Anonymnity: Introduction To The Tor Network in Security

Re: Anonymnity: Introduction To The Tor Network

Fri, 23 Sep 2005 14:02:30 EDT

said by jp10558 :

You do check the cert details right?

:-P

Of course!

Re: Anonymnity: Introduction To The Tor Network

Fri, 23 Sep 2005 11:23:22 EDT

said by dslcerize :

jp10558: Ok, so it really is that simple. Now, a spoofed page on an unencrypted conversation I can live with, but one on an encrypted conversation I can't. Is it possible to spoof eg. an SSL page without it being revealed through a certificate mismatch, as Novaflare seemed to be claiming?

Not as far as I know. I mean, they could try the traditional spoofing techniques - getting a domain that looks similar to the original one - trying to get a cert signed by verisign or whoever that is close, but they won't be able to have the real cert/domain.

You do check the cert details right?
--
Opera 8.5(Build 7700); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Outpost Pro 2.7;Proxomitron 4.5j Grypen 8/28/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Fri, 23 Sep 2005 07:26:06 EDT

dslcerize : jp10558: Ok, so it really is that simple. Now, a spoofed page on an unencrypted conversation I can live with, but one on an encrypted conversation I can't. Is it possible to spoof eg. an SSL page without it being revealed through a certificate mismatch, as Novaflare seemed to be claiming?

wormie: yes, that article was good; in fact, it was where I heard about Tor in the first place!

Re: Anonymnity: Introduction To The Tor Network

Fri, 23 Sep 2005 00:47:39 EDT

wormie : Roughly on topic, there's a decent column on Securityfocus about anonymity that mentions Tor and addresses some of the bigger issues concerning anonymity. Worth reading for the curious.
--
What Would Jim Jones Do?

Re: Anonymnity: Introduction To The Tor Network

Fri, 23 Sep 2005 00:12:34 EDT

jp10558 :

said by dslcerize :

Lastly, people have said that you wouldn't want to use Tor for everything. Could somebody explain why?

Well, for all of the reasons above, mostly because of the performance hit using TOR - your browsing will be noticably slower, and you might be more likely to get a spoofed page.

It's a math problem - does the need for anonyminity outweigh the issues raised in this thread?
--
Opera 8.5(Build 7700); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Outpost Pro 2.7;Proxomitron 4.5j Grypen 8/28/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Thu, 22 Sep 2005 18:35:39 EDT

Daniel :

said by dslcerize :

Does my logic up to this point make sense? Am I understanding Tor correctly?!

Absolutely. I think you're one of the few who do actually get it. Great post.
--
grepunderstanding.com -- grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Thu, 22 Sep 2005 17:36:55 EDT

dslcerize : Hi,

I'm a complete novice at this kind of stuff, but I've read some documentation on the Web, read and digested this thread, and I would be grateful if someone could read my thoughts below and inform me if I am correct in my thinking! I know this thread ended a while ago, but the reason I post here is because there are clearly some people who know what they are talking about on this thread, and put their point across clearly, and so I would be happy if they in particular could help :-)

My thoughts:

There are two kinds of anonymity: hiding your identity (IP address) from the person (machine) you are contacting, and hiding it from eavesdroppers. Tor appears to be able to do both, but the fact that there is a distinction between these two things appears to have been implicit but unspoken in some of the posts in this thread, and overlooked in some of the others.

Using Tor prevents eavesdroppers /and/ the recipient from seeing that a conversation started with me. So long as I don't make my identity known in other ways, I am anonymous in both senses.

Tor is the same sort of thing as a chain of (perhaps paid-for) anonymous proxies. The (only?) important difference is that you should probably distrust the first proxy in the latter case(*) but not with Tor, whereas you /must/ distrust the end node when using Tor but perhaps not in the latter case.

(*)There really do seem to be grounds for not trusting the first proxy of a "conventional" anonymous chain, even if it is a paid-for service which has a vested interest in keeping your identity hidden. This is because of data retention laws etc. etc.

On the other hand, I do not see a problem with distrusting the end node as long as you are not passing unencrypted private data out of it. (Without encryption, the content of your conversation is wide open by default. If you want to hide the content, you must use some extra approach such as encryption (perhaps using GnuPG?). But this is true of conventional anonymous proxy chains, too.)

There have been several statements in this thread along the lines of "you wouldn't use Tor to contact your bank, because what's the point of being anonymous when you have to identify yourself the bank at the end anyway". It seems to me that this is confusing the two types of anonymity I set out above. Perhaps the reason I wish to use Tor is not that I don't want the bank to know who I am (which would indeed be silly) but that I don't want my ISP or any other eavesdropper to know that I use that bank. When you replace "bank" with something more controversial, the importance of anonymity towards eavesdroppers increases. Being anonymous to the recipient may or may not be desirable, but it's a different issue. Note that the untrusted end node is not a problem in this scenario so long as you are encrypting your conversation (eg through SSL).

Next, there are sites that I might wish to use, where I don't care about encrypting my conversation (and where encryption is not possible, such as accessing certain websites which do not support encrypted conversations). But even here, it doesn't matter that I don't trust the end node. If someone intercepts my conversation at the untrusted node, well who cares, they don't know it was me in that conversation anyway. All that matters is that eavesdroppers cannot see that I am reading such a website.

Does my logic up to this point make sense? Am I understanding Tor correctly?!

What worries me about what I've read is the point that Novaflare was trying to make (I think! That guy's a salutary lesson in the importance of good schooling... ;-). What if the untrusted end node could change the content being sent back to me? I don't know anything about whether or not this is possible. It appears that the untrusted node couldn't fake an SSL conversation, because the certificate would no longer match. (But then Novaflare talked about caching or something, so is there a problem here? No-one actually answered this question directly.)

But it certainly seems that the untrusted node could fake an /unencrypted/ conversation, and so the golden rule would be never part with private information in an unencrypted manner. But then this is a golden rule on the Internet anyway and, as was said many times, that is not a "flaw" in Tor, because Tor doesn't claim to be an encryption mechanism, it is purely an anonymiser!

What Novaflare was trying to say seems to boil down to this: people should be /even more/ wary of parting with personal data over an unencrypted channel if using Tor, because it is easier to turn a Tor node evil than to turn a "normal" Internet node evil. This makes sense to me.

Lastly, people have said that you wouldn't want to use Tor for everything. Could somebody explain why?

Thanks for reading all this!
A.

Re: Anonymnity: Introduction To The Tor Network

Fri, 02 Sep 2005 01:48:46 EDT

Daniel :

said by wormie :

As for anonymity itself, I'm not convinced that 10 hops is better than 3 hops, so long as the protocol is implemented in a way that prevents a node from seeing anyone except its immediate predecessor.

True, but assuming the number of Tor servers goes up by 10000% and the number of malicious Tor servers goes up by only 500%, then we lower the chances significantly that an exit node is going to be a malicious host and/or that large portions of the network can be compromised en masse.

It's true that three nodes is enough to hide a source if the systems is working the way it should, but the higher the number of legitimate vs. malicious ones on the network, the more integrity the network has as a whole. It seems to me that a superior ratio of benign vs. malicious hosts would help most, if not all, of the issues that have been raised by detractors in this thread.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Fri, 02 Sep 2005 00:48:26 EDT

BeesTea :

said by wormie :

On a different note, it's very odd to me that a program as simple as Tor could produce a thread such as this. Anonymity seems to bring out surprisingly strong feelings.

It seems that the longer the paper, the fewer people who read it, but then post on it. It makes for a longer thread due to arguing points that aren't related to the paper.
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Fri, 02 Sep 2005 00:26:28 EDT

wormie :

said by Daniel :

Once the network is more stable and has more nodes, you'll be able to say use 5 hops or 10 hops, etc. That will help the issues raised tremendously.

I'm not so sure that's true.

The issues raised by the paranoiacs are that node operators can grab your info (assuming you're unencrypted of course). More hops = more evil node operators. Those who mistake anonymity for encryption will just see this as a sign of more potential breaches of security. They're missing the point, of course ;)

As for anonymity itself, I'm not convinced that 10 hops is better than 3 hops, so long as the protocol is implemented in a way that prevents a node from seeing anyone except its immediate predecessor. More hops = more latency = fewer users. About all it gains you is that hopefully at least one node of the 10 doesn't retain its logs, but really nobody running a Tor server should be doing that anyway. Otherwise it's theoretically possible to backtrack all the way to the source, defeating the whole point of the network.

On a different note, it's very odd to me that a program as simple as Tor could produce a thread such as this. Anonymity seems to bring out surprisingly strong feelings.
--
What Would Jim Jones Do?

Re: Anonymnity: Introduction To The Tor Network

Thu, 01 Sep 2005 21:49:47 EDT

Daniel :

said by ghost16825 :

said by jshfld :

As far as I can see the biggest hurdle for Tor achieving this potential is, contrary to what some have suggested, massive numbers of servers.

Spot on. The Tor website has said words to this effect ss well. The more servers, the higher anonymity for Tor users.

Yep. And not only that but the project is soon going to support using a higher number of hops. Once the network is more stable and has more nodes, you'll be able to say use 5 hops or 10 hops, etc. That will help the issues raised tremendously.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Thu, 01 Sep 2005 20:49:25 EDT

ghost16825 :

said by jshfld :

As far as I can see the biggest hurdle for Tor achieving this potential is, contrary to what some have suggested, massive numbers of servers.

Spot on. The Tor website has said words to this effect ss well. The more servers, the higher anonymity for Tor users.
--
Admin of the Kerio 2x-like open source project:
http://sourceforge.net/projects/kerio/
http://kerio.sourceforge.net/

Re: Anonymnity: Introduction To The Tor Network

Thu, 01 Sep 2005 20:29:15 EDT

Daniel : Excellent points. Why are so many of the smart ones from Canada?

Re: Anonymnity: Introduction To The Tor Network

Thu, 01 Sep 2005 20:06:30 EDT

jshfld : Having read the entire thread it seems to me like Tor in conjunction with SSL has the potential to create a truly private internet experience. However, Tor is currently still in its infancy (what do you think a 0.1.x release from M$ would look like? :o) and as such is not to be used for any mission critical tasks. The argument that anonymity hasn't historically been a right is bogus. Anonymity is a form of privacy in that it is my right to prevent you from knowing that I am meeting with someone. In the physical world I can use various means to ensure that I am not being followed before meeting with someone and tor allows me to do something roughly analogous in the digital world.

As far as I can see the biggest hurdle for Tor achieving this potential is, contrary to what some have suggested, massive numbers of servers. Any government, criminal group or ISP that sets up a tor server is doing the services users a favour since I really don't care if they capture a copy of my bits because I'm operating under the assumption that my bits will be intercepted by someone (ISP's already can and do look at the bits I send over their network) and I am going to apply a level of encryption that reflects the degree to which I wish to keep the information in those bits private. But, each additional server makes it more difficult for people who wish to ban the service from doing so and simultaneously increases the flexibility of the network (with a sufficiently large network the network could support a user configurable number of hops and customizable geographic filters making it possible to increase or reduce the level of privacy your location enjoys).

As far as the claim that tor is unable to cope with a global adversary I think that in a fully deployed form it would quite literally have to be a global adversary and even then there would need to be some independent means of focusing in on individuals to target. Consider:

100,000 tor servers around the world, 100,000,000 users and I'm using SSL (or better if I'm really worried) encryption, for anyone to have an inkling of what I'm doing (that is put together any two of who I am, what I'm doing, where I'm sending it, and why I'm doing it) would either require them to have a back door in the network (then they could get who and where) or have a means to brute force my encryption (giving them a 3/100000 chance to get my bits for every server they had).

The idea of a back door seems kinda like the idea that Armstrong stepped onto a Hollywood set rather than the moon (the US government was working on it for their own agents, the last thing they would've wanted would be one mole stealing the info on the back door and a month later losing every agent they had in the field).

In other words tor has a sound footing but is still years away from being ready for the Chinese defector, secret merger negotiation, or just the user who isn't willing to take a performance hit to protect their location.

P.S.: The login form on the paypal homepage is SSL, unlike the rest of the homepage, so the idea that using paypal with tor is dangerous is nonsense. Although it begs the question: why do you want to hide your ip address from a company that has your credit card number and physical address? ;)

Re: Anonymnity: Introduction To The Tor Network

Fri, 26 Aug 2005 07:44:35 EDT

Cudni : Is the flaw in the protocol used or in how it is used?

Cudni

Re: Anonymnity: Introduction To The Tor Network

Fri, 26 Aug 2005 07:32:13 EDT

Daniel : That's definitely an issue, but it's an implementation problem, not one of design.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Fri, 26 Aug 2005 07:18:31 EDT

Cudni : from
»www.securityfocus.com/bid/14659/discuss
"...
This vulnerability allows attackers to gain access to the negotiated keys used to encrypt the communications between Tor servers and clients. This allows attackers to read or modify all the traffic that is sent from the targeted user over the Tor network. The anonymity, confidentiality, and integrity guarantees of the network are lost through the exploitation of this issue. ..."

Cudni
--
What is now proved was once only imagined.
Help yourself so God can help you

Re: Anonymnity: Introduction To The Tor Network

Tue, 23 Aug 2005 13:15:36 EDT

jig :

said by BeesTea :

The idea being that a man in the middle cannot determine where the source of the packet is.

as long as the man in the middle isn't an entire dummy tor network itself. but i guess deception on that scale is a 'global adversary'.

is the performance of tor good enough to watch streaming video?

Re: Anonymnity: Introduction To The Tor Network

Tue, 23 Aug 2005 10:02:19 EDT

Daniel :

said by Wildcatboy :

Now about this:

said by Daniel :

Remember, the only purpose of this project is anonymity -- nothing else. Even if the data is read on the exit node, the original source of the request is still hidden -- hence the anonymity.

I disagree. A proxy server's job is to keep users anonymous. Once you try to set yourself apart from the average proxy servers and add encryption to the process, you're indicating a desire to keep things secure as well and you now have an obligation to make sure it will work.

I disagree. :)

The encryption is not for confidentiality -- it's for anonymnity. It's so that the nodes on the Tor network only see last and next hops rather than the original destination hidden within. This is not to protect the data itself -- it's to protect the true source and destination. The project recommends that you use something like SSL if you want confidentiality.

EDIT: Oops, BeesTea got there first...
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 14:55:23 EDT

BeesTea :

said by Wildcatboy :

I disagree. A proxy server's job is to keep users anonymous. Once you try to set yourself apart from the average proxy servers and add encryption to the process, you're indicating a desire to keep things secure as well and you now have an obligation to make sure it will work.

Again though, the encryption isn't to secure the data, it's to secure the source of the data. The idea being that a man in the middle cannot determine where the source of the packet is. Without that, one could watch the flows come and go from the node. With it, the flows vary in size and length, making it considerably harder.

TOR isn't trying to be SSL, it's trying to tackle the problems that come with being anonymous while using a normal proxy.
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 14:49:14 EDT

jp10558 :

said by Wildcatboy :

I don't see it that way, instead what the encryption is doing is hiding the route the data takes. By using encryption inside the "bouncing" network, you can't just see a message with "foo" in it go in the server, and then look on where "foo" goes out of the server. Instead, you have to do traffic analysis or the like (which becomes more difficult with many users).

The thing is with TOR, all connections in and out of a node look alike - like gibberish (well again, there is traffic analysis), whereas with a standard proxy server it's plain text so you can just sit on both sides of ONE server to catch the traffic.

Even easier is that for seeing what user X is posting, you just have to sit directly upstream of user X and read the plain text he sent out to the first proxy.

TOR fixes that by encrypting till the exit node - and with 3 bounces (or more?) it is significantly more difficult to figure out who send that text.

But it's not about end to end security. And the TOR encryption is clear about what it wants to accomplish.

All that said, I believe TOD does have "hidden" servers now inside the TOR network. I believe they work like in freenet, you have a hash you input to get to that server. But you still have to know the "address" to reach, it's just not an IP address.
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Outpost Pro 2.7;Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 07:33:07 EDT

Wildcatboy :
Just a few words to help this thread get back on track. This thread is about TOR in specific and not about proxy servers in general, how they're used, who creates problems in forums and IRC, how criminals might use proxy servers, etc...

This is about TOR and only TOR. Does it do the job? What kind of vulnerabilities it may have? How does it do the job? etc ...

Now about this:

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 05:23:50 EDT

evencarm : Hi there, just a question here from a relative newb.. I use Tor and Privoxy with Firefox, the Switchproxy tool and a Spoofstick extention. Personally I wouldnt dream of using it for using my credit card online (thats not its purpose as Im lead to believe) but does anybody know if the Spoofstick I have would help avoid the 'spoof sites' proposed above? »www.corestreet.com/spoofstick/
And by the way- I have scanned all my ports with the tools on this site (and others) and none of my ports respond to any probe. I'm using the latest 0.1.1.5-alpha Tor with Zone Alarm pro 6.
Hope someone can enlighten me here- thanks

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 01:54:18 EDT

wormie :

said by keith2468 :

Note the difference between a person's identity and their IP address. With IPv4 and the usual DHCP, a home IP address can be made to change every few days or weeks. With dialup it changes with each connection.

It's a rare ISP that does not keep the records that can connect the IP address with the person's identity. DHCP is irrelevant if records at the ISP identify you.

said by keith2468 :

In history there was no anonymity. People lived in small groups, in neighbourhoods, and they knew the people they came into contact with at least by sight. Travelers might be unknown, travelers might give false names, but their scarcity made them easy to track down by appearance.

I don't disagree, but the history of anonymity is not relevant to current discussions.

said by keith2468 :

There are the "CrimeStoppers" type anonymous informants. What if the entry or exit Tor router they used was donated by someone associated with either the police or (worse) a criminal organization? Using Tor could be fatal. Better and safer to stick to phoning from a pay phone.

But what if someone standing by the pay phone overhears your conversation? That's at least as likely as some criminal orginization running a Tor server just in case an informant rats on them through it and it happens to randomly get routed through that node.

"Do not rely on it for strong anonymity" comes up every time you start Tor. In a case of life-or-death you shouldn't be using the internet, period.

