Hi there, As I am running a local cryptoparty and do a lot of basic encryption/privacy talks and workshops, I am often recommending Tor as one of the means of protecting one's privacy and yes, even security (for example, by running a hidden service and making it possible for users not to leave the darknet). Of course it's far from being enough, and I make that very clear. But lately I got to wonder if using Tor does more harm than good? If the NSA can impersonate any IP on the planet, they can impersonate any Tor node; tis has two important consequences: 1. they know when you're using Tor, and can flag you accordingly, and (for example) deliver some nastiness when (not "if"!) they get the chance, because "when you have something to hide..." 2. they can guess with high probability whom are you communicating with; they don't have to break encryption, it's enough they listen-in and see that a Tor packet from your IP to Node A is x bytes; a packet from Node A to Node B is x-( header + Tor encryption layer size ) bytes, and so on. So, is using Tor today doing more harm than good? Would ordinary Joe Schmoes be far better of not using Tor? How about more high-profile targets, like activists/hacktivists, etc? -- Pozdr rysiek
Can't speak to the 2nd part, but to the first: in the US, for example, the number of active Tor users is in the hundreds of thousands, so you stand out but not much. On the other hand, even at the height of the protests in Egypt there were at most 1500 Tor users in the whole country. That's a lot of doors to knock on but not prohibitively many. n
On Mar 21, 2014, at 3:04, rysiek <rysiek@hackerspace.pl> wrote:
Hi there,
As I am running a local cryptoparty and do a lot of basic encryption/privacy talks and workshops, I am often recommending Tor as one of the means of protecting one's privacy and yes, even security (for example, by running a hidden service and making it possible for users not to leave the darknet).
Of course it's far from being enough, and I make that very clear.
But lately I got to wonder if using Tor does more harm than good? If the NSA can impersonate any IP on the planet, they can impersonate any Tor node; tis has two important consequences:
1. they know when you're using Tor, and can flag you accordingly, and (for example) deliver some nastiness when (not "if"!) they get the chance, because "when you have something to hide..."
2. they can guess with high probability whom are you communicating with; they don't have to break encryption, it's enough they listen-in and see that a Tor packet from your IP to Node A is x bytes; a packet from Node A to Node B is x-( header + Tor encryption layer size ) bytes, and so on.
So, is using Tor today doing more harm than good? Would ordinary Joe Schmoes be far better of not using Tor? How about more high-profile targets, like activists/hacktivists, etc?
-- Pozdr rysiek
Sys admins catch you hunting them and arrange compromises to fit your demands so you can crow about how skilled you are. Then you hire them after being duped as you duped to be hired. The lead Tor designer reportedly (via Washington Post) had a session with NSA to brief on how to compromise it, although "compromise" was not used nor is the word used by gov-com-org-edu. http://cryptome.org/2013/10/nsa-tor-dingledine.htm Not many honest comsec wizards nowadays are promising more than compromised comsec, and the compromise is gradually increasing as Snowden material is dribbled out to convince the public and wizards not a hell of a lot can be done about it except believe in and buy more compromised comsec. Not news here and in comsec wizard-land, to be sure, but compromised comsec is the industry standard, as the industry and its wizards in and out of government enjoy the boom and bust in comsec tools generated by precursors of Snowden, Snowden and his successors. Compromisability is assumed by the comsec industry to be a fundamental feature in all nations, no need to advertise it, much better to advertise how great comsec is and now much it is needed. Crypto-wizards have a long history of compromising believers who hire them and who suffer their promises of highly trusted protection. Trusted comsec is necessary to get persons to pack their comms with compromisable information. The greater the trust the greater the revelations of just what is desired. So what if laws are aleays jiggered to allow access to the revelations "under legal pressure" and "FISC orders." That has been a fundamental feature of crypto and comsec wizardry. At 06:04 AM 3/21/2014, you wrote:
Hi there,
As I am running a local cryptoparty and do a lot of basic encryption/privacy talks and workshops, I am often recommending Tor as one of the means of protecting one's privacy and yes, even security (for example, by running a hidden service and making it possible for users not to leave the darknet).
Of course it's far from being enough, and I make that very clear.
