yet another reason why tor scumbags are scum
https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity "Blocking Bittorrent Activity Bittorrent is a bad thing for Tor, and dealing with abuse complaints can be a headache for the people who run exit nodes. BlockingBittorrent explains how you can block Bittorrent trackers"
On 10/19/2018 04:14 PM, #$%& wrote:
https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity
"Blocking Bittorrent Activity
Bittorrent is a bad thing for Tor, and dealing with abuse complaints can be a headache for the people who run exit nodes. BlockingBittorrent explains how you can block Bittorrent trackers"
Of course, #$%& has no clue how BitTorrent works. It's nearly pointless to route just the tracker callbacks through Tor, and routing the actual data over Tor would overload the network. I don't blame them for making it easy to block BitTorrent traffic; there are other filesharing tools which are a better fit if anonymity is a priority (Freenet, GNUNet, etc). -- Shawn K. Quinn <skquinn@rushpost.com> http://www.rantroulette.com http://www.skqrecordquest.com
On Fri, 19 Oct 2018 16:58:18 -0500 "Shawn K. Quinn" <skquinn@rushpost.com> wrote:
On 10/19/2018 04:14 PM, #$%& wrote:
https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity
"Blocking Bittorrent Activity
Bittorrent is a bad thing for Tor, and dealing with abuse complaints can be a headache for the people who run exit nodes. BlockingBittorrent explains how you can block Bittorrent trackers"
Of course, #$%& has no clue how BitTorrent works.
of course, piece of shit shawn quinn is nothing but a torbot. And he's known to robotically lie about tor funding (see archives) and scumbag shawn quinn is apparently unable to see the problem with the 'anti censorship' torscumproject engaging in massive censorship against the free sharing of information via bitttorrent. hey shawn how does it feel to be scum like you? Not a nice feeling I'd assume?
On 10/19/18 5:58 PM, Shawn K. Quinn wrote:
Of course, #$%& has no clue how BitTorrent works. It's nearly pointless to route just the tracker callbacks through Tor, and routing the actual data over Tor would overload the network. I don't blame them for making it easy to block BitTorrent traffic; there are other filesharing tools which are a better fit if anonymity is a priority (Freenet, GNUNet, etc).
TOR schmore. I would describe i2p as an anonymizing torrent distribution network, with some other comms (in-network websites, e-mail, etc.) piggybacking on the infrastructure that file sharing traffic keeps up and running. https://geti2p.net/en/ The Garlic Routing protocol used by i2p looks at least as secure as Onion Routing - and IMO more so, because of both the protocol's architecture, and the dynamics of real world traffic flow where a small number of "dangerous" packets mix into a huge number of movies, TV shows, record albums etc. in transit. Extra paranoid users can configure i2p to use longer chains, further complicating things for adversaries. By default all i2p nodes relay third party traffic, and at present no (advertised) gateways connect i2p to the 'regular' Internet. The high volume of torrent traffic over i2p, and the loooong duration of typical downloads (25kbps counts as 'decent speed' in there), greatly complicate matters for anyone doing traffic analysis, compared to the hit-and-run pattern of TOR usage that typically lights up an entry and exit router for just a few minutes per user session, during which easily fingerprinted clusters of packets, all of them "of interest" to potential adversaries, flow thick and fast. The most reliable anonymity against State level adversaries uses TOR for hit-and-run network access via a high gain antenna and open router, or any dodge that physically decouples the user from the physical router's IP address. i2p can't do that very well, because it takes 20 minutes or more to integrate into the network and start moving packets. So double-nought spies and their ilk can get that much mileage out of TOR. So far I have not come up with a way to prevent what I call a Hydra attack against /any/ distributed anonymizing overlay network: An adversary who owns and operates a majority of the relay nodes via geographically dispersed proxies run from a single cloud server literally "can't be beat" except by physically concealing one's identity from the physical Internet router used. Users who expect mere software to defeat network surveillance by top tier actors have started out with false assumptions and end up taking far greater risks than they would consider acceptable if they knew about them. The reluctance of intelligence services to reveal their capabilities by acting on what they know too often provides the best protection most users can get... :o/
On Sat, Oct 20, 2018 at 03:12:22PM -0400, Steve Kinney wrote:
On 10/19/18 5:58 PM, Shawn K. Quinn wrote:
Of course, #$%& has no clue how BitTorrent works. It's nearly pointless to route just the tracker callbacks through Tor, and routing the actual data over Tor would overload the network. I don't blame them for making it easy to block BitTorrent traffic; there are other filesharing tools which are a better fit if anonymity is a priority (Freenet, GNUNet, etc).
