Tor history and technology, was Re: Dishonest Tor relay math question

Mon Jun 5 07:51:20 PDT 2023

On 06/04/2023 18:12, efc at swisscows.email wrote:

>> "Tor Stinks  -- NSA, vulns known since before 2012"

Well before, in fact before TOR was even started. The initial developers 
- Roger, Nick and Paul - were well aware of them. I was there in the bar 
when they discussed starting it. I was there again in a different bar 
when Roger announced he had gotten the initial funding.

I did point out the problems regarding global APTs, but they were all 
well aware of them anyway.

Roger's take was if properly implemented TOR would be effective against 
lesser adversaries like third world countries, some LEAs, and 
businesses. It was never meant to resist the NSA, the FBI or even the US 
Navy for that matter.

I'm not sure what Paul thought.

Nick was mostly just carried along as chief programmer. He had been lead 
programmer on Mixminion and "defected" to TOR probably because he 
thought it would be cooler. Incidentally this left Mixminion in a bit of 
a pickle.

> I was not aware of this, so thank you very much for informing. When it 
> comes to forking tor there is another problem though, and that is all 
> the infrastructure. Like FB, tor has some strong networking effects so 
> starting from scratch would be tough. I do hope that someone does fork 
> though, and that a new, stronger and less woke project might take over 
> instead.

Forking TOR wouldn't help any. The problem is user expectations, or 
perhaps perceptions of user expectations.

At one of the PET workshops {these discussed much of the academic 
background to the technology behind TOR, Mixminion etc} someone 
presented a paper on how long a user would wait for a reply to a web 
request. Up jumps an attendee who says he and some colleagues had 
already done a paper on this, and the answer was 5 seconds. Ooops.

Now for a 5 second maximum response time it is technologically 
infeasable to implement an untrusted onion network which resists attack 
by a global persistent threat like the NSA or GCHQ.The APT just 
temporally correlates data exiting the endpoints.

The network can introduce timing jitter and packet size standardisation 
or variation in order to make this harder, but with cost-limited dummy 
traffic and a maximum 5 seconds response time it can't reliably stop it.

It cain't be done.

On another note, I'm a bit out of date here, but at one point most TOR 
traffic went through German servers. Bet the BND loved that.

Peter Fairbrother