I think you miss the point of why anonymity over the internet is important. Have you never said anything that could come back to haunt you? Perhaps not, but I'm willing to bet that most people who've been using the internet for a good number of years have publicly said something they would prefer not to be traced back to them. Or maybe I'm the only one.

said by keith2468 :

I am pretty sure that even a smallish third world country could penetrate the content communications sent through Tor.

Depends entirely on how much of the internet they have access to. If you have access to communication from both the entry and exit nodes there are ways to track a person's activity if you know who to monitor. I'd be surprised if most smallish third world countries had this ability. China may or may not.

said by keith2468 :

What using Tor (or PGP) does do is bring a dissident to the attention of their government's secret police who are doubtlessly doing some rough monitoring of all internet traffic.

A source or destination IP for a Tor entry or exit router would raise a flag. The agency could then use other means (for example software hidden on the dissendent's computer) to monitor the dissident's computer more closely.

It's quite a leap to go from suspecting someone may be a dissident based on their use of Tor to comprimising their system with a trojan.

If your use of the Tor network is picked up, it means you're already being monitored. If you're already being monitored, using Tor does nothing but help to obscure what you're doing. To me, this seems rather better than letting them see the raw communication.

said by keith2468 :

One thing that Tor does is to provide an new easy way for countries to monitor dissident communications abroad. They simply have to have some of their intelligence agents participate in Tor, and set up some Tor relays. Sure they'll be lots of traffic they don't care about, but it will provide a view into some of what is being said.

I disagree that this is in any form an "easy way for countries to monitor dissident communications". If a dissident is unlucky enough to randomly get routed through a rogue node, the node will usually both not know the source IP address and not know the content of the data. Perhaps in very rare cases they'll have access to the contents of the information, but the vast majority of time even that will be useless. Furthermore, do you really think any government would undertake such an effort? The benefit is miniscule while the cost of examining all traffic through the node is considerable. Plus once again we're back to the issue of what Tor is designed for. Encryption is up to other programs, Tor is there to hide the IP address.

A rogue node is only a danger if you're not encrypted, and even then it's probably only a danger for about 10 minutes before you switch paths. How does this make Tor somehow a bad thing?
--
What Would Jim Jones Do?

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 01:07:10 EDT

keith2468 :

said by wormie :

said by keith2468 :

Who, other than someone committing a crime or someone with a guilty conscience, would want to visit a site and keep their IP address a total secret? What, people are afraid Victoria's Secret or some freebie porn site will blackmail them? Naw.

Ugh, it's the same old naive "only criminals want to keep their identities secret" myth.

Note the difference between a person's identity and their IP address. With IPv4 and the usual DHCP, a home IP address can be made to change every few days or weeks. With dialup it changes with each connection.

Anonymity, the desire to doing things to others while remaining anonymous to them, is not a historical right.

Privacy, the right to do private things in private, for only the parties to a communication to know its contents, is a historical right.

In history there was no anonymity. People lived in small groups, in neighbourhoods, and they knew the people they came into contact with at least by sight. Travelers might be unknown, travelers might give false names, but their scarcity made them easy to track down by appearance.

But in history there was privacy. Privacy is the right to do private things in private. To have transactions and conversations confidential between the 2 parties to the transaction. Two people talking while walking in the forest or in a field had privacy.

Tor doesn't add to privacy, because of how it relies on relays. Https and other encryption methods do.

said by wormie :

said by keith2468 :

1. To hide the location of a server providing illegal services from the local law enforcement having jurisdiction over it.

Tor is not for obscuring the IP address of servers. You can't connect to a server without knowing its address, so a hidden server is totally worthless.

Good point.

said by wormie :

said by keith2468 :

2. To hide the source IP of traffic from the destination IP. The only reasons someone would want to do this would be paranoia (the example they pretty much give is directed at an ordinary person who has delusions of being stalked while sitting in an internet cafe), or the act of sending disruptive or illegal traffic.

Would not a woman being stalked want to hide her address from the person stalking her? Would not an anonymous police informant want to hide his IP address? Would not a whistleblower exposing corruption of any sort want to hide his address? The myth that only criminals need to be anonymous is naive and dangerous.

There are innumerable reasons for a person to wish to remain anonymous, the vast majority of them perfectly respectable.

A stalking victim should be going to the police, not emailing the stalker.

Likewise a whistle blower is concerned about privacy from the agency he's blowing the whistle on, not from the agency he is blowing the whistle to. As part of the whistle blowing process he'll be meeting with representatives of the agency he is blowing the whistle to, handing over documents, answering questions, etc.

With anonymous police informants, most police informants are known to the officer they inform to.

There are the "CrimeStoppers" type anonymous informants. What if the entry or exit Tor router they used was donated by someone associated with either the police or (worse) a criminal organization? Using Tor could be fatal. Better and safer to stick to phoning from a pay phone.

said by wormie :

said by keith2468 :

3. For customers and surfers to obtain a regional price or to obtain access to a product or service web site that the server's owners will not willingly make available to people in the customer's country of residence.

Tor is not really suitable for this purpose, since you have absolutely no control over the route you take.

Fair enough, but they do mention that use here:
»tor.eff.org/overview.html

quote:
This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin.

said by wormie :

said by keith2468 :

The service isn't suitable for political freedom of speech use in those countries that do not allow freedom of speech. Sending packets destined for relays (Tor nodes) would put a computer on the "monitor list" of any police state's intelligence service -- and the failure to mention this puts the lives of political dissidents' living in police states at risk.

First of all, Tor's website explicity states that it may not be effective vs a global adversary. A police state qualifies as a global adversary.

The way I read their warning I took the "global" part of the "global adversary" literally.

Reading it that way, China would be a global adversary, but Saudi Arabia, Iran and Myanmar would not be.

I am pretty sure that even a smallish third world country could penetrate the content communications sent through Tor. That would fit with the way you read it.

said by wormie :

Second, in a truly oppressive state that's already monitoring traffic, you're more protected using Tor than you are without it regardless. Because if they're monitoring connections to Tor nodes you can count on them monitoring connections to the endpoints being reached via Tor. It's roughly equivalent to using PGP in your email. Yes, someone may suspect you're doing something bad, but they can't prove it.

What using Tor (or PGP) does do is bring a dissident to the attention of their government's secret police who are doubtlessly doing some rough monitoring of all internet traffic.

A source or destination IP for a Tor entry or exit router would raise a flag. The agency could then use other means (for example software hidden on the dissendent's computer) to monitor the dissident's computer more closely.

One thing that Tor does is to provide an new easy way for countries to monitor dissident communications abroad. They simply have to have some of their intelligence agents participate in Tor, and set up some Tor relays. Sure they'll be lots of traffic they don't care about, but it will provide a view into some of what is being said.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC)

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 00:55:51 EDT

Daniel :

said by keith2468 :

I think in with its current design, Tor will not add to the security of political dissidents, whistle blowers, or internet bank users, because it is designed to protect source IP, not identity or data, and because of the resources available to the adversaries these people face.

Remember, the only purpose of this project is anonymity -- nothing else. Even if the data is read on the exit node, the original source of the request is still hidden -- hence the anonymity. Ways that the project fail to provide other types of protection are not even germane to the discussion, in my opinion, since they aren't what the project was designed to address.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 00:12:02 EDT

wormie :

said by keith2468 :

I think a lot of innocent people are going to use this service in its current state and they are going to get caught by their employer, their spouse, or the secret police of their homeland, etc., and they will increase the chance of theft of their banking and credit card information.

And I think a lot of pranksters, vandals and fraudsters will successfully use the current version of Tor to aid in their commissions of crime because Tor is designed to hide source IPs and that is pretty much what these criminals care about.

Funny, apparently the criminals can use Tor effectively but nobody else can. Those clever criminals. But you're right. If the criminals use Tor the way it was designed and everyone else uses it as some sort of cure-all encryption solution the criminals will do better.

It's been said more than once in this thread already: if you're sending your credit card information, or any other truly sensitive information over an unencrypted link then you're vulnerable. Tor has nothing to do with this. Sensitive data should always be encrypted, but that's not what Tor is designed for.

Somehow I miss how your phishing link is in any way relevant. Phishing is a universal problem based on human credulity, not a technology or program.
--
What Would Jim Jones Do?

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 00:09:58 EDT

keith2468 :

said by B :

But at least they have China in mind:

But China could:

1. Have some nodes of its own infiltrated into Tor, which it could then monitor.
- It would make substituting its own pages for foreign pages even more effective, by hiding it.
- They only need to catch some dissident traffic to identify a dissident.

Once they've made the initial identification, the Chinese have their versions of the UK's RIP Act and the US Patriot Act that allows them to monitor the dissident's computer and internet connection directly.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC)

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 00:03:33 EDT

keith2468 : 1. What is to stop fraud artists, hackers and authoritarians (self-styled or government agency) from providing Tor servers?

»lwn.net/Articles/138242/

quote:
Tor was originally developed as part of the U.S. Naval Research Laboratory's Onion Routing program.

I didn't see anything about Tor vetting or investigating and approving those who run its relays. If there is some approval process and I missed it, the following would be partially irrelevant to the extent that the filtering process was effective.

2. As I read it, and again I might have missed something, any TOR relay (Onion Relay) has a 1/3 chance of being an exit relay/exit server/exit node.

And the default is for the exit relay to be randomly chosen (although there is a way to go in and modify specify one).

That means that Tor users in the default mode are providing an opportunity for some random unknown to see their traffic.

As noted this is not an existing hazard in the normal internet.

In the normal internet providers of relays are companies and institutions that other providers have investigated and agreed to trust (in a peering agreement, where valuable services or money is exchanged, and signatures are obtained).

3. A hacker who sets up a Tor relay can see 1/3 of the ordinary traffic that passes through his node in plain text, because he is the exit relay for that traffic.

That provides the opportunity to view and divert a great deal of traffic, at least once Tor becomes popular and has traffic.

You'd have 1/3 of the Paypal traffic that passes through your relay using your relay as the exit node. A simple mod to your own host file would allow you easily divert the paypal traffic to wherever you wanted.

This is a new hazard.

The result is similar to replacing a remote host file on the victim's computer, but this exploit is simpler -- it is the criminal's own host file that is modified, not some remote host file.

If you check »www.antiphishing.org/phishing_archive.html you can see some good examples of actual phishing emails and servers.

What a Tor phisher might do, and this part isn't particular to Tor, it has been done before, is to use a URL like www.paypal.signon.com, which most of us here know is on the signon.com domain, but which most innocents will think is part of paypal.com.

A new technique, not in the archive above yet, is for criminals to make their domain (signon.com) https by buying a certificate from a recognized certificate issuing authority. (Of course the purchase creates a paper trail that they'd have to hide, but most organized criminals have access to experts in hiding paper trails.)

4. What kind of traffic would a knowledgeable person consider both:
(a) sensitive enough that they want to their act of sending it to remain secret,
(b) not care who reads it or where it gets diverted to?

I think in with its current design, Tor will not add to the security of political dissidents, whistle blowers, or internet bank users, because it is designed to protect source IP, not identity or data, and because of the resources available to the adversaries these people face. Tor unwittingly increases the odds against ordinary people.

I think a lot of innocent people are going to use this service in its current state and they are going to get caught by their employer, their spouse, or the secret police of their homeland, etc., and they will increase the chance of theft of their banking and credit card information.

And I think a lot of pranksters, vandals and fraudsters will successfully use the current version of Tor to aid in their commissions of crime because Tor is designed to hide source IPs and that is pretty much what these criminals care about.

I'm not surprised that EFF lawyers bought the idea. It should be good for business.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC)

Re: Anonymnity: Introduction To The Tor Network

Mon, 22 Aug 2005 00:02:02 EDT

wormie :

Ugh, it's the same old naive "only criminals want to keep their identities secret" myth.

Let me address your three points.

said by keith2468 :

1. To hide the location of a server providing illegal services from the local law enforcement having jurisdiction over it.

Tor is not for obscuring the IP address of servers. You can't connect to a server without knowing its address, so a hidden server is totally worthless.

Tor is not really suitable for this purpose, since you have absolutely no control over the route you take.

First of all, Tor's website explicity states that it may not be effective vs a global adversary. A police state qualifies as a global adversary. Second, in a truly oppressive state that's already monitoring traffic, you're more protected using Tor than you are without it regardless. Because if they're monitoring connections to Tor nodes you can count on them monitoring connections to the endpoints being reached via Tor. It's roughly equivalent to using PGP in your email. Yes, someone may suspect you're doing something bad, but they can't prove it.

said by keith2468 :

The service is also unsuitable for maintaining secrecy from parents and employers because they can intercept your communications at your end, as they leave your keyboard, and as they are displayed on your monitor.

You're right, Tor does not prevent people from looking over your shoulder. Good argument!
--
What Would Jim Jones Do?

Re: Anonymnity: Introduction To The Tor Network

Sun, 21 Aug 2005 23:38:08 EDT

B :
Well that's an awfully provocative position, keith!

I'm not prepared to agree with or to argue against it.

But at least they have China in mind:

»wiki.noreply.org/noreply/TheOnio···e2e13c20

7.9. Tor should circumvent the Chinese firewall too.

The "China problem" is the extreme example of an anonymity and anti-censorship system: a global active adversary with a lot of manpower and money, and severe penalties to discourage people from trying.

We're not working on this problem right now; we have our hands full as it is, and I'm also not convinced that we understand the problem correctly or have a good handle on the requirements.

In any case, Tor might be part of a solution. Here we enumerate four problems that must be overcome to beat the government firewall problem:

*

We need a set of exit nodes on the free side, who will connect to arbitrary places. Tor is achieving this.
*

We need a set of entry nodes on the free side. it needs to be tens of thousands, not just a few hundred. Tor is achieving this too: imagine one day down the road the Tor client GUI has a little "help China" button in the corner, which causes the clients to relay a few kilobytes per second for others.
*

We need a mechanism for telling dissidents about client IPs without letting The Adversary enumerate client ips. Hard problem; good luck.
*

We need a mechanism by which Tor traffic can be unobservable: that is, you need to be able to watch somebody and still not realize he's sending or receiving Tor traffic. Hard problem; good luck.

You're welcome to work on this problem. Feel free to use Tor or not. [#]

I thought Freenet was better suited to that sort of thing.

-- B
--
In a realm outside causality and function

Re: Anonymnity: Introduction To The Tor Network

Sun, 21 Aug 2005 23:14:40 EDT

hpguru :

said by keith2468 :

(In 50 years we may just as easily find out that Tor was been developed to make it easier for national security services in western countries to monitor their citizens, by flagging and concentrating "traffic of interest".)

One may not need to wait that long. After all TOR was originally developed by the ONR.
--
Get hpHOSTS! Member ASAP
Downing St. memo: BUSH LIED, YOUR SON DIED.
REMEMBER 1776! NEVER FORGET!

Re: Anonymnity: Introduction To The Tor Network

Sun, 21 Aug 2005 22:37:47 EDT

keith2468 : »tor.eff.org/eff/tor-legal-faq.html

quote:
We further recommend that you not keep any potentially illegal files on the same machine you use for Tor, nor use that machine for any illegal purpose.
(snip)
Tor’s core developers, Roger Dingledine and Nick Mathewson, (snip) are not lawyers and cannot give legal advice. Nor do they have any ability to prevent illegal activity that may occur through Tor servers.

The first point is an attempted workaround for those of their clients wanting to host illegal files. The advive is not to obey the law. The advice is how to evade detection.

The second point is pretty much a user requirement for the target market.

Who, other than someone committing a crime or someone with a guilty conscience, would want to visit a site and keep their IP address a total secret? What, people are afraid Victoria's Secret or some freebie porn site will blackmail them? Naw.

Tor itself pretty much states the main known purposes of the service are:

1. To hide the location of a server providing illegal services from the local law enforcement having jurisdiction over it.

2. To hide the source IP of traffic from the destination IP. The only reasons someone would want to do this would be paranoia (the example they pretty much give is directed at an ordinary person who has delusions of being stalked while sitting in an internet cafe), or the act of sending disruptive or illegal traffic.

3. For customers and surfers to obtain a regional price or to obtain access to a product or service web site that the server's owners will not willingly make available to people in the customer's country of residence.

Also, one has to consider who you want to keep your activity secure from.

The service isn't suitable for political freedom of speech use in those countries that do not allow freedom of speech. Sending packets destined for relays (Tor nodes) would put a computer on the "monitor list" of any police state's intelligence service -- and the failure to mention this puts the lives of political dissidents' living in police states at risk. (In 50 years we may just as easily find out that Tor was been developed to make it easier for national security services in western countries to monitor their citizens, by flagging and concentrating "traffic of interest".)

The service is also unsuitable for maintaining secrecy from parents and employers because they can intercept your communications at your end, as they leave your keyboard, and as they are displayed on your monitor.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC)

Re: Anonymnity: Introduction To The Tor Network

Sun, 21 Aug 2005 21:35:01 EDT

wormie :

said by jp10558 :

All this said, it will keep you relatively anonymous to the end website (ie make it near impossible for them to track your reading habits via IP address) assuming you aren't logging in - in which case there's no reason to use it anyway as you are intentionally breaking anynominity...

Indeed, even this vulnerability doesn't allow the end target to get any additional information. It allows the first hop to do some potentially nasty things, but the basic anonymity from the target itself isn't directly affected.

Still, I'm sure some people will use any vulnerability as a reason to spread fear that Tor server operators are going to steal your genetic code.
--
What Would Jim Jones Do?

Re: Anonymnity: Introduction To The Tor Network

Sun, 21 Aug 2005 14:06:27 EDT

jp10558 :

said by B :

No no, it doesn't matter if the 1st hop can read and manipulate all your data, as long as your IP address is obscured from the eventual target destination.

Or at least, that seems to be the gist in the thread. ;)

Kidding, folks. I think.

-- B

No, no - that matters. And of course the basic idea is that any software can have bugs - TOR isn't really out of beta given the version #. And it warns you not to use if you need strong anonyminity. I don't think anyone has said it's impossible to compromise TOR, just that for the most part, it's not going to work the way novaflare suggests, it's going to be quickly patched (of course you should stay up on any security patches for all your software) and it's not going to protect you from the govt.