TOR schmore. I would describe i2p as an anonymizing torrent distribution network, with some other comms (in-network websites, e-mail, etc.) piggybacking on the infrastructure that file sharing traffic keeps up and running.
The Garlic Routing protocol used by i2p looks at least as secure as Onion Routing - and IMO more so, because of both the protocol's architecture, and the dynamics of real world traffic flow where a small number of "dangerous" packets mix into a huge number of movies, TV shows, record albums etc. in transit. Extra paranoid users can configure i2p to use longer chains, further complicating things for adversaries. By default all i2p nodes relay third party traffic, and at present no (advertised) gateways connect i2p to the 'regular' Internet.
The high volume of torrent traffic over i2p, and the loooong duration of typical downloads (25kbps counts as 'decent speed' in there), greatly complicate matters for anyone doing traffic analysis, compared to the hit-and-run pattern of TOR usage that typically lights up an entry and exit router for just a few minutes per user session, during which easily fingerprinted clusters of packets, all of them "of interest" to potential adversaries, flow thick and fast.
The most reliable anonymity against State level adversaries uses TOR for hit-and-run network access via a high gain antenna and open router, or any dodge that physically decouples the user from the physical router's IP address. i2p can't do that very well, because it takes 20 minutes or more to integrate into the network and start moving packets. So double-nought spies and their ilk can get that much mileage out of TOR.
Ahh, thank you for that explanation.
So far I have not come up with a way to prevent what I call a Hydra attack against /any/ distributed anonymizing overlay network: An adversary who owns and operates a majority of the relay nodes via geographically dispersed proxies run from a single cloud server literally "can't be beat" except by physically concealing one's identity from the physical Internet router used.
What about a meatspace trust network, one you build up over months/ years, where fellow free-speech staunch-ists all run I2P nodes with each other and you? So i.e. you set up a wireless N2N/street pod, perhaps a few yagis hopping across blocks to slightly more distant neighbours, and once you have a decent pod size of say 10+ neighbours, you can then use one or another of those as your first hop into I2P? Run it on really old Pentiums or perhaps puri.sm lappys running sel4 (work to be done to make a decent/ simple/ audited network stack on sel4, as well as porting I2P), and finally add in chaff fill for at least your first hop. Add in some N2N (neighbour to neighbour/ street pod network) to get off the centralisation of ISPs (which are also to a real degree beholden to their respective $GOVERNMENT_JURISDICTION. Theoretically, this should be able to be put together by about two reasonably motivated individuals over 6 to 12 months. I2Pods FTW muffuluggarah!
Users who expect mere software to defeat network surveillance by top tier actors have started out with false assumptions and end up taking far greater risks than they would consider acceptable if they knew about them.
Indeed. They prolly ought listen to Jesus^BJuan a little more - I noticed he don't mince his words :)
The reluctance of intelligence services to reveal their capabilities by acting on what they know too often provides the best protection most users can get...