But lately I got to wonder if using Tor does more harm than good? If the NSA can impersonate any IP on the planet, they can impersonate any Tor node; tis has two important consequences:
1. they know when you're using Tor, and can flag you accordingly, and (for example) deliver some nastiness when (not "if"!) they get the chance, because "when you have something to hide..."
2. they can guess with high probability whom are you communicating with; they don't have to break encryption, it's enough they listen-in and see that a Tor packet from your IP to Node A is x bytes; a packet from Node A to Node B is x-( header + Tor encryption layer size ) bytes, and so on.
So, is using Tor today doing more harm than good? Would ordinary Joe Schmoes be far better of not using Tor? How about more high-profile targets, like activists/hacktivists, etc?
-- Pozdr rysiek
On Fri, Mar 21, 2014 at 5:01 AM, John Young <jya@pipeline.com> wrote:
Sys admins catch you hunting them and arrange compromises to fit your demands so you can crow about how skilled you are. Then you hire them after being duped as you duped to be hired.
everything old is new again, betrayals for lucre, for lust, for fame, for fear, ... this is why some technology consumers demand independent validation[0] to confirm to their own eyes if design matches intent; if operation matches assurance. how can you even trust the word of a third party verifying integrity if you can't determine integrity yourself? caution: this line of reasoning leads to long dependencies... ;)
The lead Tor designer reportedly (via Washington Post) had a session with NSA to brief on how to compromise it, although "compromise" was not used nor is the word used by gov-com-org-edu.
the beauty of privacy, like freedom, is that it floats all boats. [ i may not agree with what you do with free, uncensored communication, yet i code and toil for your ability to communicate regardless. ] in all seriousness, what you describe at the root of things: systems that are inherently and fundamentally compromising, if you have the right adversary, if you have the right resources, is absolutely true! in industry speak this is characterized in terms of "risk management". in military, aimed at a higher common denominator, yet fundamentally just as vulnerable (built to a more competent attacker. a larger resource stream.) there are defeatists a plenty, having looked around the state of things, and fall to nothing but despair. i think it is reasonable to demand complete transparency and utmost correctness and reliability in these technologies we depend on. that's a radically different future than what we have now or can think of in terms of current engineering capabilities. never the less, a future worth aiming toward! finally, to your mention of the meeting with NSA, this is interesting from a reversing the adversary's perspective. [since presumably Roger does not hold clearance of course, this is all treating Roger as hostile witness!] let's review it: --- Roger Dingledine at NSA NOV 2007 ...
Contents 1 (U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT) o 1.1 (U) Who are TOR Customers? o 1.2 (U) Anonymity System Concepts o 1.3 (U) TOR Issues
the usual culprits.
(U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT)
next time ask for them to sponsor bridges, obfuscated proxies, and fast exits? :) [only half in jest, as QUANTUMSQUIRREL would also make a great single, large exit for entire Tor network as has been mentioned in the past! constantly changing set of address space would avoid censorship and blocking into and out of the network. (though i would _only_ use NSANet as a obfuscated proxy first hop to hidden services or as last hop exit relay to clearnet where they occurr no where else along my circuit.)]
(U) Roger Dingledine, now of Torproject.org, was one of the principle inventors or TOR. Current usage statistics quoted are 200K users and 1K servers. When asked about trends, he had no concrete data - Being a non-profit open-source effort, the collector of statistics has not been active recently.
now there are metrics :) https://metrics.torproject.org/
(U) The obligatory "Anonymity is not equal to Cryptography" and "Anonymity is not equal to Steganography" admonishments were given early on. (U) Who are TOR Customers? (U) Mr. Dingledine mentioned that the way TOR is spun is dependent on who the "spinee" is. Using the typical (in the cryptography world), Alice and Bob as communicants, he described several Alices: (U) 1. Blogger Alice, who wants to be able to write to a blog in an anonymous way. (U) 2. 8 yr. old Alice, who wants to be able to post to sites for children in a way insuring her true name and location are not discovered. (U) 3. Sick Alice, who want to research information on her illness on the Internet while not enabling anyone to determine her true name and location. (U) 4. Consumer Alice, who wants to research possible purchases without having a database of her marketing habits being built without (or with her weak) consent. (U) 5. Oppressed Alice, who lives in a repressive country (no or limited free speech) and wants to talk about things contrary to her governments positions. The countries he used as examples were France, Germany (prohibitions on fascist writings?) and the US (not sure what he meant here?). (U) 6. Turning to "Business Alice", we had examples of companies not wanting to give up their business secrets to competitors via their Internet usage patterns. An anecdote was given of some business getting a different HTML page displayed when the same URL was accessed with and without TOR. (U) 7. "Law Enforcement Alice" was concerned with the ability of anonymous agents/informants to really main anonymous when contacting their law enforcement ties.