All this said, it will keep you relatively anonymous to the end website (ie make it near impossible for them to track your reading habits via IP address) assuming you aren't logging in - in which case there's no reason to use it anyway as you are intentionally breaking anynominity...
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Outpost Pro 2.7;Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Sat, 20 Aug 2005 22:07:03 EDT

B :
No no, it doesn't matter if the 1st hop can read and manipulate all your data, as long as your IP address is obscured from the eventual target destination.

Or at least, that seems to be the gist in the thread. ;)

Kidding, folks. I think.

-- B
--
In a realm outside causality and function

Re: Anonymnity: Introduction To The Tor Network

Sat, 20 Aug 2005 21:01:42 EDT

TK421 : Hmmm...

I just came across this Secunia advisory regarding Tor. This vulnerability is now patched yet it at least proves what can be done.

Tor Cryptographic Handshake Vulnerability

Secunia Advisory: SA16424 Print Advisory
Release Date: 2005-08-19

Critical: Moderately critical
Impact: Manipulation of data
Exposure of sensitive information
Where: From remote
Solution Status: Vendor Patch

Software: Tor 0.x

Description:
Roger Dingledine has reported a vulnerability in Tor, which potentially can be exploited by malicious people to disclose or modify certain sensitive information.

The vulnerability is caused due to the Tor client failing to reject certain weak keys when performing a Diffie-Hellman handshake. This can potentially be exploited by the first Tor server in the path to disclose all keys the client negotiates for the rest of the path and then read or modify all client traffic.

The vulnerability has been reported in versions 0.1.0.13 and prior.

Solution:
Update to version 0.1.0.14.
»tor.eff.org/download.html

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 23:02:53 EDT

BeesTea :

said by novaflare :

some one who was involved in helping to decover the meathod used to steel credit card numbers from a secured site

No one was using a caching proxy to spoof https sites. It's simply not possible. You've mentioned squid, so here's a entry in their FAQ

quote:
1.12 Does Squid support SSL/HTTPS/TLS?

As of version 2.5, Squid can terminate SSL connections. This is perhaps only useful in a surrogate (http accelerator) configuration. You must run configure with --enable-ssl. See https_port in squid.conf for more information.

Squid also supports these encrypted protocols by ``tunelling'' traffic between clients and servers. In this case, Squid can relay the encrypted bits between a client and a server.

Normally, when your browser comes across an https URL, it does one of two things:

1. The browser opens an SSL connection directly to the origin server.
2. The browser tunnels the request through Squid with the CONNECT request method.

The CONNECT method is a way to tunnel any kind of connection through an HTTP proxy. The proxy doesn't understand or interpret the contents. It just passes bytes back and forth between the client and server. For the gory details on tunnelling and the CONNECT method, please see RFC 2817 and Tunneling TCP based protocols through Web proxy servers (expired).

»www.squid-cache.org/Doc/FAQ/FAQ-···l#ss1.12

Marketscore is the only group I've seen be able to intercept SSL communications enmass, and they were tricking users to install certificates into their browsers.
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 22:51:03 EDT

novaflare :

said by BeesTea :

said by Daniel :

I think it's important to point out that the main person against Tor in this thread seems to be objecting almost solely because of his role as an IRC/forum admin.

It ended there. It started with a bunch of technical make-believe.

We have to agree at this point, at least I hope, that the only thing wrong with TOR is people's opinions of it.

As irc forum admin and game moderator and some one who was involved in helping to decover the meathod used to steel credit card numbers from a secured site i know the dangers of proxies of any form. They can call tor what ever they like but in the end its nothign more than a proxy that encypts data untill it exits the network at that point its decrypted and can be stolen. Those are the facts like it or not tor is just a glorified proxy ran on peoples personal computers. Dont use it for any thing where you require security.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 22:30:52 EDT

BeesTea :

said by Daniel :

I think it's important to point out that the main person against Tor in this thread seems to be objecting almost solely because of his role as an IRC/forum admin.

It ended there. It started with a bunch of technical make-believe.

We have to agree at this point, at least I hope, that the only thing wrong with TOR is people's opinions of it.
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 22:08:48 EDT

Daniel : I think it's important to point out that the main person against Tor in this thread seems to be objecting almost solely because of his role as an IRC/forum admin.

In other words, the benefit of having a tool that lets people surf anonymously is both fundamental and massive. Along with that benefit come some annoyances, i.e. the ability of certain mouthbreathers to use it to annoy people more efficiently.

Labeling anonymnity as bad simply because it can be misused is much like labeling freedom of speech as bad for the same reason. Why not label everything bad that can be used against good people? Freedom of press? The right to bear arms?

Seriously. I don't want to get too hardcore here, but what Novaflare's basically advocating here is throwing out the baby with the bathwater. I just think it's important to have a bit of perspective here. Think about what society's priorities are. Think about what's more important.

Is it more important that Internet users be able to surf without being easily tracked, or more important that IRC operators be able to easily ban abusers? I think the answer is clear.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 15:59:08 EDT

novaflare :

said by Mark :

I don't think of it as a matter of good and evil, only one of effort. To abuse open proxies, a user has to find them by scanning or finding a list (where the majority are abysmally slow or don't work). Don't forget, open proxies are rediculously easy to detect.

Tor solves these issues magnificently. Unfortunately, one thing I've learned over the years is that assholes, much like electrons, tend to take the path that requires the least effort. Tor is an attractive path.

I feel the same way. Ive been a op on many dozens of chanels over the years on irc admin or moderator on a couple dozen forums ran my own websites helped set up other peoples web sites etc. One common thread in all that time has been trolls script kiddies and true black hat hackers useing proxies to do their dirty deeds. Theres nothing worse than banning some one by ip or ip range only to have them come back a few minutes later and start again. I personaly hate free proxies and ones that require no log in etc. Tor is such a proxy service. I know in the coming months im going to have a real fight on my hands against troll comeing iin to irc chanels for wich im a op in and trolling the chanel same deal with forums and even the game(s) i gm for. With tor they dont need to hunt down a new proxy to use so they get a new ip to bypass the ban they just cycle tor or if im reading their faq right simply reconnect to the site or server and instantly have a new ip.

Im already looking in to ways to simply and completly deny access to any tor user.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 15:13:16 EDT

raulgarza :
whatever flaws TOR might have, it was great until it got blocked by my netork admin.

Im in the army in Iraq, and our network connection is very restricted (only approved amry sites) so I have been using TOR/Privoxy to log into(gasp) my bank account, yeah is not very secure and im sure someone would be able to crack it but at least I can log in and pay my bills.
--
Optimum Rules!!!

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 12:55:11 EDT

Mark : I don't think of it as a matter of good and evil, only one of effort. To abuse open proxies, a user has to find them by scanning or finding a list (where the majority are abysmally slow or don't work). Don't forget, open proxies are rediculously easy to detect.

Tor solves these issues magnificently. Unfortunately, one thing I've learned over the years is that assholes, much like electrons, tend to take the path that requires the least effort. Tor is an attractive path.

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 12:05:55 EDT

Daniel :

said by Mark :

said by Daniel :

said by Mark :

I know Tor has its merits, but it also has its serious flaws that must be considered.

What, in your view, would be one of Tor's "serious flaws"?

Primarily its conduciveness to spamming and other forms harassment.

So, it has the same weakness that all anonymous proxies have, then, i.e. you can use it to become anonymous. In other words, you're saying that the problem with this technology is that bad people will use it to harass/annoy/disrupt good people.

I do agree with you there, but I don't think that's a "serious flaw". I think it's just like anything else -- encryption, gasoline, or ice picks. It's created for a good purpose but used sometimes for bad ones. Arguing, however, that there's a major flaw with ice picks because they can be used to kill people is a bit specious in my view.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 04:31:22 EDT

anon : Some of the differences between Tor and Ghostsurf are for one GS is a pay service and Tor is not. Anytime you have to pay you can usually be tracked by that alone.

GS doesn't use the onion routing tehcnique, you just go straight to their proxies (or hubs), and they can easily log your true IP address, so another way to lose your privacy while using GS.

GS claims they don't keep logs of your internet activity (that could be easily passed on to a third party), but I seriously doubt this claim in the age of anti-terroism. Most likely GS doesn't keep your logs 'for long'. Probably just long enough to pass them off to big brother or whomever.

From what I have heard, but not positive about this one, is GS uses a weaker form of encryption than Tor.

All in all GS is not a bad anonymizer service, it's just not as good, or private, as Tor IMO. But it should get the job done in most cases.

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 04:17:48 EDT

Mark :

said by Daniel :

said by Mark :

I know Tor has its merits, but it also has its serious flaws that must be considered.

What, in your view, would be one of Tor's "serious flaws"?

Primarily its conduciveness to spamming and other forms harassment. It's a good idea, but it won't be long until its blacklisted most places.

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 04:11:16 EDT

Daniel :

said by Mark :

I know Tor has its merits, but it also has its serious flaws that must be considered.

What, in your view, would be one of Tor's "serious flaws"?
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 03:59:53 EDT

Mark :

said by Daniel :

If that's your experience, and you can't see any loftier reasons for Tor's existence, then you should consider getting out more. ;)

[17:43] <@AntiProxy> DNSBL -> Sly!comp@dsl081-067-211.sfo1.dsl.speakeasy.net appears in BL
 * zone tor.dnsbl.sectoor.de (Tor exit server)
[17:46] <@AntiProxy> DNSBL -> Sly!comp@sml-co-fln_cust4.netit.se appears in BL zone tor.dn
 *sbl.sectoor.de (Tor exit server)
[17:57] <@AntiProxy> DNSBL -> Sly!comp@66.239.30.194.ptr.us.xo.net appears in BL zone tor.
 *dnsbl.sectoor.de (Tor exit server)
[18:08] <@AntiProxy> DNSBL -> Sly!comp@static-64-115-210-23.isp.broadviewnet.net appears i
 *n BL zone tor.dnsbl.sectoor.de (Tor exit server)

(*) WARNING 4 long line(s) split

That's a small snippet of one of the thousands of abusers I see every day. That particular individual was a packet kiddy. Let's not forget forum spammers, either. I know Tor has its merits, but it also has its serious flaws that must be considered.

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 03:50:35 EDT

Daniel :

said by Mark :

In my experience, Tor is mainly used by lamers to evade bans on IRC and other similar services.

If that's your experience, and you can't see any loftier reasons for Tor's existence, then you should consider getting out more. ;)

said by Mark :

Regardless, I don't think Tor proxies DNS requests

The combination of Tor and Privoxy (the recommended configuration) does.

said by Mark :

and exit servers can always be compromised.

We've been through this one.

said by Mark :

There's no such thing as total anonymity, but I guess it's good enough for some people.

Hey, no fair! You stole that from the Tor FAQ! :)
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 03:35:21 EDT

Mark : In my experience, Tor is mainly used by lamers to evade bans on IRC and other similar services. There's actually a Tor blacklist now.

Regardless, I don't think Tor proxies DNS requests, and exit servers can always be compromised. There's no such thing as total anonymity, but I guess it's good enough for some people.

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 03:25:25 EDT

Daniel :

said by bilderburg34:

After all isn't the reason your using an anonymity service to avoid being spied on?

Not really. It's more to avoid being spied on by anyone other than the government. In other words, if the NSA wants something, they can always make it happen. The rubber-hose attack works on all networks, even Tor.

As far as whether or not big brother has a backdoor into Tor, I highly doubt that. I wouldn't think the EFF would sponsor the project if it had any credible information to support that claim, and they are precisely the type of organization who'd likely investigate if they had any reason to believe it to be true.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 03:18:58 EDT

anon : I think the big question is, is Tor backdoored by big brother? Many people seem to claim it has a permanent backdoor in it. And in this age of anti-terrorism, I can't believe big brother would ever let such a service go unmonitored.

While some may not consder it that big a deal, perhaps responding with the usual "I'm not doing anything wrong, so why should I care" response, but I for one don't like the idea of being monitored.

After all isn't the reason your using an anonymity service to avoid being spied on? Then again, whether Tor is backdoored or not, big brother can still find out where you go on the internet while you use Tor.

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 02:47:41 EDT

Daniel : Well, I wouldn't say it's a non-issue, but it's not as big a deal as it was made out to be.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 02:36:16 EDT

jp10558 :

said by inTulsa :

said by Daniel :

No. Hops on the Tor network are Tor servers, not Tor clients.

Wait, are you claiming that TOR will route programs not told to use it? Hello, I have yet to have any program start using TOR to access the net without me specifically setting it as a SOCKS proxy. So, no, my e-mail client isn't going to go through TOR.

Beyond that, you all also seem fixated on the fact that someone can compromise an exit node. I've gone over this about 3 times in this thread why this is a non-issue.
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Sygate Pro 5.5(Build 2637);Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 01:55:21 EDT

Daniel :

said by novaflare :

yeh i seen that but it doesnt tell me if the encryption begins on your computer (hideing the url you visit) or if it starts on the firt tor hop in the chain.

It does. It shows a green line going from Alice's computer to the first Tor server. The legend reveals that green means encrypted. The combination of Tor and Privoxy hides both your http sessions and your DNS queries, so no, your ISP doesn't know what sites you're visiting at all.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 15 Aug 2005 00:52:43 EDT

anon : So how does this compare to GhostSurf 2005?

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 22:19:53 EDT

novaflare :

said by Daniel :

said by novaflare :

Well if your computer isnt the first node in the chain then the data leaving your computer is still unencrypted till it hits the first node. In this case the isp can see the urls you actually wnet to just not what was sent via forms or what you recieved back. How ever if your computer is the first nod of the 3 or how ever many the data gets encrypted the entire time.

No. Hops on the Tor network are Tor servers, not Tor clients.

Seriously, dude. I will send you $5.00 cash if you go and read the documentation that shows how this works. Here's the URL:
»tor.eff.org/overview.html

Scroll down to the pictures; they are what cover the way traffic moves through the network.

yeh i seen that but it doesnt tell me if the encryption begins on your computer (hideing the url you visit) or if it starts on the firt tor hop in the chain. If the first tor hop then your isp will see your https http etc request in plain text just as though you were not on tor at all. This in it self present no security threat. No more so than having a https url in your browser history does. So if first tor hop is where encryption starts your isp can still see easly where you went but not what you did when you go their. If »https://dslreports.com loks like ^%$&_#@$^&%^&*$% or something thats all your isp could see. But to pull this off if its even possible to do so would mean that the encryption is completly done on your pc and decrypted at the exit node. It doesnt realy explain where the encryption starts just that while on all hops between you and where you are going its encrypted.

Im going to asume for now till shown other wise that encryption does start on your own pc.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 22:13:27 EDT

novaflare :

said by inTulsa :

said by Daniel :

No. Hops on the Tor network are Tor servers, not Tor clients.

But many of those Tor servers are under the control of individuals. The Tor software is open-source, so it might not take too much effort for someone to customize their intended pass-through operation.

In order to maintain its operation the Tor network needs quite a few intermediate server nodes and quite a few exit nodes. Nobody will validate the functionality of every one of those individuals.

Since Tor installs a SOCKS service in the client, protocols such as HTTP, POP3, and many others pass through it. Logging the :110 target connections or certain POST operations could yield a wealth of information by someone having a Tor server online. Sending content to unintended servers would seem rather simple for general spoofing.

Everything leading to the Tor exit servers seems to be fluff intended as protection from legal issues. When a black-hat operates an exit server then the game's over. The intermediate relay servers may also be open to abuse.

People who use Tor should do so cautiously. It's not much different than the many other untrusted proxies on the internet.

Paid services such as »www.anonymizer.com/ or »www.http-tunnel.com/ may be better because it's in those company's vested interest to protect & secure their network. With similar client-side SOCKS and full encryption, http-tunnel is probably the closest thing to Tor.

Read up on anonomizers privacy policy. Their useqage logs (containing ips etc) are not considered private. In other words web master could likly email them and ask for them. My guess is yeh they will give you the logs all right from the last 2 3 or 4 years lol. Basically they protect their buts from the feds etc by disclaiming it and makeing it easy to get the logs but they will do the old burry them in work that might take a year or more to go throguh. In a small sence at least even this helps to ensure your anonnimity to some degree.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 21:46:38 EDT

inTulsa :

said by Daniel :

No. Hops on the Tor network are Tor servers, not Tor clients.

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 18:57:41 EDT

Daniel :

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 16:16:55 EDT

novaflare :

said by Daniel :

Well, your computer is talking to the first node, and that conversation is encrypted, yes.

Well if your computer isnt the first node in the chain then the data leaving your computer is still unencrypted till it hits the first node. In this case the isp can see the urls you actually wnet to just not what was sent via forms or what you recieved back. How ever if your computer is the first nod of the 3 or how ever many the data gets encrypted the entire time. This is how id do it if i was makeing something like tor. Personaly id not want to try and hide what urls i go to from my isp simply put this would tend to draw suspision of my isp more than going to warez.com. Unless they visit said url they wont know what it is.
I thought from the convo here that tor had 3 nodes essentialy enter node middle node and exit node. My thought was enter node was your own computer middle node and exit node were some where else entirly.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 15:35:26 EDT

Daniel : Well, your computer is talking to the first node, and that conversation is encrypted, yes.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 15:32:12 EDT

Daniel :

said by novaflare :

I might not be able to see his pass words etc but the urls them selves showed in my squid logs. Even running my old sambar server with proxy enabled i could see all urls he requested.

Any url you enter gets sent to your isps server regardless of what proxy you use.

Uh, no. You're missing the entire concept here. Tor (and Privoxy) make it so that precisely this does not happen. When you use this system your DNS requests and your browsing is kept private from your ISP.

I beg you to please read the documentation.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 15:26:04 EDT

novaflare : oops wait a sec i forgot your own computer is the enter node so it might not be noticable by the isp as to url you visited.
Hmm if this is the case isps are gona start blocking tor connections by port scanning your butt.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 15:22:36 EDT

novaflare :

said by Daniel :

said by jp10558 :

Actually, all your ISP knows is you've contacted a TOR machine, but they don't know where you went after that.

Exactly. Novaflare, have you read the technical details about Tor yet? How is the ISP going to track where you're going if the traffic is encrypted all the way to the exit node?

