Posted Thursday 7th August 2008 14:45 GMT
Great, that's all we need, thousands more people streaming media via Tor, like it's not choked enough already. Wonder if these same people will put back what they got out by setting up a Tor relay when they get home.
DOUBT.
B
Posted Thursday 7th August 2008 14:52 GMT
China can just block any packets headed for a TOR node. Not rocket science. The IPs are easy to find. I do wonder why TOR proponents never realize this when talking about the product.
AC, as I'm a fan of TOR. But there are simple techniques a government could employ to stifle its use.
Posted Thursday 7th August 2008 15:29 GMT
Tor proponents do realize this. If you read about the Tor bridging design, you will realize that they are preparing for this eventuality. Just try something like
Tor censorship design
in your favorite search engine to find many links to presentations and documents about it.
Posted Thursday 7th August 2008 15:29 GMT
TOR has been broken for months. To find out what data is being sent, just pretend to be an exit node.
http://www.securityfocus.com/news/11447
Anonymity, shanonymity.
Posted Thursday 7th August 2008 16:08 GMT
people won't peel the great big 'freedom stick' label off the USB stick before use?
of course, if you're *that* thick...
Posted Thursday 7th August 2008 16:08 GMT
do journalists need access to Amnesty International's website to report on the games anyway?
"WAH" WAH" We haven't got unrestricted access to the internet"
Err yeah, that's because you're in China.
Posted Thursday 7th August 2008 16:08 GMT
For the China scenario, this doesn't work. All that's needed is an assurance that the exit node is outside China. Once that happens, it's outside their jurisdiction. Or are you saying that various Chinese sleepers (located outside China) are really going to pose as Tor exit nodes, sniff the data, and be able to pass it along back to the homeland without breaking some kind of data protection law in the country in which they're currently stationed (if not charged with out-and-out espionage)?
Posted Thursday 7th August 2008 16:08 GMT
TOR isn't a magical piece of software to make all your communications private. It's an anonymity tool. It hides your location from the site you're visiting, and encrypts your outgoing communication so it cannot be read by your ISP. Moore's attack relies on the TOR user enabling Java and/or Javascript, which has been a known weakness for a long time. Letting whatever sites you are visiting run scripts on your computer is no different than wearing a Guy Fawkes mask at the same time as a nametag with your name, address, and SSN on it.
Posted Thursday 7th August 2008 16:34 GMT
@Matthew Ellen
You are confusing data privacy and anonymity.
Anyone using TOR needs to read the instructions. Cleartext data at an exit node was never protected, that is not the point of TOR. TOR was deisgned to allow bloggers living under opressive regimes to post anonymously. Being able to read the post at the exit router is no problem, as the post is going to be public anyway.
TOR has separate entry and exit nodes, so even if you monitor an exit node you don't know the IP address of the user, as this is only known by the entry node.
So yes, you can read the traffic, but unless the traffic identifies the user, e.g. posting name and address in clear, it will be impossible to trace back to the user...
... UNLESS, as in the article you posted, you trick the end user into using a poisoned TOR proxy server on their local machine.
TOR isn't really broken, it's just possible to break it for an individual user if that user does not take steps to protect the proxy they run on their local machine.
Posted Thursday 7th August 2008 16:34 GMT
no surly not. that's never happened before....
oh wait....
Posted Thursday 7th August 2008 16:34 GMT
Install the NoScript addon - problem solved!
Tor is not broken, they've always noted that people will get caught out if they don't take extra steps to better their security. If you're about to use Tor for something illegal, you'd be stupid not to read the documentation first. If you're that stupid, you deserve to get caught with your hand in the till.
B
Posted Thursday 7th August 2008 16:34 GMT
You're confusing anonymity with privacy. TOR is good for anonymity (i can see what you're doing but i can't tell who you are) NOT for privacy. The exit router issue was known about since TOR's inception, it's part of the basic design of the network. Since the exit node decrypts the traffic when it sends it to it's final destination it can see all the traffic unless that traffic is also encrypted. Even if it is, as an exit node you're in a great position for a MITM attack. But the exit node can only see the last node that passed the data to it, it can't tell where the data came from before that and it can't tell where the data originated. It's almost impossible (as in it's impossible, but nothing's *technically* impossible) to back track the data to its source. You'd need to be running a large percentage of the exit routers in use and be able to compare their IO.
So the point is, if you're using the TOR network it's almost impossible to tell who you are or where you are coming from. It's trivial, however, to monitor the contents of your communication. In fact you have to assume that it's happening.
That makes TOR very well suited for dissident communication since they're not trying to hide the contents of their conversations, just WHO they are. That's really all TOR is good for, is staying ANONYMOUS. It also makes TOR very dangerous to transmit any secret or personally identifiable material, since you can assume someone is watching. Doing so may very well break the anonymity if the watcher can figure out from the captured info who you are.
TOR is good for what it's good for, but you have to understand how it works, use it carefully, and not rely on the magic privacy fairies to protect your shit.