communicating a message to be best received by the audience. Roger's had some practice! again, the beauty of anonymity is that it floats all boats... [e.g. magically getting mutually distrusting, even opposed entities to cooperate on a shared goal.]
(U) Anonymity System Concepts (U) Running ones own anonymity service vs. Using a 3rd party service: If one uses one's own service, its pretty obvious who the user is :-) (U) Low Latency Anonymity Service vs. High Latency Anonymity Service: The difference is in how paranoid someone really is. In a Low Latency Anonymity Service (all common proxies, TOR, others), there is a rerouting through some number of proxies, but there is no attempt to reorder packets or artificially introduce latencies. The result is something which can be used for most web and instant messaging / chat applications with only minimal notice of delays by the user. In a high latency service, proxies attempt to randomly reorder an delay packet so that it is harder to track traffic. Such systems are really only useful for such protocols as email. (U) The most recent and advanced High Latency anonymity service was the /*MixMinion*/ family of open source projects. Mr. Dingledine was one of the key developers of these. His opinion is that the very limited utility of such projects has caused them to wither on the vine. He does *not* see any major development in such services for other than research in the forseeable future. Another key point is that the degree of anonymity in any system is proportional to the number of users. If noone is using any of the high latency systems, why bother. This proportionality is one of the ideas Mr. Dingledine refers to as a /tension/ in the world of anonymity systems.
yup, a nice summation. from here it gets a bit more interesting...
(U) TOR Issues (U) The short description of TOR for the reader is as follows: The user, via his/her TOR client, queries one of 5 directory servers for the current list of TOR nodes. Using metrics such as availability and bandwidth in conjunction with random choice, a set of 3 proxies is chosen for a "circuit". It is this circuit which is used, with a unique layer of encryption on each link, for anonymous Internet interactions. (U) The lifetime of a circuit, a tuneable parameter, is another /tension/, this one specific to TOR. The longer the circuit life, the more various traffic that may transit it, forming a knowable relationship between the traffic streams. Too short of a lifetime means too much time/CPU is spent building circuits. The original default lifetime was 30 seconds but is now 10 minutes. Everything is tweakable in TOR, so a user if free to choose his/her own circuit lifetime. But this is dangerous, as a unique circuit lifetime could easily become a user identification feature :-).
note the knowing, smily face at end. they either had started on or already had the ability to detect anomalous circuits, likely based around active/targeted DoS among who knows how many other possibilities they've been working on since "Tor stinks" :-) unfortunately anything further that would be useful would also be classified and thus not in this doc. [pointers and future articles solicited!]
(U) Mr. Dingeldine was asked about the concrete choice of a 3-long circuit. This is unlikely to change soon, as it appears to be a very suitable tradeoff. (U) The mention of SOCKS proxies, such as /*Privoxy*/ as a bump in the chain before TOR was mentioned. These proxies can intercept and cleanup things such as cookies to further help anonymity.
back to boring fact taking again... *yawn*
(U) The current "owner" of TOR is torproject.org, a US registerd 501(C) non-profit organization, of which Mr. Dingledine is a principal. In addition to specific technology issues such as scaling, other categories of work are: (U) 1. Usability (Targetting the ability of other than tech-savvy users to embrace the technology)
it has become so much better since 2007!
2. Incentives (Trying to get more people to run TOR servers)
great progress here too, i think.
3. Design for Scalability/Decentralization 3a. Regarding scalability of the TOR network, Mr. Dingledine proffered the guess that 2000-3000 is a rough upper limit on the number of nodes in the pool before a new topology may be advised. 3b. Decentralization means less reliance on a very small set of trusted Directory Servers (curently 5)
robust decentralized systems, still fucking hard in 2014!