Same way i was able to watch where my brother went https encrypted or not. I might not be able to see his pass words etc but the urls them selves showed in my squid logs. Even running my old sambar server with proxy enabled i could see all urls he requested.
Any url you enter gets sent to your isps server regardless of what proxy you use.
With my set up my brother was useing or tryign to use a anon proxy to get around my anti porn black list. Problem was he couldnt because his first hop was my squid server running in transperant mode. If your isp is running say squid in transperant mode their logs will show requested url. It will also log all trafic through that proxy includeing secure and encrpted trafic. Now them decrypting what was sent as the connection was established is another matter entirly.

If you got a junker computer you can toss smoothwall on give it a try your self youll see what i mean.

I could set up a squid proxy on my comp and pm my ip when i have a coupe hours to spend configuring it if youd like. Obviously you couldnt also use tor but it should show you what i mean that no matter how much your transmisions are encrypted your http(s) urls are not them selves encrypted.
Best way to see what i mean is to set up smoothwall on a old computer and use squid in transparent mode this way tor cant bypass the squid proxy. Now a intresting thing is you can bypass transperant proxies on your isps servers to a point. You can bypass the caching aspect (that tends to realy screw things up with logins) of the proxy. But your connection will still get logged on the proxy (at least i think so) by useing another proxy out side your isp that doesnt cache. Essentially any logging fetures (or filtering) will still be inplay.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 15:13:10 EDT

Daniel : No, actually he wasn't saying that. He was saying this:

said by novaflare :

Well no matter how many proxies you use to bounce your connection throug they will still be able to see exactly what your doing online.

said by novaflare :

Simply put you know that little box your computer or router hooks up to? That is owned and controlled by your isp thats your last hop before going on to the network controlled by your isp. Your first hop on tor or raw isp connection is the hop to your isp likly on the same server that hands you your real ip. So sence your isp is the one doing all the monitoring for the gov the gov will still always know your moves online. So before you even get to tor your going through 3 hops. Your modem is number 1 your isps router is number 2 and your isps main server for your area is number 3.

The first hop for Tor could be on another continent, dude, and your connection to it is completely encrypted.

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 15:01:42 EDT

SpannerITWks : Hi Daniel, My understanding is, the ISP doesn't know where you've gone, just knows you're on TOR. Which is what i thought Novaflare meant, was saying.

Spanner
--
I Only Know What I Know But I'm Learning all The Time - Stay Safe - Spanner intheWorks /SpannerITWks

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 14:54:29 EDT

Daniel :

said by jp10558 :

Actually, all your ISP knows is you've contacted a TOR machine, but they don't know where you went after that.

Exactly. Novaflare, have you read the technical details about Tor yet? How is the ISP going to track where you're going if the traffic is encrypted all the way to the exit node?
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 14:37:53 EDT

jp10558 :

said by novaflare :

said by Torrrr:

"In short, no one can say that, "Tor's anonymnity is worth the risk." simply because anonymnity has a different value for different people."

But what if you had a corrupt government and was to used TOR for anonymity? We know that it's probabely wouldn't protect the individual right? Also, you should check out the bug releases on TOR. I use it because I don't do anything that would get me in trouble even if it was monitored. People should be aware.

You bring up a intresting point. Say you live in a country with a gov that dont allow you to have privacy online. Well no matter how many proxies you use to bounce your connection throug they will still be able to see exactly what your doing online. Simply put you know that little box your computer or router hooks up to? That is owned and controlled by your isp thats your last hop before going on to the network controlled by your isp. Your first hop on tor or raw isp connection is the hop to your isp likly on the same server that hands you your real ip. So sence your isp is the one doing all the monitoring for the gov the gov will still always know your moves online. So before you even get to tor your going through 3 hops. Your modem is number 1 your isps router is number 2 and your isps main server for your area is number 3. Only after your past the 3rd hop can you even begin to effect your ip and your anon status. Monitoring done at any of these 3 hops can be monitored by your isp or you govenrment. In other words if you think your going to be anon from your isp or gov your wrong these 2 things are not possible.

Actually, all your ISP knows is you've contacted a TOR machine, but they don't know where you went after that. Of course, they could make using TOR illegial, but they wouldn't know what sites you accessed with TOR.
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Sygate Pro 5.5(Build 2637);Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 14:06:09 EDT

novaflare :

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 13:01:12 EDT

anon : "In short, no one can say that, "Tor's anonymnity is worth the risk." simply because anonymnity has a different value for different people."

But what if you had a corrupt government and was to used TOR for anonymity? We know that it's probabely wouldn't protect the individual right? Also, you should check out the bug releases on TOR. I use it because I don't do anything that would get me in trouble even if it was monitored. People should be aware.

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 11:31:30 EDT

Daniel :

said by Marilla :

No. No one's missing it, really. I just a) don't see the point and b) it's actually potentially dangerous in some situations.

Well, that's the trick, really. Let's look at your a and b.

Let's say that you need an overall benefit of 100 in order to think that systems like Tor are worthwhile. Well, in order to get to that score you have to have a high amount of positive and a low amount of negative (in this case, risk) associated with using it.

So let's say your a is equal to 50 -- meaning basically that you don't value anonymnity too much. In other words, you just don't see much use for it.

Ok, so then let's subtract the b value, which is the negatives associated with sniffing problems, legal issues, whatever. And let's say you think those issues are worth 20 points.

Great, so we end up with a value of 30 on your own personal scale of worth. You needed 100, but ended up with 30. Obviously, it's not worth it to you to use such a thing.

For others, however, their a value starts at like 250. We are measuring personal value systems here. Some peoople think a system for being anonymous is worth almost anything, while others think it's worth next to nothing. So you have a value of 250 for the benefit that Tor provides, and you think there's 50 points of negative because of the risks and such. That person ends up with a score of 200, which is double what they needed to internally decide, "This is worth the risk."

In short, no one can say that, "Tor's anonymnity is worth the risk." simply because anonymnity has a different value for different people. If not a big deal to someone whether or not they can be anonymous or not, then why would they even consider using such a system? They wouldn't. These same people are likely to shun the use of any anonymous proxy; the idea is just not interesting to them.

As such, the only valid arguments here are those that allow people to accurately assign their own numbers to a and b. Once we know the actual benefit, and the actual risk, people can then individually apply that information to their own value systems in order to make their decision. The key thing to remember, though, is that two people can understand the benefit and risk perfectly and still come up with the exact opposite view of whether or not the solution is "worth" it or not.

A good example of this would be person x thinking it's worth the risk of dying to eat a poisonous fish delicacy. They know that people get violently ill; they know that people have died. It's still worth it to them. Person y, on the other hand, may think that person's completely insane. But the key is simply that person x values excitement and interesting experiences far more than y does. That's not wrong, it's just a difference between them.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Sun, 14 Aug 2005 02:13:46 EDT

packetscan : I was first introduced to tor when i found it on google. Began using it that night.. what a great idea and tool.
--
Who do you want to pay off today?

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 23:13:06 EDT

Marilla : No. No one's missing it, really. I just a) don't see the point and b) it's actually potentially dangerous in some situations.

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 23:02:27 EDT

jp10558 :

said by Marilla :

Someone note this day! It's a miracle! hehehe.

I could not agree with Spanner any more on this issue!

I would -never- actually, purposefully, get any more systems in the middle of a secure transaction than will already be the case. It's already bouncing all around the Internet; no sense giving it to some third party reliably, all the time.

And similarly; I'd never log into any site, and especially not anything financially related, from any computer not under my own control.

To be honest, I think the usefulness of this stuff is fairly limited to most people. I've made use of proxies here or there for various reasons, and there are some interesting concepts to it all, but... ehh!

I'm not sure if people are missing this or what, but the *only* purpose of TOR is anonyminity. All it tries to do is make your browsing hard to trace. That said, it's the right thing to use when you want to confound marketers or pretty much anyone other than governments from knowing who you are when reading sites. Or posting to forums too.

If you are authenticating yourself strongly to someone, say for a purchase, or at a bank - it serves no real purpose. The other side knows who you are. I seriously have doubts about it opening you up to any attack, but it's possible. Those reasons should clue people in to not use TOR, or any proxy when they won't be anonymous. Especially if it's important.
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Sygate Pro 5.5(Build 2637);Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 20:26:52 EDT

Marilla : Someone note this day! It's a miracle! hehehe.

I could not agree with Spanner any more on this issue!

I would -never- actually, purposefully, get any more systems in the middle of a secure transaction than will already be the case. It's already bouncing all around the Internet; no sense giving it to some third party reliably, all the time.

And similarly; I'd never log into any site, and especially not anything financially related, from any computer not under my own control.

To be honest, I think the usefulness of this stuff is fairly limited to most people. I've made use of proxies here or there for various reasons, and there are some interesting concepts to it all, but... ehh!
--
I am the sole arbiter of what is important enough to spend my time on - not anyone else here, or anywhere else. You take care of yourself, and leave me to me, got it?

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 20:19:39 EDT

SpannerITWks : I don't think anyone in their right mind would contemplate using TOR etc to log into their bank etc.

There's no need anyway cos all reputable sites will be a Direct HTTPS connection. Even non financial sites like some forums etc use SSL.

I wouldn't even log in to anywhere, never mind a bank, from anybodys Comp except my own.

I believe novaflare Did discover something, and i can't blame him for not divulging how he did it. That would only open it up to those dodgy peeps.

If people want to use TOR etc for some kind of backtrace etc shield, fine let em. I thought about playing around with it and Privoxy myself a while ago just for the fun of it, but felt i couldn't devote all the time to read up on everything i thought was needed to do it properly.

Spanner
--
I Only Know What I Know But I'm Learning all The Time - Stay Safe - Spanner intheWorks /SpannerITWks

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 19:56:59 EDT

Daniel :

said by novaflare :

As for the cert warnign why bother useign a cert on the cached page ? not all https sites use certs after all. The user would still be unaware of the sec breach.

See, you're confusing me.

I was just getting used to the idea that you actually were on top of things technically, and then you tell me that not all HTTPS sites use certificates. That's insane, dude. HTTPS, quite basically, means HTTP over SSL. SSL implementations use certificates to verify the authenticity of the remote site. As such, all HTTPS sites do use SSL (or TLS).

Anyway, that aside, are you saying that you can capture the call for »https://bigbank.com and send them to »bigbank.com instead -- which will give no cert warning -- at which point you can capture their credentials since they thought it was secure?

If so, you're relying quite a bit on the ignorance of the user there. Most people do notice the little signs that indicate valid SSL. Some peole look at the color of the address bar, some have plugins that alert them, and others actually check to see if the protocol says HTTPS.

This not happening is yet one more thing added to the pile of unlikely circumstances required for this attack to be successful. Again, that doesn't mean it wouldn't work once in a while, I'm just saying it's getting less and less likely as you go on.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 16:48:36 EDT

BeesTea :

said by novaflare :

As for the cert warnign why bother useign a cert on the cached page ?

Because if the site uses SSL, and the link I'm going to uses

https://

you MUST use ssl. The browser will produce an error if you don't.

Try it

https://www.broadbandreports.com:80/

said by novaflare :

not all https sites use certs after all.

No really they do. That's the "s" in https.

--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 16:40:00 EDT

novaflare :

said by Daniel :

said by Wildcatboy :

In other words Tor doesn't have anything in place to prevent that?

Well, no, it doesn't seem to, but the point is that it's still not anywhere near trivial to pull off. Connections exist for a very short amount of time (like a minute or two) on a given circuit, and you have to be on the last hop in that chain in order to capture packets at all. Plus, in order for the attack to work, you have to bypass the certificate warning (if the goal is to capture credentials that would have been encrypted).

I'm acknowledging that the attack is real; I'm just saying that it's not as significant as it's being made out to be.

Well i never said it was wide spread hell its not even wide spread on the net in general thank god for that cause in some cases at least its completly undetectable.
As for the cert warnign why bother useign a cert on the cached page ? not all https sites use certs after all. The user would still be unaware of the sec breach.

Again im not saying not to use tor but saying dont use it or any proxy where you log in or submit any information that must be kept secure.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 16:36:47 EDT

novaflare :

said by ddfue5dutduu:

novaflare,

Do the hosting and connectivity agreements of the sites you've secured permit them to operate port scanners or will they be told to stop the scanning as soon as someone complains about the scans? It's routine to prohibit port scanning. How do people from countries where all access to the outside world is via a proxy server manage to connect? Using spam proxy blacklists is an alternative approach which is quite effective and avoids the need to do port scans.

Yes, you're right about the chance of using cached pages. How do you use them when there's an secure connection between client browser and web server, as there should be for any secure connection? That is, how do you insert your page into the secure stream being relayed by Tor? Do you need to be an endpoint which can replace the originating site content with the cached version? And then rely on the high percentage of users who would ignore any warnings they receive? If so, securing the endpoints would be a viable countermeasure.

If you want to block individual users, use java to get their real IP. That bypasses the proxy, at least for AOL connections. Best used for detective work than bans though, since some people may notice and deny you a useful tool if you use it frequently.

Sure just like all the irc networks have. Basically it scans about a half dozen common proxy ports and 3 uncommon ports.

Theres no need to insert any thing but the page in to cache.
By the very nature of caching proxies for all intensive purposes your cached page is on the server as far as your browser is concerned. The largest isp in au uses squid to cache web pages (that was a huge mess for logging in to the same game lucky for the game and players that isp was willing to work with their customers to correct the problem they wanted at least 10 reports before action would be taken.) Caching of pages is nothing new. This includes the cachign of images and text on secure pages all this is done by isps and is still considered secure. I mean realy if you cant trust your isps security there no place on the internet that you can trust. A compramised isp is a very dangerous thing for your security.
Also with tor you only need to be the exit node to have the ability to steal the info with a cached page. Heres the real trouble on sites that double check the page before accepting your secure connection they will refuse the insecure connection possibly with a warning possibly not. So were back to the oh paypal must be down deal. By the time you see the warnign youll have already been screwed.
A potential way to secure a site is to use session urls that are randomly created. But the problem still remains. The site will error and complain on submiting the info but by then its to late.
On my teams part on secureing the site to prevent proxies we scan a few ports and warn the user to leave and come back with out a proxy. Now further what we did is said to hell with the not allowing people in coutnries and areas where the game is sold in stores access to buy on line and just removed the restrictions. We wthen mass mailed notices out to all the beta testers and removed direct links to the buy now page redirecting them to a warning page about proies and a notice of the fact we no longer had any ip/country restrictions on purchaseing the game online.

Blocking users is notso simple they can turn off java i suppose we could require the use of java to come to the forums and sort of do already (submit button on ubb i think is java). On at least part of the site the htaccess file is being used to block tor connections now.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 16:09:19 EDT

Daniel :

said by Wildcatboy :

In other words Tor doesn't have anything in place to prevent that?

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 16:07:00 EDT

anon : novaflare,

Do the hosting and connectivity agreements of the sites you've secured permit them to operate port scanners or will they be told to stop the scanning as soon as someone complains about the scans? It's routine to prohibit port scanning. How do people from countries where all access to the outside world is via a proxy server manage to connect? Using spam proxy blacklists is an alternative approach which is quite effective and avoids the need to do port scans.

Yes, you're right about the chance of using cached pages. How do you use them when there's an secure connection between client browser and web server, as there should be for any secure connection? That is, how do you insert your page into the secure stream being relayed by Tor? Do you need to be an endpoint which can replace the originating site content with the cached version? And then rely on the high percentage of users who would ignore any warnings they receive? If so, securing the endpoints would be a viable countermeasure.

If you want to block individual users, use java to get their real IP. That bypasses the proxy, at least for AOL connections. Best used for detective work than bans though, since some people may notice and deny you a useful tool if you use it frequently.

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 16:03:39 EDT

Daniel :

said by novaflare :

As is net effect is negitive. As long as they allow users to visit secure sites it will remain negitive.

Do remember that you have to be an exit node to capture data (a roughly 1 in 3 chance), unlike on a regular proxy where there isn't any encryption built into the system itself.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 15:28:36 EDT

novaflare :

said by jp10558 :

said by novaflare :

said by jp10558 :

said by novaflare :

said by Daniel :

said by novaflare :

Well sure as i said theres legit uses for it. Ive never said there isnt legit uses for proxy and i heap tor in to the proxy catagory as well thats realy all it is.

Agreed -- ok...we're making progress now. :)

So the question is whether or not you can see that the benefits outweigh any negatives. I believe they do, even considering the possibility of the exit node/transparent proxy issue and the annoyance factor for those that ban based on IP.

In short, the net effect is positive in my view. Do you agree, or do you think the net effect is negative?

As is net effect is negitive. As long as they allow users to visit secure sites it will remain negitive. All any one needs to do is look at all the highjack this logs posted here to know that end users are not very ecurity aware. Say i make a page to steel cc numbers that is from a secure site and hard cache that page. A user likly will not get a prompt for a cert at all. So no warning is given and they hit submit. But even if it pops up a full screen waning dialog with a continue button they will go right on ahead and click continues with out reading fill out info and hit submit. Agin the hacker gets the information he wants. Hell be less successful with a prompt but still have enough to make it all worth doing.

Tor is no diffrent than other proxies except the fact its far easyer to set up. user dls tor intalls tor sets up browser to use tor and away they go. Tor is unfortuantly set and forget litterly. A user will set it up and forget about it.

And what about tinfoil hat useing system builders who decide to protect their customers privacy? Theres a huge oops waiting to happen. The customer may never even relize they are useing tor.

Have you ever even tried to use TOR? It's rather obvious you are using it. You have a privoxy icon in the system tray that's blinking every time you use it, you have a DOS/CLI window that has to be open, and in the task bar (it doesn't allow you to hide it or minimize it to tray) and your browsing is slower. Plus it inserts some sort of hash at the top of every page.

I also don't buy the argument that TOR is bad or at fault becasue of clueless users. Look, are cars broken because if you ignore the gas gauge it'll strand you eventually. Or if you never respond to the check oil light your engine will sieze up eventually?

No!

Again, I'll wait for some examples of these super phish pages (I mean, they are so easy, why don't you have a testcase yet?).

As for forum or IRC trolling, I'd rather use a free proxy cause I don't care about security there. Google will find thousands - so again, TOR isn't any sort of odd man out.