The way it's being used in the article is outside TOR's intention, and won't work very well, since the network isn't designd for that kind of traffic. You'd almost be better off finding a land line and using your 56k modem to dial into someplace outside china. It would sort of work, though, if you had no other choice and were disciplined enough to NOT send anything to rat yourself out over it.
Anon, in keeping with the spirit of the article.
Posted Thursday 7th August 2008 19:01 GMT
Surely better to teach a man to fish than to give fish away.
Posted Thursday 7th August 2008 20:33 GMT
I don’t believe that operating a Tor node will be illegal per se. Come the turn of the year, JonDonym are not looking to shut up shop in Germany. JonDonym is a similar concept to Tor. It’s organized by the University of Dresden, but on a more commercial basis.
https://www.jondos.de/en/node/802
If you don’t log and retain all the connection data and the authorities ask you for it, then you’ll be in trouble. Will this be a requirement for all servers, such as game servers, BitTorrent nodes, etc? Are their going to be other EU states that will attempt to require similar in their implementations of the data retention directive?
While part PR stunt by the Chaos Computer Club, the timing is important. China has only recently started to restrict access to Tor websites. Increasing awareness of Tor inside China would be a good thing.
https://blog.torproject.org/blog/torproject.org-blocked-gfw-china%3A-sooner-or-later%3F
Following on from Anonymous Coward, both Tor and JonDonym have the concept of bridge relays. These are entry nodes whose IP address/fingerprint details are not part of the directory.
https://www.torproject.org/svn/trunk/doc/spec/proposals/125-bridges.txt
When you do look at the Tor directory, you see a lot of relays in Germany and very few in the UK. I wonder how much of this is down to British apathy towards privacy and how much is a fear that the police will smash down your door if something bad gets relayed via your IP address.
Posted Thursday 7th August 2008 21:35 GMT
.. just pop into any large multinational operating in one of the special economic areas in China, we've got nice VPNs back to the motherland. Nice perk for the locals, we get to show them what else you can use Tiananmen square for.
Posted Friday 8th August 2008 02:29 GMT
You can buy a dedicated server for about £40pm, with a terrabyte of bandwidth. You still have to trust the hosting company, or you could use your home PC and trust your ISP, with phorm, RIPA etc.
SSH tunnel (using a key setup prior to travelling to avoid MITM) through tor to a proxy running on the server and browse through that, have it store all your music, files, and even act as a remote bittorent client (as it's got more upload bandwidth.). It can also provide email, dns, nntp, ntp services all running inside the shell. Even better the laptop you take can be almost blank, using the remote server as storage or desktop, running locally in a sandbox, throwaway USB, to avoid writing to the hard disk. Meaning Chinese police will not be able to read inane reporting on fog levels.
One part missing from the inital media coverage was that China were not only blocking sites, but monitoring the traffic and logging it, just like the UK and USA do to their citizens. I sounds worse with China in front of it, but we in the UK tap phones, log mobile phone triangulation location, read emails, examine browsing habits, setup surveillance on people failing to keep bins empty.
Posted Friday 8th August 2008 09:30 GMT
This whole thing is blown out of proportion. The Chinese Gov care not that a westerner might want to look at information on TS or Amnesty (but why would you sit inside and read crap on the net when you could be out in a alien city on the other side of the world?).
They know that we know [the western spin] about these things already, what the Chinese gov care about is protecting their own citizens from the lies on the net.
Why they continued to block the hotels is more to do with the difficulty of providing working DNS to specific locations and not others than some kind of evil motive.
Posted Friday 8th August 2008 09:30 GMT
For two reasons.
1) You are beleaving the Chinese claim that the games is about sport and sport alown. Wether they like it or not people want to know about the rest of the country, which dose require access to "band" sights. China need to accept that if you host an international event it is not just that event, but the actions of your whole country that are under scruteny.
2) The Chinese government did say that there would be no restrictions when they were bidding for the games.
Posted Friday 8th August 2008 10:38 GMT
I often hope these people with frequent and terrible speeling mistakes don't have English as their first langwage ;)
Posted Friday 8th August 2008 12:25 GMT
vell dunn ze chermans!
if this isn't helping out your fellow man, i don't know what is.
respect.
cheers,
bill
stuff and nonsense: http://www.eupeople.net/forum
Posted Friday 8th August 2008 20:22 GMT
The Chaos Computer Club package mentioned in the article is a German package, as you might expect. You can easily modify the included Firefox to the language of your choice using about:config, but Vidalia remains in German. That's not so much of a problem as the speed at which the package operates ... it is extreeeeemely slow.
If you're just looking for a Tor/Vidalia USB-installable package, get an original one from Tor directly: http://www.torproject.org/download.html.en You can grab the one with just Firefox or the one with both Firefox and Pidgin (IM client). They're the "Tor Browser Bundles" and they work great!
Sign up, sign up for The Register's weekly IT security newsletter - click here
Back to the article
