Re: [tor-talk] Content and popularity analysis of Tor hidden services
----- Forwarded message from Asa Rossoff <asa@lovetour.info> ----- Date: Thu, 5 Sep 2013 04:36:14 -0700 From: Asa Rossoff <asa@lovetour.info> To: tor-talk@lists.torproject.org Subject: Re: [tor-talk] Content and popularity analysis of Tor hidden services X-Mailer: Microsoft Office Outlook 12.0 Reply-To: tor-talk@lists.torproject.org
From Lunar: Eugen Leitl:
http://cryptome.org/2013/09/tor-analysis-hidden-services.pdf
Content and popularity analysis of Tor hidden services
Watch out for dead horses [1] and see the previous discussion [2].
[1] https://en.wikipedia.org/wiki/Flogging_a_dead_horse [2] https://lists.torproject.org/pipermail/tor-dev/2013-May/004909.html
Whether or not all issues were discussed in detail or the same detail in the prior thread as well as in the paper, I don't know, but the paper has relevance beyond Tor network flaws: - It exposes an estimate on how manny hidden services existed at the time of the study - It gives a breakdown of what services/some of the services those hidden services offered. - It categories HTTP(S) services by content type, which is interesting. - It describes what resources they required to perform the attack, which sound relatively modest. - It highlights the botnet and botnet command and control activity on Tor. - It describes server configuration issues that allowed easily correlating the shared hosting of many services - It describes server configuration issues that allowed easily deanonymizing the true IP Address of some hidden services. The last two points are importasnt reminders of some of the pitfalls in attempting anonymization, and might be good to be documented in the wiki (if they're not) for setting up hidden services. The prior points are of social and historic value. The present situation with massively escalating numbers of Tor users/"users" highlights the threat that botnets might pose to the Tor network's ability to function. A botnet worm of course could also be used to create a largescale anonymity attack requiring many nodes. Today's RC just announced does some traffic prioritization which should be a bandaid for the current problem, but doesn't really address similar issues in the longterm. I don't know what solutions to propose, as obviously the fundamental rule is that this is an anonymous system, and we probably want to respect net neutrality to the point practical, but more thought/research/development may have to be done to guard against botnets threatening the functionality of the Tor network or botnets' potential to attack the network's anonymity features. Asa -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
Tor Project discussion lists have become characterized by a a tone of dismissiveness, knee-jerkedness, when critiques are presented. This is pretty common in such fora as they age and lazy old-timers put down newbies as if a sport, shooting fish in a barrel, or as in this instance, flogging a dead horse. Occasionally, again as in this instance of critiquing Hidden Services, a thoughtful response is provided rather than a putdown. The more experienced Tor contributors are not as susceptible to putdowns as the middling and bottomers, certainly not as offensive as the Tor Project promoters, funders and fans. It would be helpful to distinguish between those who know onion-routing in depth and those who advocate its use with what often appears to be primarily public relations and advertizing disdain toward critics and inquirers. Reviewing the depth of research at the Naval Research Laboratory on network security and anonymization indicates that serious research has been done long before Tor Project appeared. Three of those researchers are affiliated with Tor Project and keep it from being dubious flim-flammery in which posing and pontificating front for technical inexperience. Tor Project is more like a sales operation for scientific and engineering endeavors. And in that role it boosts and promotes, sounding sometimes like snake oil, another overused cliche, than the skeptical and inquiring research at scientists and engineers at the NRL. Tor fora suffer the same consequences as this one, producing mostly shallow bullshit, mea culpa, with occasional leads for pursuing offline endeavors requiring much time for lasting fruition. Chat and mail lists, like reader comments and polls, have become promotional gimmicks, run by PR hustlers with about as much knowledge of discussion topics as salespeople usually have. One clue to unreliability is when a former engineer takes over sales and deploys promotional hyperbole as the principal marketing tool on fora, at talks, with speeches, articles, interviews, fund-raisers, documentaries, books, parties, conferences, 2P2, F2F, debates, all aimed at dominating a niche. In Tor Project's case, propaganda for illusory anonymity has become its main product, as befits an org established and funded by the USG for that purpose. Naval Research Laboratory should not be demeaned to the level of the all too slick Tor Project. And chattering on Tor fora should not to be confused with substantial contributions to helping protect the non-technical public from technical exploitation by sales and advertising gimmickery. NSA is far from being alone in this USG-sponsored dual-use, dual-purpose, duplicity. Layered security like onion-routing is cloaking how things work with How Things Work for Dummies.
participants (2)
-
Eugen Leitl -
John Young