I see we'll have to agree to disagree, because you don't address my points, and I think your points are, well - mostly irrelevent to the use of TOR.

»wiki.noreply.org/noreply/TheOnio···yService
Also you dont need to use privoxy or squid along with tor. As for irc trrolls i banned one person useing tor last night he came in on 18 or 20 diffrent ips in the span of 10 or 12 minutes.

As for the poc pages. First sure i can do it but id never post such a page on a public forum. So that some script kiddie whos viewing these forums can use the code to do real damage.

As shown in that faq its easy to install tor as a service. Btw at least on my windows 2k pro machine theres no icon for tor shown any where when ran as a service.

Just because i will not publically disclose the meathod used to steel credit card numbers does not mean my point is not valid. As ive said i am simply pointing out a potential insecurity in tor that exists with all proxies you will ever use.

So many were saying that it wasnt possible on tor because of the encryption etc. My point was and is tor is no diffrent than a free proxy you find on a list on google. Person fires up tor + squid + custom bank etc pages and waits. And some times hell be the exit node when some one forgets to turn off tor and then he gets their info. Ive seen it with other proxies personaly. My guess is its happened a few 100 times that i havent seen. As i said right now its not very wide spread but it does happen. People should be aware of this potential threat and be very careful to not log in or submit any information while on ANY proxy
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 15:12:47 EDT

jp10558 :

said by novaflare :

said by jp10558 :

said by novaflare :

said by Daniel :

said by novaflare :

Well sure as i said theres legit uses for it. Ive never said there isnt legit uses for proxy and i heap tor in to the proxy catagory as well thats realy all it is.

Wait, you mean you're protecting us all from the script kiddies who don't know how to use google? Anyway, the basic point is that you shouldn't use proxies to log into any sites that you really care about security on. That's all you had to say, but you made such sensationalist posts for *5* pages that many didn't take you seriously.
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Sygate Pro 5.5(Build 2637);Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity with dial-up?

Sat, 13 Aug 2005 15:06:47 EDT

novaflare :

said by Lythimus :

Would tor and Privoxy work well on a 56k dial-up connection? That is to say, would there be a big impact on my browsing speed? I have a pretty good firewall (Sygate PF) and I rarely allow cookies and that sort of thing, so I am not sure if it would be worth it on a dial-up computer. Also, I presume dial-ups are monitored less often than broadbanders, but I do not know too much about the subject.

Also, I am not hosting any servers except log-me-in.

Thanks.

Tor is no diffrent than any other proxy other than the fact that by its nature you could infact end up going through fewer hops to your destination and could on ocasion end up with a faster download speed. This is sort of true on any proxy. Just remember to not use a proxy for any site where you need to enter log in info or credit card info.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 15:03:57 EDT

novaflare :

said by jp10558 :

said by novaflare :

said by Daniel :

said by novaflare :

Well sure as i said theres legit uses for it. Ive never said there isnt legit uses for proxy and i heap tor in to the proxy catagory as well thats realy all it is.

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 13:38:48 EDT

jp10558 :

said by novaflare :

said by Daniel :

said by novaflare :

Well sure as i said theres legit uses for it. Ive never said there isnt legit uses for proxy and i heap tor in to the proxy catagory as well thats realy all it is.

Re: Anonymnity with dial-up?

Sat, 13 Aug 2005 12:01:09 EDT

Lythimus : Would tor and Privoxy work well on a 56k dial-up connection? That is to say, would there be a big impact on my browsing speed? I have a pretty good firewall (Sygate PF) and I rarely allow cookies and that sort of thing, so I am not sure if it would be worth it on a dial-up computer. Also, I presume dial-ups are monitored less often than broadbanders, but I do not know too much about the subject.

Also, I am not hosting any servers except log-me-in.

Thanks.

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 09:38:55 EDT

novaflare :

said by Daniel :

said by novaflare :

Well sure as i said theres legit uses for it. Ive never said there isnt legit uses for proxy and i heap tor in to the proxy catagory as well thats realy all it is.

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 09:16:04 EDT

Daniel :

said by novaflare :

Well sure as i said theres legit uses for it. Ive never said there isnt legit uses for proxy and i heap tor in to the proxy catagory as well thats realy all it is.

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 09:04:46 EDT

Daniel :

said by novaflare :

Id nto be so against tor over security isues if they did one simple thing. Compleatly deny access to any secure site or any site with login and form submits.

Hmm, I see your point here, and I think it's somewhat valid. Unfortunately, form fields are pretty much a staple of much of the Internet. I think doing this would hobble the system so severely that it'd be pointless to continue it.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 09:04:07 EDT

novaflare :

said by Daniel :

Novaflare, I submit to you that Tor's benefits to personal privacy far outweigh the fact that it can be used to annoy IRC and forum mods.

Well sure as i said theres legit uses for it. Ive never said there isnt legit uses for proxy and i heap tor in to the proxy catagory as well thats realy all it is.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 09:02:20 EDT

novaflare :

said by Daniel :

said by novaflare :

So tors main advantyage is for irc trolls forum trolls and game trolls. They can use this crap to bypass legitimate bans so that they can cause more trouble.

Goodness. There are a myriad of systems in place in the world -- especially those designed to protect privacy -- that offer an advantage to those who would do us harm. This is not a reason to decide that the tool itself is evil. Encryption is the perfect example of this. Just because it can be used by bad people against law enforcement doesn't mean it should be made illegal. It's a specious argument.

The bottom line is that if you support organizations like the EFF then you know why projects like Tor are important. If not, then you're likely to only see the negative and label it as a tool for miscreants.

Well if youve seen what i have seen online youd know why i hate the idea of proxies for anominity. I know theres no such thing online so why bother trying? Sure there are legit uses for proxy as i pointed out. Useign them to bypass bad hops reroute your connection or posting on news groups. Hell even the comp sec news groups should not be consiodered safe to post on. We all know hackers both true hackers and script kidies harvest ips from these places. Ive used proxies for such thingsa my self. Its a pain in the ass when you have to change your pass word every time your done useing a forum but when the speed boost you get from useing a unsecured proxy is in the order of 75 76KB over 3KB what are you going to do?

Its not that im so much against tor im against people seeing this post and thinking oooh tor uses encryption there for it must be safe for me to use to go to my bank. I dont use ssl sites very often so im not sure but does a ssl cert reprompt after you accept it? Is there a settign to have it not prompt after accepted?
If so hell my thoughts on useing tor to steel information is even more valid.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 09:00:02 EDT

Daniel : Novaflare, I submit to you that Tor's benefits to personal privacy far outweigh the fact that it can be used to annoy IRC and forum mods.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 08:52:40 EDT

novaflare :

said by jp10558 :

said by Daniel :

Hmm, well let me just say...crow tastes good. :) This isn't to say that the issue is major, but it most definitely is worthy of discussion. And now, thanks to WCB, I see what novaflare's been trying to say all this time.

My apologies to novaflare for lumping him into the troll category.

Now that I see the point, let me see if I can articulate it. The problem is not different than everyday routing in the sense of the technology, but it is fundamentally different in one major way. You can't ever set up an Internet router on your own machine and have people route through it.

In other words, the sniffing of Internet routers isn't headline news because it's not particularly easy. This system, however, makes it so that if you happen to have a Tor server that's in the exit router role, you do get to act like an Internet router.

WCB, as for your ability to pretend you're a third hop, I don't think that's how it works. Bascially, there is encryption with each hop, and the chain is setup beforehand. So even if you were able to switch your role somehow in the middle, you wouldn't be able to decrypt the traffic. That's my understanding as of right now.

But yes, this is definitely something interesting...my regrets again for not trying harder to see the diamond from within the rough.

Ok, I sort of get the idea - most people cannot setup an internet router because of cost, location, and peering issues. However, most people could set up a TOR router, because that only requires an internet connected PC + some knowledge.

For this reason, you trust the TOR endpoints less. Specifically because they aren't professionally maintained.

I get that. However, I guess I don't see how it matters much - I don't trust the internet routers either - there are DNS poisoning attacks, shifty companies, hackers, IOS vulnerabilities etc, which all together don't make me think they are even close to immune to being hijacked.

The best I can see is that you think the probability of being redirected or sniffed is greater from a TOR router than from an Internet Router. I grant that is likely true.

I still don't get how that really matters in the big scheme of things. All of you crying doom - please respond to my last post where I bring up things like phishing, SSL, and the outright stupidity of using a anon proxy chain to then authenticate yourself and why anyone would bother.

To me the whole argument against TOR seems so far to be - TOR may open you up to a phish attempt.

My response is still - so what? So does just being online. So does reading your e-mail. So does getting spyware/malware. Etc.

While these are all risks of course its not nearly as risky as useing a anon proxy can be. I was shocked when i set up my little poc page back a year ago at just how simple it truely was. You need just a very basic understanding of html knowlage alittle css and some java all the rest is just copying and pasteing code. I dont know the proper term any more but basically you only need to link your email submit code to the submit button from the original target page. Now the user hits submit and with a small amount of luck logs in to the real site and sends the email to you with out encryption of any sort.

Id nto be so against tor over security isues if they did one simple thing. Compleatly deny access to any secure site or any site with login and form submits. That then simply leaves a abillity to stop trolls in irc forums and games. As a gm and forum moderator on many forums i need a way to put a perm stop to trolling by a individual user. This is not easy. All a tor user needs do is shut tor down and restart for a new ip this takes secounds + time to connect to the server or site. Forums of course would be covered by no sites with submit forms but the rest isnt.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 08:51:59 EDT

Daniel :

said by novaflare :

So tors main advantyage is for irc trolls forum trolls and game trolls. They can use this crap to bypass legitimate bans so that they can cause more trouble.

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 08:31:41 EDT

novaflare : I was gona try to edit beesteas qoute in my post but its um huge and its to early in the morning so ill copy paste and use reg old " marks.

"It's advantage over the random proxy server is that it automatically links multiple proxies together and encrypts the data between the middle hops. Nothing more."

i never expected to run in to this isue so soon but last night around 10 30 pm est i did. Last night at that time a player in a game for wich i am a gm was banned. With in 10 minutes of getting the suspension he was in irc throughing a fit. So i banned him in irc. secounds later he was back banned gain again secounds later he was back. Over a period of 10 minutes i banned him 18 times. I finaly did a port scan on the ports used by privoxy squid and tor on a couple of his ips. And sure enough they were all tor.
So i used this ip list.
»proxy.org/tor.shtml and banned all of them this finaly stopped him.

Spo tors main advantyage is for irc trolls forum trolls and game trolls. They can use this crap to bypass legitimate bans so that they can cause more trouble. Ill be monitoring that list and adding to it as i find more tor ips.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Sat, 13 Aug 2005 01:28:46 EDT

jp10558 :

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 22:29:00 EDT

NeOmega : from one of my favorite sites, »www.searchlores.org/anonion.htm

Paranoid? - yes, you are :) which doesn't mean you're wrong: someone may indeed be trying to monitor the traffic that passes through the anonymous proxies that you're using. Why else would they set up free proxies, duh?
Now, unless you're a ruthless criminal, your browsing is safe. Just don't use anon proxies to do anything really stupid that could land you in a sea of trouble, anon or no anon. Anon proxies should be used like gloves (to touch sites/servers you don't trust) and/or shades (stay anonymous in the crowd), not like weapons.

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 22:27:18 EDT

Daniel : Hmm, well let me just say...crow tastes good. :) This isn't to say that the issue is major, but it most definitely is worthy of discussion. And now, thanks to WCB, I see what novaflare's been trying to say all this time.

My apologies to novaflare for lumping him into the troll category.

Now that I see the point, let me see if I can articulate it. The problem is not different than everyday routing in the sense of the technology, but it is fundamentally different in one major way. You can't ever set up an Internet router on your own machine and have people route through it.

In other words, the sniffing of Internet routers isn't headline news because it's not particularly easy. This system, however, makes it so that if you happen to have a Tor server that's in the exit router role, you do get to act like an Internet router.

WCB, as for your ability to pretend you're a third hop, I don't think that's how it works. Bascially, there is encryption with each hop, and the chain is setup beforehand. So even if you were able to switch your role somehow in the middle, you wouldn't be able to decrypt the traffic. That's my understanding as of right now.

But yes, this is definitely something interesting...my regrets again for not trying harder to see the diamond from within the rough.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 22:24:36 EDT

NeOmega : I don't get it.

You can use a technique where you ping out looking for a usable proxy one by one... or you can use Tor.

Tor will not make you any more secure... except it will make you anonymous in most senses of the word, and it will hide your activity, (unless the FBI were to one day subpeona a Tor server, which has not happened yet, according to the FAQ)

Here is a list of other things Tor will not do:

I can't even imagine why you would want to be anonymous, while entering a CC card with your name on it, unless you were attempting fraud.

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 22:19:08 EDT

BeesTea :

said by B :

Your stance almost seems to be "it doesn't matter what other risks Tor adds, as long as it fulfills its IP address obscuring purpose". And that just seems silly to me. If it's only suitable for SSL connections, we should say so. Or if it adds only moderate risk to unencrypted Internet communications, we should simply acknowledge that.

It doesn't add any risk, that risk is already there.

I think you guys should read the TOR paper that describes what it does. It isn't SSH, it's a routing project subject to all the same risks as regular routers. Router compromise, misconfiguration, etc are all still problems and TOR makes no attempt to fix them.
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 21:58:28 EDT

BeesTea :

said by Wildcatboy :

Yes, I'm aware of that but as B mentioned, in this particular instance, this is a problem that using Tor will create for me so it's reasonable to expect Tor to attempt to remedy it.

TOR doesn't create that problem any more than someone making a router advertise a route that doesn't belong to them. That happens every day.

said by Wildcatboy :

I also see questions by novaflare that are being brushed off as irrelevant or unrelated but they're not. Instead of actually answering those concerns I see him being portrayed as someone who doesn't know what he's talking about.

They're as relevant as arguing that some text editor is a failure because it doesn't play mp3's. Arguing that something doesn't do something it's not intended to do is pointless.

said by Wildcatboy :

In terms of the vulnerability I mentioned, SSL does nothing. We've all seen successful phishing attempts and this one is no different and is guaranteed to be successful on the Tor network. The fact that the world is an insecure place does not make Tor's vulnerability OK.

It isn't TOR's vulnerability. If someone can redirect IP traffic to a host, fake the CN including DNS, and present a cert signed by a CA in your browser, then sure, SSL does nothing. That's the same with any routing, not TOR specific.

said by Wildcatboy :

The point I was trying to convey is that although a few attempts have been made to make Tor Network a bit more anonymous, No serious attempt has been made to make it more secure than the average anonymous proxy server on the Internet.

It's advantage over the random proxy server is that it automatically links multiple proxies together and encrypts the data between the middle hops. Nothing more.

said by Wildcatboy :

Again I haven't had a chance to read everything there is about the Tor Network but I assume those of you who promote it know enough about it to help me understand.

I don't promote it, infact I think it's a huge mistake for other reasons that I can't discuss here. I only posted regarding that because it was infact a pointless argument.

said by Wildcatboy :

Another thing that would be interesting to know is whether middle hops can masquerade as last hops. If hop 3 can effectively masquerade itself as being the last hop, then the encryption is useless too. In that case every single node can compromise the data and not only the last hop. Not sure if that's possible with how the Network is designed but someone might be able to shed a light on that.

Middle hops are end hops are first hops and middle hops. It is only for the purpose of making a trace to the source IP that encryption is used at all. Not to secure data.

said by Wildcatboy :

In addition to that using fancy words like "Onion Routers" in my view mask the fact that those are nothing but home computers with a Tor server installed and put up by the average Joe. There's no organization that oversees the Network and takes responsibility for what happens on the Network. These are not your ISP's routers that you can trust to a certain point. These are practically all untrusted home computers run by untrusted and in some cases incompetent or malicious users.

The org responsible is the EFF, and they set no higher standards than ICANN does for putting a router on the internet. The name is something you'll have to take up with them. Personally, I think it describes it rather well.

said by Wildcatboy :

People in this forum worry about minute problems to a point of paranoia. They talk about man in the middle attacks that may never, ever happen in a lifetime of an average home user and then we're talking about intentionally directing your own traffic to an untrusted computer?

How is this different than normal routing ?

IP is not a secure end to end protocol as it is. That's why cryptography has been applied to it in hopes of securing the data it carries.

I guess I don't understand where the idea that TOR is anything but a bunch of routers that scrambles the hops comes from. It isn't in the spec for the project.
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 21:48:04 EDT

B :
Of course it's a failing for those who might want to use it for normal plain text yet personal Internet access. You simply can't separate the service from its implementation! It's intended to be used by real people on the real Internet, right?

On the real Internet, thousands of routers owned by ISPs (most with a vested interest in their network) pass your packets for you.

With The Onion Routing network, thousands of individual PCs (of no known provenance and owned by individuals or corporations with no vested interest in the viability of the network, without even mentioning the obvious implications of a compromised PC that can run malware unheard of on a common Cisco or Juniper router) pass your packets for you.

They're not comparable. We always talk about security in layers. We talk about levels of verifiability and trust.

Sending packets over any network of proxies is almost by definition submitting your data to additional possible risk over and above that of compromised Internet routers.

Your stance almost seems to be "it doesn't matter what other risks Tor adds, as long as it fulfills its IP address obscuring purpose". And that just seems silly to me. If it's only suitable for SSL connections, we should say so. Or if it adds only moderate risk to unencrypted Internet communications, we should simply acknowledge that.

Saying the last hop exposure is not a failing because it's not intended to protect unencrypted communication is a little like saying a race car with no seat has no failing as long as it can go fast.

-- B
--
In a realm outside causality and function

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 21:34:58 EDT

lawrence171 : So, this is just bouncing connections around... How does this prevent people from tracing the source of the packets/data?
--
What I used to be I no longer am... God, why can't you freeze time for my sake?

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 21:30:24 EDT

BeesTea :

said by B :

I don't like to see this rather significant failing glossed over with a wave of an https-encrusted hand.

I don't understand how it is a failure. It isn't an intended purpose, therefore cannot be a failure.

