Tor, the pentagon's cyberweapon

Wed Oct 14 16:14:30 PDT 2020

On Wed, Oct 14, 2020, 6:59 PM Karl <gmkarl at gmail.com> wrote:

>
>
> On Wed, Oct 14, 2020, 6:34 PM Peter Fairbrother <peter at tsto.co.uk> wrote:
>
>> On 14/10/2020 18:22, jim bell wrote:
>>
>> > Last year, I tried to start a discussion to implement a new anonymity
>> router network, perhaps using the Raspberry Pi computers.   I got a quote
>> for 500 Raspberry Pi's, at $70 each.  I included a few ideas, some old,
>> some new:
>> >
>> > 1.    Routers could be anywhere, but would include homes and small
>> businesses.  Anyone who has an Internet service with an adequately-large
>> data cap. (Recently, I saw that CenturyLink had removed the data cap from
>> some of its internet services. especially fiber.
>> https://www.highspeedinternet.com/resources/which-internet-service-providers-have-data-caps#:~:text=CenturyLink%20has%20a%201%20TB,you'll%20enjoy%20unlimited%20data
>> .
>> >
>> >   And their data caps, where they still exist, are 1 terabyte/month,
>> which I think would be plenty for an anonymity network.
>>
>> The problem is that a reliable cheap anonymising network for low-latency
>> traffic like web traffic is basically impossible.
>>
>> Tor is about as good as we can get. When I was designing m-o-o-t I
>> didn't include any web anonymiser for that reason.
>>
>> The problem is traffic volume and latency. If we want low-latency web
>> traffic - nowadays [1] that's less than 4 seconds - we can't include
>> fixed file sizes with realistic constraints on traffic.
>>
>> To put some BOTE numbers on that, suppose you want to provide for 1
>> million concurrent users. You have about 150 TB per month user traffic
>> to play with (500 x 1TB, ~3 hops), 150 MB per month per user, or 450 Baud.
>>
>
> Could you explain your math here?  How did 500TB/3 (am I wrong?) become
> 150MB?
>

Well, I see what I did wrong there now, but Peter, 1TB per user is only a 3
Mbps connection (right?). Shouldn't the bandwidth just divide by the number
of hops?

>
>
>> Ouch.
>>
>> > 2.    Extensive chaff.   (which, of course, is an old idea, strangely
>> it's not yet implemented in TOR)
>>
>> Like fixed file sizes - essential for anonymity - chaff and covertraffic
>> takes too much traffic, see above.
>>
>
> I don't see how what you said above is related to whether the data is real
> or decoy.  Obviously you would keep the sum of the two constant.
>
>
>> > 3.    "Output nodes" would output only in encrypted form, so that
>> people generally could not get in trouble for acting as an output node:
>> Their output could be monitored, but not understood as to its content,
>> since it would look like random data.
>>
>> That doesn't work - the users want to connect to any web server
>> somewhere. You could enforce eg TLS but even that does not hide file
>> sizes..
>>
>
> Enforcing TLS is much more reasonable nowadays.  (You could add a plugin
> to use http tricks to hide file sizes.). Not what I would focus on once it
> gets nonsimple.
>
>
>> > 4.    I also thought of an idea that such a network should implement
>> multiple algorithms for networking, simultaneously, limited only by
>> people's imaginations:   People  frequently talk about new ideas for
>> anonymity networks, but how might they try them out in practice?   If an
>> anonymity network is fated to have ONLY ONE routing method, then all new
>> such methods cannot be easily developed:  You'd have to physically build a
>> new network, along with all such associated costs, for each new routing
>> method.  That's completely illogical.
>> >
>> >     Should there be any limit to the number of kinds of routing done?
>> It's all software.   One advantage of this feature is that all these
>> different routing algorithms are mixed together, such it should be harder to
>>
>> That's OK if you are doing development, but not for production - unless
>> the users decide the routing, as in eg Mixmaster. But you can't (or
>> shouldn't) use an anonymiser if you don't know whether it is going to
>> work!
>>
>
> Seems reasonable to make this pluggable.  Final use would need all users
> to look the same, and no exits have a predictable source.
>
>
>> > TOR is doubted for many good reasons, but if it is generally agreed
>> that some form of anonymizing network is needed, then people should be
>> willing to work to provide an alternative.
>>
>
> Seems to me the smaller it is to build the more likely it is to reach
> completion and use.
>
>
>>
>> I was at some of the early meetings when Roger Dingledene, Paul
>> Syverson, Lucky Green, Nick Matthewson, Len Sassaman, myself and others
>> were talking about a web anonymiser, which later became Tor.
>>
>> Other people at those meetings included many if not most of the top
>> anonymity researchers, and some of the top cryptographers, in the world
>> at that time. Tor was not conceived as is was by accident or in
>> ignorance [2], many people (including myself) thought it was about the
>> best that could be done.
>>
>>
>> Roger's thought was that TOR would make mass surveillance difficult and
>> it would be worth doing for that reason, even though it wouldn't prevent
>> targeted attacks by major adversaries. At a set of meetings the next
>> year Roger had gotten some funding, iirc from the US Navy, and Nick had
>> started work on coding.
>>
>> I bowed out almost immediately, Len and Lucky bowed out after a while,
>> because we knew it couldn't be done securely on the user level.
>>
>> After that I pretty much lost interest, though I did keep an eye on the
>> project.
>>
>>
>>
>>
>> The problem is that it's a super Zooko's triangle - you simply can't get
>> reliably anonymous, low-latency and cheap anonymous web traffic.
>>
>> You probably can't even get reliably anonymous and low-latency, at any
>> price.
>>
>>
>>
>> Peter Fairbrother
>>
>>
>>
>> [1] Acceptable low latencies vary according to use and user expectations
>> - fifteen years ago people would wait 20 seconds or more for a web page
>> to load, nowadays they lose interest at 4 seconds. Actually maybe less
>> now, that figure is several years old. And for interactive speech or
>> video latencies should be subsecond.
>>
>> [2] or with evil intent, at least from Roger and Nick.
>>
>> I don't think Paul had any evil intent either, but he was USN and is
>> therefore suspect. It's like my friend from GCHQ - we are friends and we
>> were sort-of colleagues until I retired, but it's a bit like having a
>> policeman live next door - even when you have done no wrong you are
>> always aware that he is a policeman.
>>
>
> My gut is that evil intent is pretty rare in a group of like-minded people
> putting work in.  It's more likely people are acting on differing
> information or experiences, or can't escape something difficult.
>
>
>>
>> One curiousity, the .onion part of the TOR infrastructure was largely
>> driven by Paul.
>>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 9619 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20201014/8417378f/attachment.txt>