Inside the EYE of the TORnado: From Navy spooks to Silk Road TOR is the most widely used system for the provision of anonymity for internet users. I'll look at how TOR came about: its beginnings in the US Navy; growth and use by both pro-democracy freedom fighters and the less savoury elements of the internet; and how the NSA may have managed to peel the onion router for the FBI to help …
"With every user functioning as both an entry and exit node and being on relatively modest connections,"
"The conspiracy theorists would argue that most of the exit nodes are now controlled by the government, as are the hosts"
So, are exit nodes any user? or specific ones?
I don't really know much about Tor, but both can't be true
I don't think the author is particularly well informed, especially with regard to terminology. Starting with the (admittedly trivial) fact that Tor is a name, and properly capitalized as such, despite its acronymic origins.
But more importantly, exit node has a specific meaning, and it most definitely doesn't refer to "every user". It's also 100% incorrect that everyone using Tor automatically shares bandwidth, either as an exit node (i.e. a gateway to the normal internet) or otherwise. You have to specifically turn on sharing if you want to help out.
The article seems confused about the JS exploit incident too. The exploit was specifically inserted in hidden service websites hosted by Freedom Hosting (which incidentally included legitimate sites like webmail service). So I'm not sure in what sense it could be "not aimed at Freedom Hosting". And then in the second paragraph down it starts talking about exit nodes again, when hidden services like these don't use exit nodes.
Why don't you trial a flag/checkbox for the comments like "This comment contains corrections to the article?" and have those comments automatically emailed to the duty editor when posted? Much easier/more natural from a commentard standpoint. And having it linked to a profile means you could revoke the ability to submit corrections if you get nutters correcting every article with "9-11 WAS AN INSIDE JOB ORCHESTRATED BY ELVIS BECAUSE WALL STREET FOUND OUT THE TRUTH ABOUT THE MOON LANDINGS" or somesuch.
> As encryption and communication methods evolved, TOR was no longer required by the government.
> The Navy let go of the technology in late 2002 and its support was taken over by famed US military
> bonkers-boffinry bureau DARPA (the Defense Advanced Research Projects Agency).
>
> However, some have hooked onto this awesome technology and have taken to trying to torrent through
> TOR. It exposes the IP addresses of all of the members of the BitTorrent swarm – which destroys the
> security of users and jeopardises the people running the end node.
Tell me again why it was ditched. Something to do with intelligence?
Military intelligence?
> I will shortly be reviewing the TORplug, a plug-in device that will allow you to browse the internet using
> TOR without installing any software on your computer.
I want one of those. Something I can take with me to the local library/school or college. Will you be showing us how to make sure it isn't made in China?
If you're in the UK and you run a tor relay node, then you might get blocked from BBC iPlayer (and all the other bbc.co.uk sites). We did, and after two months, we're still blocked :(
On the other hand, it's interesting to see the difference in bias between news.bbc.co.uk and bbc.com
Thanks for bringing this all together, I would like to know more, particularly the risks - I can see that an early mistake will blow your cover for ever. What is the deal with regard to getting involved?
I feel bound to make an attempt to "seed" rather than just leech, to contribute to the network - but then I really don't want child porn to get any help from me. I certainly don't want anyone having good reason to knock on my door.
Like many Reg readers, I know of people, ahem, that might occasionally be interested in Silk Road sorts of produce. In any case I'm strongly of the opinion that consenting adults in private can consume whatever they want, it's not a decision for the Daily Mail, or their government lickspittles to make.
In many ways Silk Road takes the organised criminals out of the system, like eBay makes it's easy to be a small player.
So, my friend wants to know how to set-up an untraceable bitcoin account, how to set-up a Tor node without being traced to the original download, and how to help it along with minimum risk.
Thanks :)
If you only run a relay node (not an exit node) the chance of getting a knock at your door is pretty much zero. It has never happened as far as I'm aware. (Obviously I'm assuming you don't live in China, that wouldn't be a a different situation.)
You do risk getting blocked from certain websites though, since apparently they can't be bothered to distinguish between exit and relay nodes despite the Tor Project publishing a list of which is which.
Configure your Tor installation to act as a middle-man relay only. Exit nodes are at risk because plaintext sniffable traffic emerges from them to the net-at-large. Middle-man nodes contribute to the overall bandwidth of the network, but handle only entirely opaque blobs of encrypted data.
Yeah, I was going to say in light of the article that acting as a middleman relay and shuffling already encrypted traffic will likely leave you immune from the door knock as
1. You are receiving from one node and passing to another like pass-the-parcel
2. You cannot know what the nature of said traffic is by design.
3. Caveat, they're arsehats so never say never.
I've always assumed that using Tor would bring attention to oneself in the same way that sending encrypted emails flags attention.
This story only seems to confirm that fact. Why wouldn't it? Given the Government's original involvement in Tor together with Snowden's revelations etc., it's obvious to me that Tor would be carefully monitored by any and every available means.
Frankly, I just don't believe that one's privacy can ever be truly secure on the net whilst source and destination IP addresses exist in their current form—irrespective of what obfuscation system one uses in the middle.
Seems to me that these days only the stupid and the desperate would be sufficiently foolhardy to transmit incriminating data across the net, irrespective of the means by which it is done.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