On Sat, 20 Oct 2018 15:12:22 -0400 Steve Kinney <admin@pilobilus.net> wrote:
The high volume of torrent traffic over i2p,
I wasn't aware that i2p is mainly used for torrents? Last time I checked their eepsites(or whatever they are called) I didn't find anythign interesting or 'criminal'. In other words, nobody seems to be using i2p to host anything of value. And I saw more than a few sites that looked that like russian honeypots.
and the loooong duration of typical downloads (25kbps counts as 'decent speed' in there), greatly complicate matters for anyone doing traffic analysis, compared to the hit-and-run pattern of TOR usage that typically lights up an entry and exit router for just a few minutes per user session, during which easily fingerprinted clusters of packets, all of them "of interest" to potential adversaries, flow thick and fast.
Which is exactly the reason why torscum should be promoting the use of their network for filesharing...if they were honestly interested in protecting users....which of course they are not.
Users who expect mere software to defeat network surveillance by top tier actors have started out with false assumptions and end up taking far greater risks
But hey! You can use 'free' software, courtesy of the US navy to 'Protect your privacy and Defend yourself against network surveillance and traffic analysis." !!! Trust me, scum like shawn quinn and all the rest of the tor gang would never lie to you.
than they would consider acceptable if they knew about them. The reluctance of intelligence services to reveal their capabilities by acting on what they know too often provides the best protection most users can get...
...but that didn't work too well for ulbricht and a few others like him...
:o/
On 10/21/18 6:46 PM, juan wrote:
On Sat, 20 Oct 2018 15:12:22 -0400 Steve Kinney <admin@pilobilus.net> wrote:
The high volume of torrent traffic over i2p,
I wasn't aware that i2p is mainly used for torrents?
I don't recall the statistics but I would guess that torrents account for at least 95% of the traffic on that network. Maybe more like 99-point-something percent.
Last time I checked their eepsites(or whatever they are called) I didn't find anythign interesting or 'criminal'. In other words, nobody seems to be using i2p to host anything of value. And I saw more than a few sites that looked that like russian honeypots.
A website on the i2p network (eepsite) can host any files the user puts in the site's /docroot directory. That would include subdirectories with their own index pages, not publicly advertised and available only to "confidential" correspondents who know the names of the subdirectory and index pages in question. That's not quite a "digital dead drop" but comes close. I used to run a moderately popular eepsite and seeded lotsa torrents. "Who" I was and what I may have distributed aside from publicly advertised content is for me to know and others to guess. Let's just say I did it as an exercise and for amusement purposes only. Last time I checked, some of the stuff I seeded out was still bouncing around in there years later. :o)
and the loooong duration of typical downloads (25kbps counts as 'decent speed' in there), greatly complicate matters for anyone doing traffic analysis, compared to the hit-and-run pattern of TOR usage that typically lights up an entry and exit router for just a few minutes per user session, during which easily fingerprinted clusters of packets, all of them "of interest" to potential adversaries, flow thick and fast.
Which is exactly the reason why torscum should be promoting the use of their network for filesharing...if they were honestly interested in protecting users....which of course they are not.
The Tor Project's position on torrent traffic never made sense to me. More users and more traffic add up to more security. If casual users see a bit more lag, so what? In every instance where security vs. end user arises convenience arises, TOR chooses convenience. I was also very disappointed when the TOR Browser distribution dropped support for router configuration; now they have done away with the last scrap of that. "The Tor circuit display has been relocated and improved! Click the Site Identity button (located on the left side of the URL bar) to see the new circuit display" is a lie; there's no such button in the update I just installed (ver 8.03), which presents the quoted text on its 'update completed' page, but nothing related in any menu accessible to the user. The browser's configuration menu does present "new identity" and "new circuit for this site" buttons; that's all, folks! The "Donate Now" link on the TOR welcome page does work though.
than they would consider acceptable if they knew about them. The reluctance of intelligence services to reveal their capabilities by acting on what they know too often provides the best protection most users can get...
...but that didn't work too well for ulbricht and a few others like him...