4. Continued research on attacks and the mitigation thereof. 5. Continued provision of documentation and user technical support.
that's it. one bone, in the whole unclassified pile. so where's the docs with the circa 2011/2012 state-of-the-art Tor attacks? :)
At this point, one can but humbly remember John 8:7, ...He that is without sin among you, let him first cast a stone... --dan
On Fri, Mar 21, 2014 at 10:53:31PM -0400, dan@geer.org wrote:
At this point, one can but humbly remember John 8:7,
...He that is without sin among you, let him first cast a stone...
For then I shall cast a stone upon myself, for I have commited the gravest of sins upon the altar of transparency and rule of law I have signed a non-disclosure agreement[*] [*] dislaimer: Due to recent publicly documented leaks, any information I may or may not have agreed to not disclose may or may not be copied, duplicated, archived, and disclosed to unauthorized third parties, including, but not limited to government agents, private contractors, and ethical rogue sysadmins
On Mar 21, 2014, at 7:01 AM, John Young <jya@pipeline.com> wrote:
Sys admins catch you hunting them and arrange compromises to fit your demands so you can crow about how skilled you are. Then you hire them after being duped as you duped to be hired.
I guess I am odd or just not skilled. I don’t really want to spend more time admining boxes/networks just to keep out the people who work for me and are supposed to protect me. Setting up honeypots so I can catch the NSA? No overtime for that. The idea of having the option to spend time away from the computer is nice. Hell, I am trying to housebreak a new puppy, I don’t have time to housebreak the NSA also. Scott
On Fri, Mar 21, 2014 at 3:04 AM, rysiek <rysiek@hackerspace.pl> wrote:
Hi there,
As I am running a local cryptoparty and do a lot of basic encryption/privacy talks and workshops, I am often recommending Tor as one of the means of protecting one's privacy and yes, even security
speaking as a security enthusiasts and attending venues where hostile networks are expected and common, i can sum up my personal position as: 1. Tor has worked in environments where no other communication could. this includes situations where everything not-Tor was blocked or actively attacked. for this reason alone i believe it is an indispensable tool in the security practitioner's toolbox. 2. Exit nodes should be considered hostile. you'll be wrong most of the time (by design) but it doesn't hurt to remember that plain-text is not only observed but trivially manipulated through exit relays. 3. Defense in depth! Not only do 0day happen, but also accidents, oversights, catastrophes, the slow march of time... This can mean running a live Tor distro like Tails or constructing a series of isolated VMs for research on Qubes with a Tor Proxy VM. as for the concerns about identifying Tor users, the latest Tor bundles and Tails image have support for obfuscated proxies into the Tor network and other bridges. if Tor use alone is a concern, you're doing OPSEC wrong and/or living where obfuscated proxies are necessary. best regards,
On Mar 21, 2014, at 5:04 AM, rysiek <rysiek@hackerspace.pl> wrote:
1. they know when you're using Tor, and can flag you accordingly, and (for example) deliver some nastiness when (not "if"!) they get the chance, because "when you have something to hide…”
The old argument for convincing people to use crypto when they “have nothing to hide” was the postal analogy. Do you send your snail mail in an envelope? If you have nothing to hide why not use postcards? The idea is that if you are sending everything encrypted, when you do have something to hide it doesn’t stand out. Now people use envelopes for privacy and out of convention. If everyone did the same thing with crypto,used it for privacy and out of convention, intelligence agencies wouldn’t be able flag suspicious communications easily. Sorry, not really a “to Tor or not to Tor” answer, but something I remember using in the past. Scott
Dnia sobota, 22 marca 2014 01:04:28 Scott Blaydes pisze:
On Mar 21, 2014, at 5:04 AM, rysiek <rysiek@hackerspace.pl> wrote:
1. they know when you're using Tor, and can flag you accordingly, and (for
example) deliver some nastiness when (not "if"!) they get the chance, because "when you have something to hide…”
The old argument for convincing people to use crypto when they “have nothing to hide” was the postal analogy. Do you send your snail mail in an envelope? If you have nothing to hide why not use postcards? The idea is that if you are sending everything encrypted, when you do have something to hide it doesn’t stand out. Now people use envelopes for privacy and out of convention. If everyone did the same thing with crypto,used it for privacy and out of convention, intelligence agencies wouldn’t be able flag suspicious communications easily.