I also don't recommend trusting routers on the internet. They're no more trustable than anything else you don't control. It has always been that way and why there are things like SSL, PGP, etc.
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 21:30:16 EDT

Wildcatboy :

said by BeesTea :

Nothing on the internet does.

Yes, I'm aware of that but as B mentioned, in this particular instance, this is a problem that using Tor will create for me so it's reasonable to expect Tor to attempt to remedy it.

The thing is that when I see a thread promoting something as at least interesting, it's willingly or unwillingly promoting its use and that's when we need to make sure people understand the whole concept before start loving something. I also see questions by novaflare that are being brushed off as irrelevant or unrelated but they're not. Instead of actually answering those concerns I see him being portrayed as someone who doesn't know what he's talking about.

In terms of the vulnerability I mentioned, SSL does nothing. We've all seen successful phishing attempts and this one is no different and is guaranteed to be successful on the Tor network. The fact that the world is an insecure place does not make Tor's vulnerability OK.

The point I was trying to convey is that although a few attempts have been made to make Tor Network a bit more anonymous, No serious attempt has been made to make it more secure than the average anonymous proxy server on the Internet.

Again I haven't had a chance to read everything there is about the Tor Network but I assume those of you who promote it know enough about it to help me understand.

Another thing that would be interesting to know is whether middle hops can masquerade as last hops. If hop 3 can effectively masquerade itself as being the last hop, then the encryption is useless too. In that case every single node can compromise the data and not only the last hop. Not sure if that's possible with how the Network is designed but someone might be able to shed a light on that.

In addition to that using fancy words like "Onion Routers" in my view mask the fact that those are nothing but home computers with a Tor server installed and put up by the average Joe. There's no organization that oversees the Network and takes responsibility for what happens on the Network. These are not your ISP's routers that you can trust to a certain point. These are practically all untrusted home computers run by untrusted and in some cases incompetent or malicious users.

People in this forum worry about minute problems to a point of paranoia. They talk about man in the middle attacks that may never, ever happen in a lifetime of an average home user and then we're talking about intentionally directing your own traffic to an untrusted computer?
--
You can catch the Devil, but you can't hold him long.

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 21:09:31 EDT

B : And again, I find that a disingenuous stance, precisely because by using Tor you seem to be ADDING an entire layer of significantly untrustworthy "routers" (possibly compromised individual PCs) to your packets' data path.

It's not at all comparable to the normal set of Internet routers your packets would otherwise traverse. As I said, I generally (and relatively) trust those.

It's not a huge problem as long as Tor users understand that, but I don't like to see this rather significant failing glossed over with a wave of an https-encrusted hand. :)

-- B
--
In a realm outside causality and function

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 20:30:12 EDT

BeesTea :

said by Wildcatboy :

In other words Tor doesn't have anything in place to prevent that?

Nothing on the internet does. This was the point of people mentioning SSL. Routing as a whole is subject to this attack, TOR or otherwise. Stream hardening, other than hiding the source IP, is not an intended function of Onion Routing. That's the application's job to ensure.
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 20:28:20 EDT

jp10558 :

said by novaflare :

said by jp10558 :

said by Wildcatboy :

I think what novaflare has been trying to say and hasn't been successful in conveying it, is that each Tor server belongs to a totally unknown and most likely untrusted user. The fact that the communication is encrypted won't be enough to stop compromise of your data.

I too haven't had a chance to read the complete overview of Tor but it would be great if someone could clarify this for me:

Let's say I build a Tor server and I also run a proxy server on it that directs all requests for paypal.com, eBay.com, major banks, etc... to my own version of those web pages residing on my server. What in Tor system prevents me from redirecting you to may page? You as a user try to go to paypal, you see my version of it which by the way is quite convincing and you enter your username and password. You can't login and you say to yourself "Oops, Paypal must be down." and move on.

I have your password and the encryption didn't do anything. So can someone tell me how Tor prevents me from doing that and what safeguards are in place? This is a question that novaflare has been asking and I haven't seen an answer for it yet or perhaps I missed it.

Well, with paypal - it is SSL before you ever enter your password. So, paypal prevents it with or without tor. eBay is the same. So, unless you somehow get a verisign SSL cert claiming you are eBay or Paypal, I don't get the problem...

Every financial site I've seen is like this - and if you are in the habit of paying for things without it being secure, TOR isn't going to help - but I doubt it will hurt either.

So, yes, I suppose you could spoof yahoo e-mail, but who's using TOR to access their e-mail anyway? I mean, if you have to authenticate yourself to the end site, I don't see how it was worth all the anonymizing steps...

And if you mean to say you're spoofing google search, you're not getting private info that way...

when your entering info in to a moded cached page it does not matter how secure the real site is. SSL never plays a part. Hell why even bother presenting the user with a cert fake or real. Most will asume this is normal and just enter and submit away. Url will show correct anti fishing apps and meathods will be no good etc.

Ok, I don't know about IE, but in Opera, there's this big yellow bar that shows up in the address bar when the site is secure. It's not there if the site isn't SSL authenticated. If you have a spoof that pulls up that bar without a SSL Cert, I want to see it, so I can report the vulnerability to Opera.

At some point, you can't protect ignorant people. If these are the people falling for the nigerian scams etc... it doesn't matter if they have TOR or not. As I said before, there are numerous equivelent methods to phish them, and they are at equal risk without TOR.

Moreso, I'm guessing the people who even know about TOR, much less can manage to set it up, aren't technical neophytes, nor the best targets for phishing. IE, the people who don't use IE, and who know to look for SSL auth before inputting their CC#.

I'd also guess that these people would realise there is little point of using TOR to then tell the site who you are, where you live, and your CC# to order something on a legit site. There's little point using TOR to check yahoo e-mail, as I said before, if you are going to ID yourself to the end site, don't wast the time or overhead with TOR. It's pointless.

OTOH, if you aren't going to those sites for the reasons above, then the possible spoof sites aren't going to garner much information - One, you'll be seeing/spoofing the equivelent of google search, two, you'll only get 1-2 minutes of data before TOR yanks them to a different endpoint, so not enough to do much data anylsis on searches or whatever...
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Sygate Pro 5.5(Build 2637);Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 20:19:43 EDT

novaflare :

said by jp10558 :

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 20:05:29 EDT

jp10558 :

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 20:00:10 EDT

novaflare :

said by Daniel :

1. You have to be on the exit node for that to work, as the other two hops only see encrypted traffic.
2. You have to hope that the user doesn't notice/ignores certificate errors.

Most often no warning is given over a cached page. Neww egg gives no warrnign hell even my bank first merit likly doesnt. Often times what you see on your raw unproxied connection is a page fead to you by your isp. Many dsl providers do this and alot of dialups do. 75% of au broadband for example is provded by a single company. This one company uses a squid proxy set to cache all web pages. No cert warnings are ever given by most web sites. Thos that do give a warning end up essentialy being off limits as they will flat out refuse a ip that has a proxy shown to be a caching proxy. These sites have known for years how dangerous such proxies truely are.

I only see tor being used for one purpose and that is for trolls on irc in games and on forums to dodge bans.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 19:22:34 EDT

Wildcatboy :
In other words Tor doesn't have anything in place to prevent that?

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 19:21:13 EDT

Daniel : 1. You have to be on the exit node for that to work, as the other two hops only see encrypted traffic.
2. You have to hope that the user doesn't notice/ignores certificate errors.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 19:14:22 EDT

Wildcatboy :
I think what novaflare has been trying to say and hasn't been successful in conveying it, is that each Tor server belongs to a totally unknown and most likely untrusted user. The fact that the communication is encrypted won't be enough to stop compromise of your data.

I too haven't had a chance to read the complete overview of Tor but it would be great if someone could clarify this for me:

Let's say I build a Tor server and I also run a proxy server on it that directs all requests for paypal.com, eBay.com, major banks, etc... to my own version of those web pages residing on my server. What in Tor system prevents me from redirecting you to may page? You as a user try to go to paypal, you see my version of it which by the way is quite convincing and you enter your username and password. You can't login and you say to yourself "Oops, Paypal must be down." and move on.

I have your password and the encryption didn't do anything. So can someone tell me how Tor prevents me from doing that and what safeguards are in place? This is a question that novaflare has been asking and I haven't seen an answer for it yet or perhaps I missed it.
--
You can catch the Devil, but you can't hold him long.

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 18:44:32 EDT

NeOmega : well I certainly would not trade stocks online, or use passwords, or any of the other stuff like that, through Tor.

But it is a little more convenient thaan any other method I've seen, for say, when someone stole your girlfriend's photography, posted it on a website, claiming it was his own, trademarked it, and when you call him on it, bans your IP from his website.

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 18:39:50 EDT

inTulsa : Tor anonymizes by sending data through servers that your ISP wouldn't have. The potential problem is that you have to trust that those servers are not malicious in any way. I trust my ISP routing more than I can trust unknown / unpredictable servers.

I have my own HTTP proxy and other forms of proxies like SOCKS. It might amaze some people what can be done with content as it traverses connections. A proxy can modify (or log) any piece of content, or it can replace whole domains with "something else" without the user having any clue. My proxy spoofs Yahoo mail to look like a sub-path of my own domain; Gmail and hotmail appear to be other paths. Going the other way, spoofing hotmail with any other site or path, is really easy. It can also replace IP (no domain name) connection requests with different destinations, all done transparently.

Remember too that even Proxo can manipulate SSL content by playing MiTM. The only trick in doing that is the user importing a trusted certificate to avoid some browser warnings.

I believe that any benefit gained from becoming "anonymous" is not worth the potential loss of security, privacy, and in most cases performance. But some people have nothing really worth protecting, or the need to be occasionally anonymous is too great, so for them Tor and other anonymizer methods are a means to that end. I certainly wouldn't access email or key in a CC# through one.

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 16:06:29 EDT

NeOmega : In response to Sivran:
(how do you get respond with quotes? Or is that premium member only?)

It will slow down your browsing always, technically.

It increases the amount of data flow to 512 bits/bytes or something like that, so no-one can see how much activity is being done. That's as far as I understood it in the FAQ's.

Also, you are adding extra hops, and usually exiting out of somewhere far away from your home.

But you really are not supposed to use Tor all the time, it will make you more traceable. You should use it on an as needed basis, IMHO.

anyways... here is the technical FAQ »wiki.noreply.org/noreply/TheOnio···r/TorFAQ
and I think it answers a lot of issues being raised here.

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 14:24:01 EDT

cowboy :

If yoru behind a proxy one day and have a site tell you to "turn off your proxy then hit F5 to refresh after to view this web site" That is one of the sites i helped to secure. It scans some 35 proxy ports when you connect to the site.

hehe, I'll never be able to use one of your 'secure' sites... I'm not behind a proxy, but as soon as your scanner hits a few ports on my box it will automagically be firewalled to oblivion !
--
Richard Nelson

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 13:57:42 EDT

sivran : Using this has, as any proxy I've tried before it, slowed my browsing to a crawl. :(

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 12:49:37 EDT

BeesTea :

said by novaflare :

I suppose i could create another POC page and build my old firewall box again and show you how it can be done. Youd have to connect to the tor network who knows how many times to get on my tor server but it could be done. I suppose a good example target would be hotmail again. Basically how i proved it was had some of the victoms create test hotmail accoutns useing log usernames and pass words. Then i just gave them their information they entered.

Yes, please do this.

Your posts show that you've little idea what you're talking about and that you haven't so much as read even the overview section of the tor whitepaper. You can post all the play along at home detective stories you'd like, they don't lend anything to your point and frankly I doubt a single person believes them.

Go set up your POC and stop wasting everyone's time.
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 11:56:49 EDT

novaflare :

said by Daniel :

said by novaflare :

In this thread i have been miss qouted half a dozen times. I mentioned that there was no need for a hacker to decrypt ssl or any other form of encryption by simply createing a custom page for log in cc etc info that also emails them the same information but with no encryption.

You ignore the facts, though, dude. Don't you realize that you have to be on the exit node in order to even see any traffic? If you are on one of the other two, Tor's encryption hides everything, including the real source and destination for the traffic.

You claim that we should disprove you. In fact, though, it is you making the claim that no one else here believes. The burden of proof is on you, my friend.

And where does this exit node reside? If im understanding this correwctly that exit node can reside on a infected pc or one set up with the express purpose of steeling personal information. Am i correct in asuming that the ip you see here and on other sites is your exit node im prety sure this is the case. Once on the exit node the trafic is then unencrypted and the only protection you have is ssl wich in the case of cached customized theft pages is pretty meaningless. Now i only made poc pages for 3 or 4 sites one being neweggs page for filling out cc etc information. What i foudn in new eggs case was a glaring lack of any warning about the ssl cert. The cert poped up just fine and was with out any warning that there was even a remote chance that it was in correct.

You have missed my point totaly. Im not saying that tor is any worse than any other anon prox service it may infact even be better than most. But the security threats are no diffrent. At the moment i have no computer that i can run squid on nor the time to recreate my poc pages. Heres some info to help get some one started. In 2 of my poc pages i simply used readly available code for contact us email forms where when you click submit it sends that information to a email address behind the scenes. I modded the code slightly and pasted it in to a origianl log in page for hotmails log in i also modded it slightly. To hide what i did so you couldnt tell by page size i stripped some white space till the pages sizes were identical. Other meathods you could use to get the same result is useing ssi to load your email me code in to the correct areas. All this would do is allow you to strip fewer whitespaces out. If such a page were to reside on a exit node on tor it would have the same exact effect. It would likly take a little more work but my guess is not much more. Will tor be a popular vector for this sort of thing? I think the answer to this is no hell even useing squid and other caching proxies isnt wide spread. The people who did this for the game in question were highly organised. All the various law enforcement people would tell us unrelated to our own case was that they had also done this and similar things with other sites. They also gave us a ruff idea of the total ammount of the theft wich was way over 3 million usd. They had only been doing it for about 6 to 8 months.

Aperrantly me and the others who worked out how this was done were instramental in catching these guys.To bad they never offered us any reward money in exchange for it.

I suppose i could create another POC page and build my old firewall box again and show you how it can be done. Youd have to connect to the tor network who knows how many times to get on my tor server but it could be done. I suppose a good example target would be hotmail again. Basically how i proved it was had some of the victoms create test hotmail accoutns useing log usernames and pass words. Then i just gave them their information they entered.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 10:22:04 EDT

Daniel :

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 10:06:29 EDT

novaflare :

said by jp10558 :

Yeah, it's rather obvious that novaflare either has a woefully inadequate understanding of how TOR, SSL, Squid, DNS and multiple other web technologies function, or is a troll.

The main point is, if you are ignoring SSL cert warnings on "secure" pages, then you're screwed whether you use TOR or not. This whole thing requires a user ignore and click through a scary "this site is not secure" dialog that even IE pops-up, and then enters personal information.

To reiterate, the above "flaw" is in no way related to or assisted by TOR, it can happen via any number of phishing techniques such as e-mails, DNS poisioning, IM bombs, browser hijacks, Host's file compromise etc...

Actually what i am is some one who has seen this all in the past. Tor claims you will be anon now but give them some time and they will disclaim it in such a way that all any web master needs do is request the logs. And guess what they will hand them over no question asked. Just like anonomizer does. Then there are infact alot of security threats to this see them or not they are there. Simply put once you leave the tor network your packets have to be in a unencrypted state or the web site in question wont give you any thing and you wont be able to log in.So on the exit node like it or not it can be seen in clear text. Course every one will deny it all and try to shoot down every argument made against tor. Then one day there will be reports of a compramise of personal information and it will be tracked down and turn out opps i was right all along. You can never be anon and be online. Big deal your ip belongs to some one elses computer. Go hack neweggs server while on tor and see how long your precious anon status last. Tor is nothing more than a troll tool a way for them to bypass bans just like all other proxies with a tiny number of exceptions.

You want to see the truth about tor fire it up come here and do a port scan shut down restart tor repeat. Then ask your self how many of these tor proxy servers are infected with all manner of spyware trojans keyloggers sniffers etc. Do you realy want to trust a computer whos owner doesnt even know to close off port 139 from the outside world? I found no less than 8 pcs running tor with 139 wide open out of 10 i checked. Out of those 10 3 had BO trojans running on them others had other trojan ports open. Then there is the 5 that have open mail relays (likly spam bots). Then there were 6 that have the port responsable for messenger spam open to the outside world as well. Then theres the ones running squid proxies open to the out side world. Squid was what i found to be responsable for credit card theft some time ago when soem 12 to 15 users of one site had their cc numbers stolen total charges for those users was over $18,000. Not all were able to have those charges removed. I try to point out somethign all users of this proxy net work should be aware of like a potential security threat and get called a troll. Get my argument shot down with out any proof to the contrary. In this thread i have been miss qouted half a dozen times. I mentioned that there was no need for a hacker to decrypt ssl or any other form of encryption by simply createing a custom page for log in cc etc info that also emails them the same information but with no encryption. And not all sites will present a warning about a invalid cert because your useing a cached copy of the page. In fact many sites wont includeign newegg. Dont forget many large isps also feed users cached pages. The sites that do give a warnign about ssl certs when the page is viewed from a cached copy in this case many users will ignore the warnings.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 09:19:21 EDT

B :

said by wormie :

Again though, this isn't what Tor is about. Its purpose is to hide your IP address. Beyond that, security is up to you. Tor hides your IP address, just like it's designed to do. If you go blabbing all your other information via unencrypted connections it's really not Tor's fault.

Thanks guys; I understand better now -- the last hop onion router is the only one that sees the information in the clear, because it delivers to the destination. But here's the thing I think is being conveniently overlooked.

You say "it's not Tor's problem" and "its only purpose is to hide your IP address" but that's disingenuous -- because Tor is INTRODUCING a problem by the way it's fulfilling its IP-address-obscuring purpose.

It's NOT simply a drop-in replacement for normal unproxied connections because it ADDS a level of risk that was not there previously! That risk must be evaluated in any cost/benefit analysis of the technology.

I'm not saying it's a huge, deal-breaking risk, or that it could even be avoided, but it's there, and anyone using Tor should probably understand that. Their unencrypted communication can be clearly read by at least one computer that otherwise would not be privy to it. The degree of trust in that last-hop onion router must be paramount, I would think. Excusing it away with "oh you should use encryption anyway" seems a bit weak to me. (I generally trust Internet backbone routers and generally distrust public proxies.)

