Gee I wonder......
Maybe finding out that the NSA snoop every last thing you do?
The privacy-enhancing Tor network has seen its total number of users per day more than double in the last month, reaching the highest levels since the project first began compiling usage statistics. Graph of Tor users for August 2013 Tor traffic was up all over the globe in August 2013 – and we do mean up (Source: Tor …
Maybe finding out that the NSA snoop every last thing you do?
Tool invented by the American security services, do you really think that you are safe?
They probably do think they're safe. Much easier to find and mission accomplished.
>>Maybe finding out that the NSA snoop every last thing you do?
Which isn't true now, is it?
Open source Tool invented by the American security services, do you really think that you are safe?
Fixed that for you.
it's good news. The more users, the faster the network (presuming they choose to route traffic for other users) and the better the anonymity (more traffic = more noise for someone focused on a specific user).
My understanding is that a TOR client does not route traffic for any other client. For that, you need a TOR node. More clients will not improve TOR's speed. In fact it will do the opposite and slow TOR down. Instead, you need more TOR nodes. From what I've seen, though, service/hosting providers don't always like TOR nodes on their networks.
Last I checked any tor client can choose to also become a node.
Your understanding is incorrect.
I qualified my statements with "presuming they choose to route traffic for other users". Diziet got it - any client can become a node if they choose. It is this type of user that will improve network performance.
"From what I've seen, though, service/hosting providers don't always like TOR nodes on their networks." - This is true only for exit nodes - that type of node serves as a boundary between the Tor network and the traffic's ultimate destination. The other, more common, type of node simply routes traffic between two Tor nodes. The traffic through this type of node cannot be inspected because it's encrypted, so ISPs have to basis for complaints.
If they want to know why more people are using it, they should just ask the users.
According to Obama & Co. the only users are terrorists.
Given the apparently current definition of "terrorist" as "Someone who objects to the oligopoly", I would not find it hard to imagine a 100% increase in the number of "terrorists".
And for Cameron/Milliband (oh bugger it, candidate of the day) & Co, Pedos (Sic) are the others that use it.
That stacks up actually, cos don't various US Agencies run exit nodes?
Exit Nodes only become an issue if you're exiting the TOR network, and can be somewhat mitigated by only using HTTPS outbound. If you're using TOR hidden services it's an entirely different ball game.
After all a tor hidden service can even solve some complex problems. It's a simple way to punch through NA(P)T and to make sure you don't need to worry about changing IP-addresses. The good side effect is that you can add more noise to the spooks.
of their new Tor surveillance system.
They already know perfectly well what is going in and what is going out, so they just need to map the inside of the onion. If they flood the network with enough nodes, they can build up a connection map and re-trace most connections. That would also explain the explosion in Indian Tor usage. Probably some big outsourced server farm to cut costs.
Now where did I leave my tinfoil head... ?
exactly what I thought. When they have half of the nodes under their control it is very likely that they get to check most of the traffic.
Anon for obvious reasons
Anon for obvious reasons
No offence, but do you really think they care about what El Reg's commentards speculate?
And if they care - do you think posting anonymous will protect you?
Ah there it is - (putting on tinfoil hat)
Do you really think they don't look at what El Reg commentards are speculating on? Although that will be "open source" intelligence, and probably a different department to the NSA.
I hope you're not suggesting that the magic "post anonymously" tick box doesn't protect you from all the baddies....
So TheReg is just working for the man?
Quickly gets coat and starts to wrap it in tin foil to match my hat....
>>Do you really think they don't look at what El Reg commentards are speculating on?
Since Tor is real time and only lightly used, and huge parts of the network are monitored you can simply do the following attack:
Look at the amount of network traffic going through all points you monitor over time. Find correlations, those correlations likely result from the same connections going through those points. So even if it's encrypted and the addresses have been changed, it'll still have the same "beat". That's trivial to do if you monitor the whole network. In fact in many cases only a single connection will go through a Tor node. That's trivial to break.
The only way to get around this is to ditch real-time. Just have fixed sized messages. Then collect n of those messages at one of your mix points (which Tor already has) and send out m once you have collected enough information.