Sorry, not really a “to Tor or not to Tor” answer, but something I remember using in the past.
I am well aware of this argument, and I use it often. My question here is different: with all the info we have about Snowden, QUANTUM, etc, and with the number of Tor users today, AND with some Tor design choices (like: not padding the packets so that each packet, regardless of between which nodes it is sent and how many encryption layers have already beed removed -- has the same length, which would make it that much harder to do traffic analysis), is it PRACTICALLY REALLY better to use Tor, OR does it get people flagged and exploited in other ways? For Joe Schmoe, is it better to use Tor, or to hide in the noise? I guess one part of the question is the fact that NSA probably doesn't really have to break encryption, they just need info on who is communicating with whom, exploit one of these endpoints and get all the unencrypted logs, data, etc they want. -- Pozdr rysiek
On Mar 21, 2014, at 5:04 AM, rysiek <rysiek@hackerspace.pl> wrote:
If the NSA can impersonate any IP on the planet, they can impersonate any Tor node.
Shouldn't they have the node's private key too? Just having the IP they would receive encrypted traffic, they wouldn't be able to route it, your communication would fail and another TOR circuit would be used. Cheerz http://apx808.blogspot.com On Sat, Mar 22, 2014 at 6:52 AM, rysiek <rysiek@hackerspace.pl> wrote:
On Mar 21, 2014, at 5:04 AM, rysiek <rysiek@hackerspace.pl> wrote:
1. they know when you're using Tor, and can flag you accordingly, and (for
example) deliver some nastiness when (not "if"!) they get the chance, because "when you have something to hide..."
The old argument for convincing people to use crypto when they "have nothing to hide" was the postal analogy. Do you send your snail mail in an envelope? If you have nothing to hide why not use postcards? The idea is that if you are sending everything encrypted, when you do have something to hide it doesn't stand out. Now people use envelopes for privacy and out of convention. If everyone did the same thing with crypto,used it for
Dnia sobota, 22 marca 2014 01:04:28 Scott Blaydes pisze: privacy
and out of convention, intelligence agencies wouldn't be able flag suspicious communications easily.
Sorry, not really a "to Tor or not to Tor" answer, but something I remember using in the past.
I am well aware of this argument, and I use it often. My question here is different: with all the info we have about Snowden, QUANTUM, etc, and with the number of Tor users today, AND with some Tor design choices (like: not padding the packets so that each packet, regardless of between which nodes it is sent and how many encryption layers have already beed removed -- has the same length, which would make it that much harder to do traffic analysis), is it PRACTICALLY REALLY better to use Tor, OR does it get people flagged and exploited in other ways?
For Joe Schmoe, is it better to use Tor, or to hide in the noise?
I guess one part of the question is the fact that NSA probably doesn't really have to break encryption, they just need info on who is communicating with whom, exploit one of these endpoints and get all the unencrypted logs, data, etc they want.
-- Pozdr rysiek
correct, an IP alone insufficient to impersonate a Tor node. you would also need key material. (active use of stolen keys to facilitate secondary attacks would be interesting to inventory from leaks...)
Dnia wtorek, 25 marca 2014 18:49:10 coderman pisze:
correct, an IP alone insufficient to impersonate a Tor node. you would also need key material.