-- B
--
In a realm outside causality and function

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 02:10:14 EDT

Daniel :

said by B :

»wiki.noreply.org/noreply/TheOnio···1bec7ac1 seems to touch on this concern?

Ah, but that's only the exit node, and only if you don't use SSL. ;)

The previous two nodes only got encrypted traffic and didn't even know what the final destination was. They couldn't see crap. The exit node needs to see the original data and the original destination in order to hand it off. The beauty of the system comes in the two hops before that, and the fact that even that exit node has no idea what the original source was.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 02:04:27 EDT

Daniel :

said by B :

Isn't there still a substantial difference between using "The Internet" and using Tor for unencrypted traffic? Isn't each "onion router" that touches your unencrypted traffic able to view that traffic?

Well, no. Tor encryption makes it so that individual hosts can't compromise the traffic. Not only is the traffic itself encrypted as it's being relayed, but the only source and destination being seen by each OR are the source and destination of the previous and next hops. It's quite nice. Here's something about the encryption used:

said by the Tor website:

In the original Onion Routing design, a single hostile node could record traffic and later compromise successive nodes in the circuit and force them to decrypt it. Rather than using a single multiply encrypted data structure (an onion) to lay each circuit, Tor now uses an incremental or telescoping path-building design, where the initiator negotiates session keys with each successive hop in the circuit. Once these keys are deleted, subsequently compromised nodes cannot decrypt old traffic.

But yeah, the last hop obviously sees the unencrypted traffic (if you didn't encrypt it yourself), and the source from their point of view is themselves, with a destination of your original destination. Return traffic goes backwards, with the destination being the previous Tor OR in the chain.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 01:30:44 EDT

wormie : The final node you touch is indeed able to see your data provided it's unencrypted. If you don't trust this exit node (and you probably shouldn't) then yes, you have reason to be concerned. More importantly, you have reason not to ever use unencrypted logins, period.

Tor is only designed to hide your IP address, if you give your identity away in other ways it's a different issue entirely.

Logging into DSLR without SSL is hardly a big deal. Worst-case scenario somebody posts something obnoxious under your name. If you're logging into a site that can cause you serious trouble in real life, you would be foolish not to use encryption.

Again though, this isn't what Tor is about. Its purpose is to hide your IP address. Beyond that, security is up to you. Tor hides your IP address, just like it's designed to do. If you go blabbing all your other information via unencrypted connections it's really not Tor's fault.
--
What Would Jim Jones Do?

Re: Anonymnity: Introduction To The Tor Network

Fri, 12 Aug 2005 01:11:04 EDT

B :
I've managed to ignore most of this spat, and don't know Tor well, but...

isn't there still a substantial difference between using "The Internet" and using Tor for unencrypted traffic? Isn't each "onion router" that touches your unencrypted traffic able to view that traffic?

For example, if I log in to DSLR with Tor, can one or more of these onion routers (really PCs) see my userid and password?

Sure, my IP address may be sufficiently obscured, but there are all sorts of data that don't lend themselves to SSL but also aren't exactly postcard-global-read worthy.

»wiki.noreply.org/noreply/TheOnio···1bec7ac1 seems to touch on this concern?

This would seem to me to be a significant risk over and above that of normal web surfing, in which you merely have to trust the (real) routers handling your unencrypted traffic.

My apologies in advance, since this has likely been explained already. :(

-- B
--
In a realm outside causality and function

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 17:49:56 EDT

jp10558 : Yeah, it's rather obvious that novaflare either has a woefully inadequate understanding of how TOR, SSL, Squid, DNS and multiple other web technologies function, or is a troll.

The main point is, if you are ignoring SSL cert warnings on "secure" pages, then you're screwed whether you use TOR or not. This whole thing requires a user ignore and click through a scary "this site is not secure" dialog that even IE pops-up, and then enters personal information.

To reiterate, the above "flaw" is in no way related to or assisted by TOR, it can happen via any number of phishing techniques such as e-mails, DNS poisioning, IM bombs, browser hijacks, Host's file compromise etc...
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Sygate Pro 5.5(Build 2637);Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 11:55:00 EDT

BeesTea :

said by Daniel :

I think I'm done here.

Now you see =)

Just to stir the fire. Just imagine the fun once they realize you can do this with every router along the way too.. Never mind tor.. THINK OF THE ROUTERS MAN!!

OMGHAXORZ!!one!11

=)
--
"I can't stand the package managers that come with Linux. RPM, Portage, and the rest don't even let you build from source. The ports collection was all I needed." - Some FreeBSD jackass

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 11:42:18 EDT

Daniel :

said by novaflare :

Why bother captureing data at all when all you need to do is have the bogus web site email you it unencrypted.

I think I'm done here.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 11:31:25 EDT

novaflare :

said by Daniel :

said by novaflare :

On ssl its only safe as long as your getting a fresh page. Ive given the example a dozen times. All some one needs tdo is cache the page on a local proxy say squid for example.

So let me get this straight, Novaflare -- you're telling me you're able to:

1. Put up a malicious Tor server and have it used by the system.
2. Sit and watch the encrypted traffic moving through it, ignoring the Tor encryption.
3. Put up a fake website for the bank being requested and somehow redirect the user to your daemon.
4. Keep the user from getting a certificate warning after you intercept them.
5. Capture all their credentials from what they thought was a secure site.

Is that what you'd have us believe?

Why bother captureing data at all when all you need to do is have the bogus web site email you it unencrypted. Depending on the site in question there will be no warnign because the cert is valid some sites will warn the cert is invalid and some users might even pay attention to it. But for every user who does there will be at least 1 other who doesnt.
No need to redirect set up the malicious proxy server that tor will use example squid with the non expiring cached page and sit in wait for your tor server to be used.

Sure its unlikly on a user by use basis probably one in a few 1000 chance that it will put them on to your node daemon etc. And even less a chance they will e going to a site whos log in page you modded and cached. But fact is given enough time you will get hits to that page and you will get their information. If i was going to do it id target bank of america first merit bank one and star bank. Id also target paypal and ebay. Id likly also make a bogus msn and hotmail log in page to steel email addresses. I know from seeing people do it that alot of people will give other people ssi numbers cc numbers etc through highly unsecure email.
If i targeted all of those and had success at getting the log in pages to work as intended id probably get 10 to 15k in the first year easly. Tor runs is nothign more than a socks proxy that can connect to another proxy such as squid privoxy etc. My guess is it wouldnt be to hard to forge the trafic for tor and trick the network in to thinking your plain old squid is a tor server. Ither way its not a stretch for any of this to happen.

This argument is no diffrent than the one i had with a friend of mine who swore his heavly moddified phpbb was secure and was not vunrable. Right now hes on day 3 of repairing the damage to his site from where some one hacked said phpbb.
Ive cleaned up messes caused by proxies ive helped to secure a site or 3 against such tactics. The secureing of a site is pretty simple. Just deny any computer behind a open proxy.

If yoru behind a proxy one day and have a site tell you to "turn off your proxy then hit F5 to refresh after to view this web site" That is one of the sites i helped to secure. It scans some 35 proxy ports when you connect to the site.

Fact is any time your useing a proxy to visit a secure site your taking a chance that your tossing every single bit of security on that site in the trash can. Regardless of the proxy or proxy network you use.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 10:45:59 EDT

Daniel :

said by novaflare :

On ssl its only safe as long as your getting a fresh page. Ive given the example a dozen times. All some one needs tdo is cache the page on a local proxy say squid for example.

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 10:42:26 EDT

novaflare : I give up use it and when some one does get their personal information and cc numbers as a direct result of the mighty tor ill be here to say i told you so. This thing is goign to lead to just that. Like all the other fear mongering anomnominity proxy services before it it will be nothign but trouble. Even if it gets to a point where it cant be cracked or used to steel identifies cc numbers etc they will cave to presure from isps and other net service providers and turn over logs of who was where and what time.

Anon and the internet go to gather like a hamburger and jello both are great on their own but they just dont mix well.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 10:33:44 EDT

Daniel :

said by novaflare :

From tors vey own faq as another poster mentioned its exactly as i thought it might be. Each pc useing tor is also a proxy for tor.

Uh, no. There is a seperate installation for a Tor server. A Tor server is what people bounce through -- not Tor clients. Pardon the sarcasm, but the word "server" is key there, i.e. a daemon offering a service to others.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 09:02:32 EDT

novaflare :

said by MattUK :

said by novaflare :

And if they are infected with something then so are you essentialy.

I do not understand your logic here. If a Tor proxy is infected, so what? How exactly is it going to spread this through Tor to other systems? Or am I missing the point entirely?

My understanding is the same as Daniel and others in this thread. It's is about anonymity not encryption, firstly. Any up-standing website that requires personal info will use SSL, which I think you could agree is pretty safe? So how does the Tor system magically decrypt the SSL allowing a Tor proxy to see the info?

On ssl its only safe as long as your getting a fresh page. Ive given the example a dozen times. All some one needs tdo is cache the page on a local proxy say squid for example. They then modify the cached page to also email them the info you enter. The site i used as a example used ssl and the information was still stolen. On my test of going through the proxy that was used i was able to log right in with out any troubles at all. The ssl cert showed as valid for the domain etc. as seen from my previous post multiple ports were open on a single tested ip. If i tested more im sure id find squid proxies running on alot of tor ips. Then gain as in my test above open mail relays are also found. In 3 scans of 3 ips i found 2 open mail relays. Also found port 139 open on the one. This is frigtening to me. Do you relize how much damage even i could do with port 139? I could infect them with basically any thing i wanted with out them doing any thing more than rebooting their computer. I would not be afraid to bet that this paticualr computer has default administrative shares and that means i can drop files any where i want including start up folder. Worse yet their logs would likly show that it was a local loop back connection thanks to tor.

There will never be a secure proxy network. Tor is as insecure as those open proxies found on google. Simply put a infection there may as well be a keylogger on your own system. But heres the real trouble. Do to he ability to cache pages and display them to the user a hacker doesnt need to sift through logs to find what he wants he just needs to check his email for log in information cc information etc. SSL HTTPS etc does not matter when the page you put your info in to is a cached page runnign on a proxy server your on. That cached page can be modified with ease i did it my self to test my idea out when those 12 or so people got their cc numbers stolen. (NO i will not demonstrate it or explain how its done.)
The server i set up was ssl enabled and was https. In the end none of that mattered. I used squid to provide the cached page that i had modded to send me the email with the hotmail and other test page information.

--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 08:48:31 EDT

anon : Results from a port scan while behind tor useing dslreports port scan.
What does this mean? Well for spammers alot note port 25 open. I wont post the ip but i did test it and sure enough open mail relay. I sent my self a email to tet. Spammers will enjoy tor. They can use it to send out mega ammounts of spam and no need to even bother forging headers. Hell they dont even need to get some one to install a spam bot. All they need to do is run a nice email sver on their own computer with mailing lists fetures fire up good old tor and have a feild day.
Or they can run port scans from dsl reports or any number of other sites like grc and find lovly open mail relays.

TCP default : CLOSED We received a response packet that no service is available.
TCP 22 : OPEN The port is open.
6 - Read

TCP 25 : OPEN The port is open.
5 - Read

TCP 53 : OPEN The port is open.
8 - Read

TCP 110 : OPEN The port is open.
5 - Read

TCP 143 : OPEN The port is open.
1 - Read

TCP 873 : OPEN The port is open.
1 - Read

TCP 993 : OPEN The port is open.
1 - Read

TCP 995 : OPEN The port is open.
1 - Read

UDP default : CLOSED We received a response packet that no service is available.
UDP 53 : OPEN The port is open.
7 - Read

UDP 123 : OPEN The port is open.
5 - Read

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 07:29:04 EDT

MattUK :

said by novaflare :

And if they are infected with something then so are you essentialy.

Re: Anonymnity: Introduction To The Tor Network

Thu, 11 Aug 2005 07:12:23 EDT

novaflare :

said by Daniel :

And what exactly is going to happen when the encrypted traffic comes through that specific host for roughly 60 seconds? What are they supposed to do with that? Assuming there was an attacker on that host, they wouldn't be able to crack the Tor encryption or the encryption that the person should be using if the data was confidential. In short, you gain nothing but a view of some encrypted traffic that you can't break.

Thats just the thing daniel they dont need to unencrypt it at all. You get the cached page that is https that also sends a email with the info the user put in the fields for c name expiration date etc.

In the instance where i helped to put a top to it the page in question was https. When the user hit submit they got no waening at all. All they got that might alert some people was a warning about the cert.

From tors vey own faq as another poster mentioned its exactly as i thought it might be. Each pc useing tor is also a proxy for tor. And if they are infected with something then so are you essentialy. If they have a proxy that feeds a cached page thats been modified then you will see that page and not the real page. If that cached page is made to send emails of what you type it in will. These emails will not be encrypted and the person who receives them will have your information. As i said this is not just some idea of a potential threat this has happened once in my personal experiance (well on one site that effected 12 or 15 users) and at least twice that i know of. The other time i know of it was a banks web site that was targeted.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Wed, 10 Aug 2005 23:15:43 EDT

Daniel :

said by novaflare :

This is what im talking about. Tor is nothing more than proxy servers running on untrusted pcs. Now what you likly seen was a web site that is scanning for open proxies. Heres a fun one find a free anon proxy then go to the test and tools pages here and do a port scan. In fact use tor and see what it shows. Then tell me this thing is trust worthy.

You seem to be obsessed with the concept that a machine with open ports is compromised.

said by novaflare :

If i understand correctly what tor is in essence is proxies connecting to other proxies and routeing your connection through them. And these proxies are running on personal computers. These personal computers tell the tor server im online and accepting tor connections use me. Now theres a high probability that a large number of these people useing tor are downloading cracks warez and who knows what else. Not the mostt carefull bunch (see many highjack this logs for examples). So warez freak downloads a crack thats realy a trojan you connect to this trojaned pc as your first stop.

And what exactly is going to happen when the encrypted traffic comes through that specific host for roughly 60 seconds? What are they supposed to do with that? Assuming there was an attacker on that host, they wouldn't be able to crack the Tor encryption or the encryption that the person should be using if the data was confidential. In short, you gain nothing but a view of some encrypted traffic that you can't break.

said by novaflare :

You a visit somestoresite.com while on this first hop enter your cc etc info. Trojan was used to to install a custom webpage for somestoresite.com that emails your information to hacker who used trojan to install cached page for somestoresite.com. Hacker now has your information. You just got torn up by tor.

Again, how is the host decrypting the traffic moving through it? And how many people do you know that enter credit card information into unencrypted websites -- especially people using Tor?

More importantly, consider that the list of Tor servers a given client will use is chosen at random when the client connects. Then consider that each connection is only maintained for like a minute.

Seriously, you should focus more on looking at protocols and making logic-based comments rather than spewing forth the first thing that comes to mind. Go check out »tor.eff.org/overview.html; read the whole thing and tell me if you still feel the same way.

Oh, by the way, also consider that Tor was designed by the EFF and DARPA, a.k.a. the Military. If you think your insights have uncovered some sort of weaknesses in their approach, I encourage you to let them know immediately. I'm sure they'd be willing to hire you on the spot given the fact that you were able to uncover in mere minutes problems with a network that took them years to develop.

Good day.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Wed, 10 Aug 2005 23:14:14 EDT

B :

said by Daniel :

said by nobodyuknow :

I dont think Novaflare is entirely wrong is having some doubts about TOR. I was using tor and I went to a Google search page and it said my PC was infected and ask me to download some software to scan the infection? When I disconnect from Tor and went to Google I didn't get the message. So, maybe machines on the TOR network can be infected.

I am at a loss for words.

Guess what? That's in the FAQ!

3.12. Google tells me I have spyware installed.

This is a known and intermittent problem; it does not mean that Google considers Tor to be spyware. Instead, Google tries to detect certain kinds of spyware or viruses that send distinctive queries to Google Search. It then notes the IP addresses from which those queries are received. Finally, Google tries to warn the users of those IP addresses that it received queries indicating an infection.

When you use Tor, you are sending queries through exit nodes that are also shared by thousands of other users. If some of those users are infected with software that Google detects, Google may mistakenly conclude that the exit nodes themselves are infected (because the requests appeared to originate from the exit nodes) and, for a limited period of time, will try (incorrectly) to warn all Google users who share an exit node with an infected machine that they are themselves infected.

You may also get this sort of message when lots of Tor users are querying Google in a short period of time. Google interprets the high volume of traffic as somebody trying to "crawl" their website, so it slows down traffic from that IP address for a short time.

To our knowledge, Google is not doing anything intentionally specifically to deter or block Tor use. The error message about an infected machine should clear up again after a short time.

If we think of a measure that would prevent users from seeing this sort of spurious warning message, we will certainly suggest it to Google and to other web site developers. There may also be technical workarounds for Tor end-users affected by this problem; if you find a useful workaround and write up a description of it, please let us know. [#]

»wiki.noreply.org/noreply/TheOnio···r/TorFAQ

-- B
--
In a realm outside causality and function

Re: Anonymnity: Introduction To The Tor Network

Wed, 10 Aug 2005 23:13:25 EDT

ghost16825 : LOL. Quite amusing, this thread.

Re: Anonymnity: Introduction To The Tor Network

Wed, 10 Aug 2005 23:05:48 EDT

bpm3k :

said by novaflare :

Heres a fun one find a free anon proxy then go to the test and tools pages here and do a port scan. In fact use tor and see what it shows.

Consider it done.
The open port is 22 and it is for "ssh remote login protocol."

