[tor-relays] clarification on what Utah State University exit relays store ("360 gigs of log files")

Steve Kinney admin at pilobilus.net
Fri Aug 28 21:47:00 PDT 2015

Hash: SHA1

On 08/28/2015 12:46 PM, jim bell wrote:
> *From:* Steve Kinney <admin at pilobilus.net>
>> In terms of real world threats, I think it's safe to say that
>> TOR "Hidden Services" aren't very well hidden from motivated 
>> adversaries who can deploy global observation and/or global 
>> infiltration attacks: The persistence, fixed physical
>> location and interactive availability a hidden services makes
>> it a fat, dumb, happy sitting target for any major State's
>> military and police intelligence service that takes an
>> interest in identifying the host and its operators IRL.
> I have seen references to the idea of giving 'everyone' the
> option of having their router implement Tor.  And I mention
> this because I'd like to see more about this idea.  A modern
> router presumably has plenty of CPU power/memory capacity to do
> Tor.  And, particularly since we are entering the era of
> gigabit fiber internet services (for reasonable prices; say $70
> per month), there will be an ever-larger number of people who
> will be in the position to host a relay node.  What's needed is
> to convince router manufacturers that they "must" transition to
> Tor-by-default routers.  Wouldn't we like to see a million
> high-throughput nodes appear? Jim Bell

To convince router manufacturers that they must transition to
TOR-by-default routers is a tall order:  That's a big commercial
market with a small number of dominant players, inherently aligned
with conservative a.k.a. Fascist interests.

Global many-to-many communications is correctly perceived as a
threat to the political and economic dominance of State and
Corporate institutions, formerly assured by central control of
mass scale communications for censorship and propaganda purposes.
 In this context, mass surveillance is an adaptive response that
seeks to counter-balance the "liberating" impact of the Internet
by enabling early identification and effective manipulation of
emergent mass movements and ad hoc leadership cadres.

TOR is a weapon; the U.S. State Department funds it to support the
destabilizing impact of counter-censorship and
counter-surveillance technology on other, more overtly repressive
regimes.  However, high profile busts of Hidden Service users
indicate that TOR is not quite effective enough to defeat U.S.
network surveillance assets, at least not where fixed high-value
targets are concerned.  This is consistent with U.S. policy
objectives with regard to the strength of all cryptographic

We are told that the TOR Project favors convenience and speed over
security, because this is necessary to build a large enough user
base to make the system effective.  That does not entirely make
sense, as favoring security over speed and convenience would make
the system effective regardless of the size of its user base.  It
makes more sense to imagine that the TOR Project would lose its
Federal funding and become a target for effective harassment and
manipulation by Federal security services, if TOR's security was
upgraded to be resistant to U.S. surveillance capabilities.

"Everybody knows" that effective resistance to traffic analysis of
an encrypted low-latency anonymizing network requires a constant
flow of traffic, padded as necessary with dummy packets to
maintain a constant through-put when an endpoint is idle.  This
deprives observers of the ability to match the endpoints of any
given session by analyzing the timing and number of packets at
entry and exit nodes.

But nobody implements effective cover traffic:  The reasons given
for this deficiency include concerns about bandwidth limitations
and processor overhead. 20 years ago these barriers were real,
today not so much.  I2P users have the option of hosting enough
torrents to keep cover traffic unrelated to their other uses of
that network going; this is not as effective as padding traffic to
maintain a uniform flow, but way better than no cover traffic.
TOR actively discourages file sharing, "because" this would cause
bandwidth and processor overhead problems.

I believe it would be much easier to persuade the TOR Project to
implement cover traffic, or to create a next generation TOR
network that does, than to persuade router makers to support
today's other than best practices TOR network by default.  But I'm
not sure that this can be done by any project based in a U.S.
controlled jurisdiction, as it would be contrary to the National


Version: GnuPG v1


More information about the cypherpunks mailing list