Ok, I was not being very clear what I meant. I meant a situation in which the NSA can listen-in on any connection in the clearnet, including connections between Tor nodes. They *can't* break the encryption nor do they have the keys... ...*But* (esp. if most of these nodes are in the US) they *can* observe that in sequence there are packets being sent between IP1, IP2, IP3 and IP4, and that these packets get smaller at each step, in a way that is coherent with removing layers of Tor encryption. What they can get from that is information; IP1 is communicating via Tor with IP4. So now they know whom to target with QUANTUM when they'd be using clearnet for something. Tor encryption gets less relevant if NSA gets access to the endpoints via other means, and for that they need to know whom to target. Observing packets flying between Tor nodes can give them that info -- at least that's a suggestion somebody made elsewhere. So my question is, does that make sense? Is that a viable threat? -- Pozdr rysiek
Ubiquitous use of a comsec system is a vulnerability, whether PGP or Tor or another popular means. Crypto advocates and Tor encourage widespread use as a defense but may be luring victims into traps. The more users of a system the more likely it will be attacked by officials or by malefactors. And the attacks are most often overlooked in the volume, or excused as a price of popularity, fixes underway, always underway, keeping coders and investors happy as engineers mud-wrestling and financiers soused. Most trusted systems (MTS) are where the money is, as with banks, so that's where robbers make their living, and MTS set up budgets for loss, PR, lobbying, training staff in cover-ups and workarounds, hiring ex-regulators and distinguished industry leaders as advisors, board members and faces of the MTS around the planet. The lucrative boomlet in comsec generated by Snowden Inc's marketing gambit promoting encryption and enhanced comsec among media mouthpiece megaphones indicates that another cycle of dubity of the status quo comsec confidence game is to be followed by a repair and rejigger protection racket, as evidenced on these mail lists, at conferences, and no doubt in halls of semi-classified exchanges everready to share tips and tricks to ratchet up demand for security in all its devilish manifestations. Was it not mere months ago when a call was issued to redesign and or replace the entire Internet from top to bottom, the whole thing, to end the futile comsec tinkering and delusionary marketing, no way the Frankenstein could be made secure for human use, it had fundamental faults which precluded durable comsec. Perhaps re-Frankensteining is being done in semi-classified halls, hindered by by official and commercial and scholarly exploiters of the monster's faults to advance their interests in advocating MTS for public use, just keep those research and investment funds flowing. No risk, no security market, so what fool would want an Internet that had no faults. No bank would want perfect security to be available directly to customers. No military or spy agency would want perfect national security available to the citizenry. No government would want a threat-free populace. No comsec industry would want ... Best to aim for pretty good comsec and call it best that can be done but cheating happens, thank you Edward Snowden, so prepare for disaster "not if, not when, but now." Intel committees wokring hand in hand with Snowden Inc. to keep the public panicky and needful of secrecy protection of the holy grail, national security backed by WMD. In short, Tor is a confidence game, crypto is a confidence game, no better than military, espionage, publicity, entertainment, finance, law, insurance, education and religion. Oops those are the primary routes to wealth and power concentration and need for WMD protection. What, you say WMD is a confidence game? Getoutahere, that's top secret codeword core faith in secretkeeping. Without that fundamental Frankensteinian fault nobody would buy security against the Doctors of monsters working hard at most secret laboratories on earth to devise crypto for assuring WMD comms and launch threats are pretty good at persuading the public to pay the steep protection fee -- which it should be noted is laundered through IRS and NGOs, blessed by FRS and SEC. Damn 3 lettered agencies of God.
On Wed, Mar 26, 2014 at 4:23 AM, John Young <jya@pipeline.com> wrote:
Ubiquitous use of a comsec system is a vulnerability, whether PGP or Tor or another popular means.
"Ubiquitous trust in technology without assurances nor fail-safes is a vulnerability" - fixed that for you JYA plenty of corollaries in architecture, to be sure. ;)
On Wed, Mar 26, 2014 at 7:23 AM, John Young <jya@pipeline.com> wrote:
Ubiquitous use of a comsec system is a vulnerability
Which ubiquity, in the curious case of Tor/I2P, appears to be holding up reasonably well so far. That is to say, who can state a case where a weakness in those systems (documented, or not) was exploited publicly to jail someone? Tor people seem to say it's possible, and the four horsemen have been operating in these nets for many years. Yet we're not seeing any canaries dropping in public. Why? And there's mountains of lesser [computer/finance] crime, filesharing, etc on these nets, with no sign of those actors being disrupted either. Let's move to leaks, a civil/criminal matter. That's the one thing that has had perhaps even zero first person appearance on .onion/.i2p. Why not? (Discounting docs from criminal hacks above, submission portals to third party publishers, mirrors, etc.) What if the docs that say, places like Cryptome, have had to pull due to threat of legal/ToS action... were hosted and told by the leaker/collator themselves on these nets? Who will carry the future gilded staffs of Cryptome, full-disclosure, WL, etc? And more importantly, where? What if a new set of Top Secret Snowden-like docs were hosted on tor/i2p? What if they had fewer silly redactions, or more sources and methods? Or serious political/geo/nwo intrigue the likes we've not yet seen? Are these nets only suited to street crime? Is offloading through the media the only suitable/safe place for high crime and politic? If not already present on these nets (some classes noted above), and thus far apparently immune (perhaps foolishly so), then what exactly are the needed test cases that will start producing not just dead canaries, but public record of what killed them? Any musing of 'To Tor or not to Tor?' must put consensus and evidence to these sorts of questions.