Re: Anonymnity: Introduction To The Tor Network

Wed, 10 Aug 2005 22:50:19 EDT

Daniel :

I am at a loss for words.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Wed, 10 Aug 2005 22:28:30 EDT

novaflare :

This is what im talking about. Tor is nothing more than proxy servers running on untrusted pcs. Now what you likly seen was a web site that is scanning for open proxies. Heres a fun one find a free anon proxy then go to the test and tools pages here and do a port scan. In fact use tor and see what it shows. Then tell me this thing is trust worthy. If i understand correctly what tor is in essence is proxies connecting to other proxies and routeing your connection through them. And these proxies are running on personal computers. These personal computers tell the tor server im online and accepting tor connections use me. Now theres a high probability that a large number of these people useing tor are downloading cracks warez and who knows what else. Not the mostt carefull bunch (see many highjack this logs for examples). So warez freak downloads a crack thats realy a trojan you connect to this trojaned pc as your first stop. You visit somestoresite.com while on this first hop enter your cc etc info. Trojan was used to to install a custom webpage for somestoresite.com that emails your information to hacker who used trojan to install cached page for somestoresite.com. Hacker now has your information. You just got torn up by tor.

Unlikly sure it is never going to happen? Wrong it will happen given enough time hackers will specifically target tor for exploits to get at that low hanging fruit they know will be there. It will happen period. Maybe not on any huge scale but it will happen none the less. Tor like many other anonomizers before it will go the way of the dodo.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Wed, 10 Aug 2005 21:54:42 EDT

hpguru :

LOL! :D
--
Get hpHOSTS! Member ASAP
Downing St. memo: BUSH LIED, YOUR SON DIED.
REMEMBER 1776! NEVER FORGET!

Re: Anonymnity: Introduction To The Tor Network

Wed, 10 Aug 2005 20:26:08 EDT

nobodyuknow : I dont think Novaflare is entirely wrong is having some doubts about TOR. I was using tor and I went to a Google search page and it said my PC was infected and ask me to download some software to scan the infection? When I disconnect from Tor and went to Google I didn't get the message. So, maybe machines on the TOR network can be infected. It's would be a tempting target I gather.

Re: Anonymnity: Introduction To The Tor Network

Tue, 09 Aug 2005 00:10:43 EDT

Daniel : jp10558 and wormie have nicely articulated the problems with your arguments, novaflare. You simply seem to be missing the point of the project. If we've got you all wrong, do show us where we've gone astray; I'd be happy to explore your concerns, but we have to be on the same sheet of music first.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 23:57:51 EDT

wormie : Novaflare, I have some trouble following your writing style, but it looks to me like you're misunderstanding the purpose of Tor. If the final node (or anyone able to sniff its traffic) wants to listen to your unencrypted data pass through then of course they're able to do so. That's not a flaw in the design, it's just not the point of using Tor.

Tor is about anonymity, not encryption. Specifically, it prevents people from tracing things back to you via your IP address, that's all there is to it. The first node on the route knows your IP address, the last node does not. The last node doesn't even know the first node's IP address, so you can't just backtrack to find the source. It's not about encryption, it's about keeping your physical location a secret.

Sure, it's not wise to send unencrypted personal information through an unknown proxy server, but then again it's not wise to send unencrypted personal information through ANY server. If someone's doing that they've got bigger problems than a theoretically compromised last server. If I'm handing my driver's license to a stranger, they have easier ways of finding me than tracing my IP address.

Of course, a simple SSL connection will keep that "hijacked" final hop from seeing the slightest bit of useful information. Though if you think you can run a successful man-in-the-middle attack using the Tor network go for it, I'm sure the developers would love to know how it's done.

Tor works very well for what it's designed to do. I routinely use it for IRC, and when feeling paranoid I'll even use it for normal web browsing, which it does perfectly well. (Plus it's fun to see google come up in different languages all the time.)

If you require anonymity, or even just suffer from a bit of paranoia about your IP address showing up in everyone's logs, there's really no reason not to use Tor.
--
What Would Jim Jones Do?

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 23:55:49 EDT

jp10558 : Ok, but you seem to miss the point. You can be sniffed without using a proxy, as shown by a google phish you indicated. If you are worried, SSL or some end to end encryption and authentication MUST be used - otherwise it's no proxies fault, it can happen without a proxy at all.

Even if one endpoint in TOR is compromised, your circuts change periodically, so it won't get all your communications, it doesn't even get one whole session for a forum. IME, it switches endpoints every 2 minutes or so.
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Sygate Pro 5.5(Build 2637);Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 22:43:36 EDT

novaflare :

said by Gelroos :

A lot of this reminds me off trying to explain anonymous email using Mixmaster relays and eventual posting to newsgroups for retrieval. People just can't seem to realize that compromised nodes may be able to intercept and READ the data, but if the data is in a form that is UNREADABLE, then the data is useless to them. I can chain proxies and run a SSL tunnel thru several proxies, it may be slow, but the data will transverse the entire chain, ENCRYPTED, and then to the eventual target. If any of the proxy's try to modify the communication the worst that will happen is an error/break in communications. They would have to break the SSL tunnel encryption to READ the data I am sending/receiving. If the website I am communicating with is using SSL, and it is setup right, and my client supports it, then barring decrypting the SSL tunnel, I am pretty secure. Secure enough for what I am using SSL for, if I need more encryption, I use it.

And if the first hop in that chain happens to be compramised then what? Dont say it cant or wont happen. I know it can and given time will.
I mean realy how likly is it that game x with 3500 customers who can not buy it in a store localy and need to pay to download would get their information stolen all useing the same and only proxy that was a proxy set up to steel said info?
Not very damn likly highly unlikly infact yet it did happen. Once we managed to find away to deny proxies from connecting to the server for shoping we had those effected users take a survey of those 12 to 15 users 6 found the proxy on a proxy list online the rest were refered via private message on the games forum by one of 3 people. Half the cistomers effected by the theft found it useing google and other engines.
Maybe tor is th greatest thing sence sliced bread and maybe it will never be compramised in such a way as to ever effect any one. But i ask you why take a chance. Im not saying dont use tor but simply saying dont use it for any secure transations online dont ever log in to any thing with it unless your willing to turn it off change your log in info when leaving a secure site. The risk is to great. Yes most banks have mesures in place to keep you from being responsable for bogus charges but take it from some one who has helped people with things like this its a big hassle in alot of cases.
Proxies for rerouteing your connection fine for protecting you when posting on news groups great thats good to but when going to sites requiring log in its a huge mistake you could end up with a big suprise one day.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 21:38:07 EDT

Daniel : Well said, Gelroos.

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 16:15:25 EDT

Gelroos : A lot of this reminds me off trying to explain anonymous email using Mixmaster relays and eventual posting to newsgroups for retrieval. People just can't seem to realize that compromised nodes may be able to intercept and READ the data, but if the data is in a form that is UNREADABLE, then the data is useless to them. I can chain proxies and run a SSL tunnel thru several proxies, it may be slow, but the data will transverse the entire chain, ENCRYPTED, and then to the eventual target. If any of the proxy's try to modify the communication the worst that will happen is an error/break in communications. They would have to break the SSL tunnel encryption to READ the data I am sending/receiving. If the website I am communicating with is using SSL, and it is setup right, and my client supports it, then barring decrypting the SSL tunnel, I am pretty secure. Secure enough for what I am using SSL for, if I need more encryption, I use it.
--
The tree of liberty must be refreshed from time to time with the blood of patriots & tyrants. It is it's natural manure. The "Tree of Liberty" letter From Thomas Jefferson to William Smith

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 15:26:48 EDT

Daniel :

said by novaflare :

Your wrong there, Daniel. Trafic can be encrypted or decrypted it doesnt matter.

Wrong about what? Are you saying that if SSL encrypted traffic moves through a compromised Tor server it can be broken? I don't think so. My point is simple, if your data's important -- encrypt it. No one here is saying we should depend on Tor for data confidentiality.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 15:21:07 EDT

novaflare :

said by Daniel :

said by EGeezer :

Once a rogue node is in place, it would seem the node operator would be free to trap and decrypt traffic at their leisure.

Again, this is only an issue if the original traffic was unencrypted to begin with, which isn't a good idea (unless you don't care if someone reads it).

In short, if you want your data to be private, encrypt it. The Tor network just bounces whatever you send through its servers with additional encryption.

That being said, if a rougue Tor server was set up, what could it see? Well, if the user encrypted their data they'd simply see encrypted data from another Tor server. I see the benefits of this system being legion compared to any downsides -- especially since it's free.

Your wrong their daniel. Trafic can be encrypted or decrypted it doesnt matter. My poc page accepted and sent data fully encrypted to hotmail and another test target (the one i was involved with finding a way to protect it). The https was fully encrypted i could not see the data that was sent https in a unencrypted form. But the email submit add on sent the data fully unencrypted to me. It also with hotmail logged them in just fine with the secound target it gave a error 404 not found. Url was correct nothing about proxy server etc just a failed login. To the user it would seem like a oh damn the proxy im useing is slowing down my connection and would simply at this point turn off the proxy. Course by that time the damage is done.

Proxy as privacy or to get to a site thats slow for you fine have at it the privacy it gives is likly not realy even there the re routing of your trafic to a hopefully faster route still applies and is usefull. I do use proxies alot for the secound reason to speed up my connection to some sites. Some of these sites need me to login and i have to change my pass word every time while off the proxy when im done. But its worth it. No proxy and i get .5 to 1KB dl on the flash heavy page with proxy i get 80+KB.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 14:49:53 EDT

Daniel :

said by EGeezer :

I also wonder what would happen if a legitimate node were to be infected and owned. Since there's no way to verify the security practices of a node operator, there could be a "clueless user" volunteer's system being used as a sniffer or collector of information that could be brute-force decrypted to fish for goodies.

I don't think so; my understanding is that these relays are blind; they're like Skype supernodes. It's a coduit for encrypted traffic moving through the network -- nothing more, nothing less.

While it'd not be good to have one of these systems compromised, I don't think it'd ruin the integrity of the entire network.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 14:47:18 EDT

Daniel :

said by EGeezer :

Once a rogue node is in place, it would seem the node operator would be free to trap and decrypt traffic at their leisure.

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 12:37:52 EDT

EGeezer : I think trusted and verified control points are the requirements for any such network. The Tor signup process is quite rudimentary with minimal qualification or verification of the applicant's legitimacy.

Once a rogue node is in place, it would seem the node operator would be free to trap and decrypt traffic at their leisure. Since no rootkits or other malware are on the user's system, detection at that point would not be possible through malware detection schemes.

I also wonder what would happen if a legitimate node were to be infected and owned. Since there's no way to verify the security practices of a node operator, there could be a "clueless user" volunteer's system being used as a sniffer or collector of information that could be brute-force decrypted to fish for goodies.

I think it's an interesting and possibly workable idea, but vetting those with control over the nodes and servers would be a must. They'll have to convince me that it's a trusted network with trusted components. In the meantime, I feel I'd be gaining anonymity only between me and the remote system I'm connecting to, but exposing myself to the operators and nodes of the transporting anomymizer system.

Keep up the discussion - I'm interested in the pros & cons. :)
--
Every
Good
Electrical
Engineer
Zeroes
Each
Register

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 11:47:41 EDT

Daniel :

said by novaflare :

Im talking about a script kiddie makeing a hacked version of tor to steel personal information and why no proxies should ever be used to transmit information that is secure.

A hacked version of Tor? Tor is two things, software loaded onto a user's system that lets them use the network, and the network itself. If you propose that a cracker could write the former, then they still have to install it. If they can install it, then why not just install a rootkit? I'll assume you know why they can't make another version of the network.

said by novaflare :

This includes banking info cc numbers log i info etc.

Use SSL for that. This project deals with hiding your source IP; it has nothing to do with the confidentiality of the data being moved.

said by novaflare :

As for getting by ip bans etc useing a proxy thats very easy to stop. Scan common proxy ports on all incoming connections and refuse the connection if one of those ports are open.

And what if the server is firewalled? That's relying on the box answering new connection requests from random hosts -- something that isn't all that likely on a network set up for this sort of thing. You're confusing a misconfigured and/or cracked system running a proxy with a system designed to do precisely this.

--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 11:04:02 EDT

jp10558 : Tor isn't designed for security - it's designed for anonyminity. You should still use SSL for secured connections to the endpoint webpage.

Otherwise, this is no less secure than a direct connection to the net, however it does make it more difficult to trace you.
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Sygate Pro 5.5(Build 2637);Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 10:05:39 EDT

novaflare :

said by Daniel :

Anyone doubting the legitimate uses of anonymous proxies needs to think about the legitimate uses of encryption as well. Just because something is likely going to also be used for nefarious purposes, doesn't make it inherently evil.

Go read about the EFF if you're confused as to what the purpose of this network is. It's not some network for script kiddies or terrorists; it's a network designed to allow for increased privacy on the Internet. Whether those two end up mixing or not isn't a valid argument against the project.

I mean, the obvious answer here is to not allow the public to have anything that can be used as a weapon. Heading down that path, however, will take us precisely where we don't need to be as a society.

Im not even talking about illegal uses for tor by those who might use it. Im talking about a script kiddie makeing a hacked version of tor to steel personal information and why no proxies should ever be used to transmit information that is secure. This includes banking info cc numbers log i info etc. As for getting by ip bans etc useing a proxy thats very easy to stop. Scan common proxy ports on all incoming connections and refuse the connection if one of those ports are open. IRC servers commonly do this and will auto gline any such ips. Some web servers have this functionality as well.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 09:35:11 EDT

jakoe420 : This is from their website:

6.2. So I'm totally anonymous if I use Tor?

No.

First of all, your application might leak personal information at the protocol level; or it might be vulnerable to issues like javascript; or you might type revealing information into a form.

Second, there are still some technical attacks that work against Tor. One of the strongest attacks can be done by an attacker who can observe large portions of the Internet: he has a list of Tor servers, records traffic timing at each of them, and can use to statistics to correlate entering streams with exiting streams.

Third, the more active you are, the more likely you are to stand out from the rest of the crowd. Sending or receiving a whole lot of bytes in a short period of time, or using Tor for long-standing connections like IRC, probably endangers your anonymity more than using it for short brief transactions. [#]

So, I don't understand attack option #2. Can somebody explain that in layman's terms?

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 09:26:59 EDT

Daniel : Anyone doubting the legitimate uses of anonymous proxies needs to think about the legitimate uses of encryption as well. Just because something is likely going to also be used for nefarious purposes, doesn't make it inherently evil.

Go read about the EFF if you're confused as to what the purpose of this network is. It's not some network for script kiddies or terrorists; it's a network designed to allow for increased privacy on the Internet. Whether those two end up mixing or not isn't a valid argument against the project.

I mean, the obvious answer here is to not allow the public to have anything that can be used as a weapon. Heading down that path, however, will take us precisely where we don't need to be as a society.
--
dmiessler.com - grep understanding knowledge

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 09:16:48 EDT

novaflare : Now there are very legitimate and good uses for proxies.
Say your a exchange student from a asian country (take your pic for my example it dont matter) (i bet we have a few exchange students on these boards ither from asia or in asia).
As a echange student you need to go to your schools site daily. But your connection is very slow to it 3 secound ping times .5kb and its very painful to go there. Well connection to asia are very slow when your last hop is on the eastern or western coast of the us but when tyhey go out the gulf they are much quicker say 250 ms and 60 to 80KB. So what you want to do is find a proxy in texas or the gulf area. This will help to make sure your connection goes out through the gulf. For exchange students in the asian countries needing to access sites here you could use the same proxy as the exchange student in the us entering the us from the gulf.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 09:09:15 EDT

boognish : Tor has been around for a couple of years. I read a paper a while back talking about how it was going to huge security problems for network admins. I will have to see if I can find it.

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 09:08:11 EDT

novaflare : They say its a series of routers but what it realy is is a bunch of proxies. Saying its distributed simply means its the same as all distributed computing. Many of these proxies will be running on peoples computers. Many of these people will be on slow connections and or computers loaded down with spyware and various other nasties. Again its the same deal it says encrypted well thats great. But heres the problem soem one will create a custom tor server and will then be able to do exactly what ive been saying about proxies for the last 4 or 5 years. And that is capture your log in information etc. Do not use this thing as a meathod for adding security to your computer and connection in the end you will be very insecure. Ive seen proxies used to steel personal information useing a non expireing cached page that had been modified. It was not long ago that i created a POC page to test and see if it did infact work. With out any special codeing and very little coding of my own i was able to make a simple web page that looked just like a legit login page. This page when information was filled in logged you in (a test hotmail account) but at tthe same time it emailed me the log in information for the account. The page was a copy paste job nothing more. A identify theif needs to know very little in the way of createing a website to pull this off. They need 3 thing
1 target bank paypal etc login page
2 to find a contact us page that uses email
3 a proxy server with cacheing capabilies
To set it up they make the cache in the proxy non expireing copy paste the html from the contact us page in to the log in page and drop the login page to cache of the proxy.
and oh yeh 4 a person to forget to not use a proxy when going to the site(s) they targeted or some one foolish enough to think the proxy makes them more secure.

This is not something that was just done by me as a POC but realy did happen and i was involved in trying to find out how it was doen. It took me a little more than 5 or 6 hours to find out how it was done and recreate and prove it was possible. My web dev knowlage is very out of date. The last web site i hand coded was in late 96 early 97.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channel open source dns server for *nix and windows »powerdns.com

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 09:02:41 EDT

jakoe420 : I just installed Tor along with Privoxy, as recommended on Tor's website and haven't noticed any slowdown at all with browsing or Bit Torrent. And various privacy checks online have confirmed that my visible IP address is different than what it really is. So, I assume it is all in order? Anybody else use this?

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 07:59:27 EDT

DFWDraco76 : I've been thinking about checking it out... but how much does it slow things down?
--
my website: »www.utdallas.edu/~bal023000

Re: Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 02:55:02 EDT

anon : New tool? Where have you been?

Anonymnity: Introduction To The Tor Network

Mon, 08 Aug 2005 01:07:35 EDT

Daniel : I know it's been mentioned a few times here already, but I wanted to give a short intro to this exciting new tool. Tor is an anonymnity network designed by the EFF.

said by the Tor website:

Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol.

The tool works by bouncing all of your traffic through a myriad of encrypted links (called onion routers). The trick is that none of the hops know anything about the original source; they just pass the information along to the next link in the encrypted chain.

Anyway, do go check it out. Also consider giving as I do to the EFF in order to support projects like this one.

Here's the overview page:
»tor.eff.org/overview.html

Here's the download page:
»tor.eff.org/download.html

And here's the documentation page:
»tor.eff.org/documentation.html
--
dmiessler.com - grep understanding knowledge