I would say it worked exactly as expected for Ulbricht and a few others like him: Always expect a faulty cost/benefit estimate produces net loss results. :o/
On Tue, 23 Oct 2018 17:05:09 -0400 Steve Kinney <admin@pilobilus.net> wrote:
In every instance where security vs. end user arises convenience arises, TOR chooses convenience.
speaking of which, I just found another new 'feature' in the way their browser deals with javascript. If you visit foo.com and allow JS to run for that domain, it turns out that the browser actually runs ANY JS coming from 'third parties'. So if foo.com links to say cloudflare malware then cloudflare scripts are run as well. noscript has a setting in preferences/advanced/trusted to 'cascade' permissions and the default is off. So if you whitelist foo.com only scripts from foo.com run. Looks like the tor assholes changed it to on, and now when you visit foo.com you get to run any '3rd party' tracking garbage foo.com might use.
On Tue, Oct 23, 2018 at 05:05:09PM -0400, Steve Kinney wrote:
On 10/21/18 6:46 PM, juan wrote:
On Sat, 20 Oct 2018 15:12:22 -0400 Steve Kinney <admin@pilobilus.net> wrote:
The high volume of torrent traffic over i2p,
I wasn't aware that i2p is mainly used for torrents?
I don't recall the statistics but I would guess that torrents account for at least 95% of the traffic on that network. Maybe more like 99-point-something percent.
Last time I checked their eepsites(or whatever they are called) I didn't find anythign interesting or 'criminal'. In other words, nobody seems to be using i2p to host anything of value. And I saw more than a few sites that looked that like russian honeypots.
A website on the i2p network (eepsite) can host any files the user puts in the site's /docroot directory. That would include subdirectories with their own index pages, not publicly advertised and available only to "confidential" correspondents who know the names of the subdirectory and index pages in question. That's not quite a "digital dead drop" but comes close.
I used to run a moderately popular eepsite and seeded lotsa torrents. "Who" I was and what I may have distributed aside from publicly advertised content is for me to know and others to guess. Let's just say I did it as an exercise and for amusement purposes only. Last time I checked, some of the stuff I seeded out was still bouncing around in there years later. :o)
and the loooong duration of typical downloads (25kbps counts as 'decent speed' in there), greatly complicate matters for anyone doing traffic analysis, compared to the hit-and-run pattern of TOR usage that typically lights up an entry and exit router for just a few minutes per user session, during which easily fingerprinted clusters of packets, all of them "of interest" to potential adversaries, flow thick and fast.
Which is exactly the reason why torscum should be promoting the use of their network for filesharing...if they were honestly interested in protecting users....which of course they are not.
The Tor Project's position on torrent traffic never made sense to me. More users and more traffic add up to more security. If casual users see a bit more lag, so what? In every instance where security vs. end user arises convenience arises, TOR chooses convenience.
I was also very disappointed when the TOR Browser distribution dropped support for router configuration; now they have done away with the last scrap of that. "The Tor circuit display has been relocated and improved! Click the Site Identity button (located on the left side of the URL bar) to see the new circuit display" is a lie; there's no such button in the update I just installed (ver 8.03), which presents the quoted text on its 'update completed' page, but nothing related in any menu accessible to the user.
The browser's configuration menu does present "new identity" and "new circuit for this site" buttons; that's all, folks! The "Donate Now" link on the TOR welcome page does work though.
than they would consider acceptable if they knew about them. The reluctance of intelligence services to reveal their capabilities by acting on what they know too often provides the best protection most users can get...
...but that didn't work too well for ulbricht and a few others like him...
I would say it worked exactly as expected for Ulbricht and a few others like him: Always expect a faulty cost/benefit estimate produces net loss results.
The agora guys made it out alive. They shut down when it got hot (and were unaffected by the 2014 Onymous tor busts). I'd be curioius to know what kind of profit the operator(s) of Agora made it out with. Alphabay got busted though, and I don't even know who the "big" darkweb markets are these days... Source locally, its my motto ;)
:o/
-- GPG fingerprint: 17FD 615A D20D AFE8 B3E4 C9D2 E324 20BE D47A 78C7
participants (5)
-
John Newman -
juan -
Shawn K. Quinn -
Steve Kinney -
Zenaan Harkness