Back when Tor was created nobody thought that such a full surveillance was even possible.
Using a live version of Linux leaves no tracks on your computer's hard drive. And if that live Linux also implements TOR, then what's not to love?
Billed as "The Amnesic Incognito Live System," Tails is based on Debian Live 6.0.7.
Disclaimer: I am in no way affilated with the Tails project.
You download the iso file and burn it to a DVD blank. You can then use it to boot into Tails. It provides for making a bootable USB stick. Using a USB stick allows you to use the free space on it as a password-protected persistence folder. For instance, I have my bookmarks.html file from Firefox in it, so that I can load my bookmarks into the Iceweasel browser.
All online activity is forced onto TOR. The Linux kernal is version 2.X, which means that the Broadcom B43 wireless in this old Gateway laptop works; moreover the driver is included and activated. (Yes, I'm in Tails right now.)
It's free, so if you've been considering using a live operating system, it's worth a shot.
I was wondering about using Firefox in Tails instead of just using a Tails icon for Firefox.
Will now definitely be interested in looking into Tails (not the same way Amy does though).
Thanks for the info on getting it to work. How big a USB stick is needed?
There is/was a "TOR button" addon for Firefox, but it's preferable to use the TOR Browser Bundle (which includes its own Firefox install) if you don't want to boot another OS. Using TAILS or Liberté is of course preferable to both.
A 1 Gb USB stick should be enough - the live CD is <700 Mb so you should have some room left over for persistent data.
The word Anonymity has never meant so much since Tor exists.
There is a darker side to the DeepWeb but it has always existed on the normal web as well, it was just a case of knowing where to look.
But the Tor is also useful for browsing other subjects which can be taken out of context and used against you. Ask anyone that has an interest in firearms, explosives, spy gadgets, cannabis, ( the list can go on for a long time) if they feel safe browsing the normal web nowadays. ( OK explosives is a bit overboard but from a technical point of view a very interesting subject)
I don't want or need Google et al recording everything that I am doing online, even if I am simply surfing for games or guitars: that is my business and I would like to keep it that way.
It's no longer about wearing tinfoil hats through choice, it has almost become a necessity.
"Ask anyone that has an interest in firearms, explosives, spy gadgets, cannabis, ( the list can go on for a long time) if they feel safe browsing the normal web nowadays."
Me: Um,... self, do you feel safe knowing you have done the preceding in addition to researching and tracking US military aircraft and their deployments in the last week - particularly the electronic command and control planes - not to mention your hobby of using Google Earth to check out airfields both civil and military all without even https?
Self: Don't you have some of that violent porn that Cameron et al. want to ban to jerk to before you visit your lady friend tonight, smoke the finest BC bud and perform acts that make the aforementioned grumble flicks seem like puritan sex ed?
/one man satire web theater
If Google doesn't record what you do, how can it provide you with what you want? The "flags" you listed pretty much apply to half the 18-35 male demographic, not exactly a good start for haystack needle searching.
If you need someone to taste/critique Cannabis Cup quality pot for you, drop me a line (just ask the NSA where I am).
Well done NSA, you made realize many people what privacy violation means and implies.
Be interesting to see if there's been a proportional jump in data volume (if that's possible to obtain). For example, if there's a doubling of users but less than double the volume handled then it could suggest the clients are being used to exploit the network. OTOH, if there's been a bigger jump in data volume then maybe one of those Chinese ''users" is the Chinese government email gateway...
I imagine there are a lot of people who had never heard of TOR until just lately.
ThePirateBay just released a TOR browser on Aug. 10th
"ThePirateBay just released a TOR browser on Aug. 10th". So funny, all those desperate to pretend it's because of some higher moral happening, when the most likely answer is it's just kiddies trying to download illegal copies of films! ROFLMAO!
So, the TOR browser is just used for downloading copyrighted material, is that what you're saying Matt?
Run 3 hobby niche websites, (very low traffic).
First noticed mid/late July, and now daily, seeing TOR IPs concurrently observing hack-attacks and spambot signups.
404's for various not installed web-admin interfaces, also now via TOR IPs.