I'm in devil's advocate territory here, because I neither trust nor distrust Tor/i2p, feeling that we can't really be sure one way or another. But:
Which ubiquity, in the curious case of Tor/I2P, appears to be holding up reasonably well so far. That is to say, who can state a case where a weakness in those systems (documented, or not) was exploited publicly to jail someone? Tor people seem to say it's possible, and the four horsemen have been operating in these nets for many years. Yet we're not seeing any canaries dropping in public. Why?
And there's mountains of lesser [computer/finance] crime, filesharing, etc on these nets, with no sign of those actors being disrupted either.
Time for me to fulfil Godwin's Law and discuss Nazis! When the UK broke Enigma, they were able to decrypt Nazi comms with their spies on UK mainland, and by the end of the war they had turned or neatly disposed of the lot of them. This was so effective that by the time the V2 rockets started raining down, the UK were able to feed false info back along the wires instructing the Nazis to aim wildly off target, and telling them that the casualties were drastic, and the (extremely expensive) program a wild success. In the modern day, you have a scenario where every significant opponent of the fascists use forms of cryptography that *may* be vulnerable to the fascists' level of technical sophistication; we don't know, really. But if they *can* crack Tor/i2p in limited circumstances, they sure as hell wouldn't let anybody know; including the monkies in the "lower" agencies who might do something as dumb as prosecuting someone on Tor-derived evidence. They would instead use the information as the UK did on their predecessors: to identify, neutralise or (better yet) turn them when necessary, but until that point simply to gather more information and find more targets. The patience of spies can look like inability or apathy, until they have cause to act. On 27/03/14 07:20, grarpamp wrote:
On Wed, Mar 26, 2014 at 7:23 AM, John Young <jya@pipeline.com> wrote:
Ubiquitous use of a comsec system is a vulnerability
Which ubiquity, in the curious case of Tor/I2P, appears to be holding up reasonably well so far. That is to say, who can state a case where a weakness in those systems (documented, or not) was exploited publicly to jail someone? Tor people seem to say it's possible, and the four horsemen have been operating in these nets for many years. Yet we're not seeing any canaries dropping in public. Why?
And there's mountains of lesser [computer/finance] crime, filesharing, etc on these nets, with no sign of those actors being disrupted either.
Let's move to leaks, a civil/criminal matter. That's the one thing that has had perhaps even zero first person appearance on .onion/.i2p. Why not? (Discounting docs from criminal hacks above, submission portals to third party publishers, mirrors, etc.) What if the docs that say, places like Cryptome, have had to pull due to threat of legal/ToS action... were hosted and told by the leaker/collator themselves on these nets?
Who will carry the future gilded staffs of Cryptome, full-disclosure, WL, etc? And more importantly, where?
What if a new set of Top Secret Snowden-like docs were hosted on tor/i2p? What if they had fewer silly redactions, or more sources and methods? Or serious political/geo/nwo intrigue the likes we've not yet seen?
Are these nets only suited to street crime? Is offloading through the media the only suitable/safe place for high crime and politic?
If not already present on these nets (some classes noted above), and thus far apparently immune (perhaps foolishly so), then what exactly are the needed test cases that will start producing not just dead canaries, but public record of what killed them?
Any musing of 'To Tor or not to Tor?' must put consensus and evidence to these sorts of questions.
-- T: @onetruecathal, @IndieBBDNA P: +3538763663185 W: http://indiebiotech.com
On Wed, Mar 26, 2014 at 2:47 AM, rysiek <rysiek@hackerspace.pl> wrote:
... I meant a situation in which the NSA can listen-in on any connection in the clearnet, including connections between Tor nodes.
ok. this is sounding like classic traffic analysis (on the "metadata" rather than the content, so to speak).
They *can't* break the encryption nor do they have the keys...
ok.
...*But* (esp. if most of these nodes are in the US) they *can* observe that in sequence there are packets being sent between IP1, IP2, IP3 and IP4, and that these packets get smaller at each step, in a way that is coherent with removing layers of Tor encryption.
