field that is splitting hairs when it comes to privacy and security, if TOR beats the NSA someone gets fired or their budget cut, not really the folks one wants to scorn and the people know it. So innovation is dead there. I think the last statement in the "Lord of War" holds true, "Never go to war with yourself", kind of late now though a decade later ya think?

  9. Re:King Frosty The First Beats All! by ale2011 · · Score: 2

    Can anyone confirm NSA / GCHQ and Chinese intelligence's ability to monitor Tor user's traffic, from entry to exit?

    Are there any articles online which can substantiate that claim??

    See e. g. How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID. That's NSA monitoring, based on Snowden disclosures. More references in the Astoria article.