'Tor users in the US and the UK made up a large portion of the total in August. Around 90,000 Americans were connecting to Tor daily at the start of the month, but that figure grew to around 150,000 daily users by the end. UK daily users grew from around 16,000 to more than 35,000.'
As the Tor Project itself describes it, 'Tor prevents anyone from learning your location or browsing habits.'
So how do they even know the location of the new Tor users?
Tor allows you to choose an exit node in a particular country, or an exit node that isn't in a particular country.
This is useful if you want to visit a website that is censored by the authorities in some countries - China, UK and North Korea do that quite a lot. It is also useful if you want to visit a website operated by a racist website operator that provides an inferior experience to visitors who are not from certain countries. Most providers of streaming video services have racist access policies, including the BBC and Hulu.
Good point, one can of course manually set an exit node so that you always appear to be located in one geolocation, rather than the default random selection at startup.
But the article seems to be suggesting that they know the *origin* of Tor users, hence the stats that show the recent increase in use from US, UK and India, for instance.
Or did I read this wrong, and all they're saying is that there's in increase in Tor traffic from certain exit nodes?
"Most providers of streaming video services have racist access policies, including the BBC.."
Fancy clarifying that?
Is the BBC checking my ethnicity before delivering Bargain Hunt to my 'puter, or could they possibly be trying to restrict it to those that have a higher probability of having paid the licence fee?
I think it would be more correct to say it prevents any one person from learning your location and browsing habits. It's still possible to compile a list of IP addresses that are connecting to the network, and the ones that don't appear on the list of relay or exit nodes will be the end users.
I haven't paid a licence fee, but because my IP address is British, they are perfectly happy to deliver Bargain Hunt to my computer. There are plenty of people around the world who would be more than willing to pay £145.50 per year to watch Top Gear, but if they don't have a British IP address, then the BBC doesn't want their sort anywhere near their servers.
However, what I'd really like to know is
1. Is Tor for normal people or just for subjects wishing to be nefarious?
2. Would me using Tor ring any alarm bells with my ISP/the law/anyone else?
3. Can't whoever is an exit node see all of my traffic? Or only just select packets? Or only just select conversations (e.g. an SMTP trace)? If I have Tor, it gives me anonymity but not security, so what else should I be aiming for?
1. Definitely both. Consider this for instance.
2. It will almost certainly increase the chance that the NSA (or equivalent agency) monitors your internet use closely. I don't think anyone lower than that has much interest.
3. It picks a different exit node every few minutes, but yes, they can eavesdrop. The obvious, though not necessarily foolproof, answer is to use other encryption such as HTTPS on top of it.
Users of TOR should remember that the German High Command believed that the Enigma system was impenetrable, with the possible exception of Admiral Donitz.
It's entirely possible that the whole system is transparent to the NSA, GCHQ etc. Even though it's open source let's not forget its origin.
... and Room 40 obviously.
Given that The Onion Router relies on the user encrypting the traffic for each node along the selected route, each node should be unaware of what lies beyond the next node. The dangers are:
+ the traffic leaving the exit node is transparent to the exit node if HTTPS hasn't been used.
+ that the complete series of selected nodes has been compromised, and your destination can be determined.
+ that your ISP or some agency detects you connecting to a TOR IP address and determines meaning from this.
+ that the encryption algorithms we use today have secretly been broken.
"You know Old Boy. We've got a load of those damned Enigma machines that we captured from the Jerries. The Germans swear by them, and I believe the Ruskis are giving them a go now. As a friendly power would you like a few? Got to keep those communications hush, hush - wink, wink - what, what?"
From what I've read, the most likely attack is based on timing. If someone is monitoring both your entry and exit nodes, they can correlate the two based on the chunks of encrypted data going through.
Linux format had a copy of TAILs as their cover DVD at the beginning of the month. Not that I read it as I prefer Tractor fondling monthly (available at all good newsagents and still without a brown cover)
So, did VPN traffic have a similar uptick?
ajtnj lisbe grutb sqitn iiycs wtiim xxsoh afjuh qiues wgyum awmbs pyinf wwdsy mmugr xsbgh wyukf oyrnh askil opiud reeeg.