Tor cells use padding, but this alone is not sufficient to defeat traffic analysis.
What they can get from that is information; IP1 is communicating via Tor with IP4.
So now they know whom to target with QUANTUM when they'd be using clearnet for something.
this is why i am fond of everything dark! namecoin to hidden services, no DNS, no plaintext. (not entirely defeating QUATUMTHEORY, but much of it!)
Tor encryption gets less relevant if NSA gets access to the endpoints via other means, and for that they need to know whom to target. Observing packets flying between Tor nodes can give them that info -- at least that's a suggestion somebody made elsewhere.
the anonymity set is large, but maybe that isn't sufficient. this is exactly the same argument for or against zero knowledge mixes. sure, they offer stronger protection from traffic analysis, but the anonymity set of users is tiny, making that theoretical hardness useless in practical terms.
So my question is, does that make sense? Is that a viable threat?
depending on where you stand, and what network you egress, it may make absolutely perfect sense - Tor use alone drawing scrutiny that draws conflict. from my personal experience, _not_ in places where Tor use alone is suspect, it has been a essential tool. if you're concerned about NSA/TAO/SSO then you're speaking of two broad domains of concern: 1. pervasive, passive global intercept - this is where Tor and encryption come in. you've just made it harder, and turned something global and passive ineffective, pushing activity toward: 2. tailored access - the black bag jobs, weaponized exploits, HUMINT attacks, etc. if you've pushed your adversary to these means, you've achieved a COMSEC and symbolic victory. you don't defend against #2, you just fail less quickly...[0] 0. there are exceptions. these are left an exercise for the reader :)
Dnia środa, 26 marca 2014 17:01:45 coderman pisze:
On Wed, Mar 26, 2014 at 2:47 AM, rysiek <rysiek@hackerspace.pl> wrote:
... I meant a situation in which the NSA can listen-in on any connection in the clearnet, including connections between Tor nodes.
ok. this is sounding like classic traffic analysis (on the "metadata" rather than the content, so to speak).
They *can't* break the encryption nor do they have the keys...
ok.
...*But* (esp. if most of these nodes are in the US) they *can* observe that in sequence there are packets being sent between IP1, IP2, IP3 and IP4, and that these packets get smaller at each step, in a way that is coherent with removing layers of Tor encryption.
Tor cells use padding, but this alone is not sufficient to defeat traffic analysis.
What they can get from that is information; IP1 is communicating via Tor with IP4.
So now they know whom to target with QUANTUM when they'd be using clearnet for something.
this is why i am fond of everything dark! namecoin to hidden services, no DNS, no plaintext.
(not entirely defeating QUATUMTHEORY, but much of it!)
Tor encryption gets less relevant if NSA gets access to the endpoints via other means, and for that they need to know whom to target. Observing packets flying between Tor nodes can give them that info -- at least that's a suggestion somebody made elsewhere.
the anonymity set is large, but maybe that isn't sufficient.
this is exactly the same argument for or against zero knowledge mixes. sure, they offer stronger protection from traffic analysis, but the anonymity set of users is tiny, making that theoretical hardness useless in practical terms.
So my question is, does that make sense? Is that a viable threat?
depending on where you stand, and what network you egress, it may make absolutely perfect sense - Tor use alone drawing scrutiny that draws conflict.
from my personal experience, _not_ in places where Tor use alone is suspect, it has been a essential tool.
if you're concerned about NSA/TAO/SSO then you're speaking of two broad domains of concern:
1. pervasive, passive global intercept - this is where Tor and encryption come in. you've just made it harder, and turned something global and passive ineffective, pushing activity toward:
2. tailored access - the black bag jobs, weaponized exploits, HUMINT attacks, etc. if you've pushed your adversary to these means, you've achieved a COMSEC and symbolic victory.
you don't defend against #2, you just fail less quickly...
Thanks, that's more or less what I came up with, and needed a reality check. -- Pozdr rysiek
participants (10)
-
APX 808
-
Cathal Garvey
-
coderman
-
dan@geer.org
-
grarpamp
-
John Young
-
Nathan Loofbourrow
-
rysiek
-
Scott Blaydes
-
Troy Benjegerdes