What is TOR?

[small_world]

Someone mentioned it on here a while back.
And I've seen it mentioned a few times in relation to hacking. I know it's about hiding your iP (or sutin), but other than that?

What is it?
Do I want it?

[mook]

it's for when you get banned from here you can just keep on posting. and bad porn, it's probably for very, very bad porn.

[Cohaagen]

TYor's world, he's the man! TYor's world, he's the maa-aan!

[Zetetic]

Broadly, it's a network of anonymous proxies. Your traffic is routed randomly from one 'relay' to another, and encrypted in such a way that only the 'exit' (from the Tor network) node see the content of the traffic. The idea is to hide the route between you and the exit node to anyone, and hence hide the route between you and whatever server your accessing.

There are various weaknesses to the approach.
One, rather separate from Tor itself, is that many applications can simply be induced to give up the actual user's IP address - hiding the route isn't any help if you simply then tell someone the source of the traffic. However, more importantly, it is possible to associate multiple uses of the network with the same user - so if you're running one blabbing app through the network, then you may as well consider all uses to be compromised (with respect to your anonymity).

Another is that if a sufficiently large proportion of tor nodes were run (or compromised) by an interested party, then anonymity would be very difficult to maintain. At the low end, timing attacks would be relatively easy (correlation between an encrypted request entering the network and a decrypted request leaving it) while with a truly large number of nodes compromised then it'd be relatively easy to break the encryption method that hides the routing in the network.

[I accept the terms of the]

It is a way of hiding your identity for browsing the real net through a complicated system called onion routing (each step is an encrypted layer[nb]hence "onion"[/nb]) so no single observer can tell where the request originated from.

On top of that is something that idiot journalists would call part of the "dark internet". There is a sort of unregulated, untraceable (within current reason, if you don't make mistakes) web that you can only access through Tor. The addresses look something like hpt5g4f8e3phqxni.onion. The content is absolutely everything that people would put online if there were no legal repercussions (so it's known for being a resource for child porn, drugs, illegal trading, arranging "hits"[nb]probably just people roleplaying[/nb], etc.). It really is like a little lawless web.

[Zetetic]

There are also a wide variety of other darknets.

[biggytitbo]

Someone mentioned it on here a while back.
And I've seen it mentioned a few times in relation to hacking. I know it's about hiding your iP (or sutin), but other than that?

What is it?
Do I want it?

The paedos friend.

[Big Jack McBastard]

It's a load of shit that rarely works correctly and never quickly, populated with criminals and asshatted kids who like to think they're uber l33t H4k0r5 just for managing to get it to work and reading the enormous amounts of bullshit found therein.

Not worth the hassle really.

[I accept the terms of the]

It's really easy to get up and running these days due to TorBrowser or whatever it is that comes bundled with everything. If you're really curious, all you need is that and some URLs (probably for one of the big message boards, which are the best jumping off point). It's too easy to accidentally see something unsavoury or potentially incriminating though.

Never run an exit node. I knew somebody who did, and almost immediately it started tracing off child porn URLs on the actual web that to an ISP look like you're accessing them yourself. I don't think that it works as a

[Zetetic]

That does rather seem to be an even greater problem with running any kind of darknet node - I would imagine that doing so would involve giving up any right to deny that you were hosting and providing child pornography.

Ultimately, such darknets are largely useless at bypassing censorship in regimes that have made a real effort to curtail communications.

[I accept the terms of the]

That does rather seem to be an even greater problem with running any kind of darknet node - I would imagine that doing so would involve giving up any right to deny that you were hosting and providing child pornography.

I've actually seen it considered as a defence by several people over the years. Plausible deniability; "You didn't like that traffic you logged? Why, that was just some bad man using my Tor node".

Ultimately, such darknets are largely useless at bypassing censorship in regimes that have made a real effort to curtail communications.

As an anonymous interface to the public web, yes. Exit nodes aren't needed for Tor sites though. My issue is with the content "within" Tor only being accessible to Tor users. It mostly serves paedophiles, and is completely useless as a way of publishing banned material for the general public.

[Zetetic]

I've actually seen it considered as a defence by several people over the years. Plausible deniability; "You didn't like that traffic you logged? Why, that was just some bad man using my Tor node".

Such an approach may be viable for issues such a copyright infringement (speaking primarily as regards the United States and the DMCA). I suspect that for various reasons, it won't wash so well with child porn.

As an anonymous interface to the public web, yes. Exit nodes aren't needed for Tor sites though.

No, I mean actual darknets. Any regimes in the business of suppressing information of interest to the general population are more than capable of making darknets no longer viable - it's a not entirely trivial problem, but massively restricting the ability to use encryption within a country's networks is the obvious way.

My issue is with the content "within" Tor only being accessible to Tor users. It mostly serves paedophiles, and is completely useless as a way of publishing banned material for the general public.

But isn't that a clear reflection of what 'banned material' consists of in the West (and in the UK in particular)? Even Official Secrets stuff is generally abandoned once there's any significant swell of public awareness of it - in those sort of cases an anonymous interface to the public web is the more important aspect, I suppose.

[I accept the terms of the]

Such an approach may be viable for issues such a copyright infringement (speaking primarily as regards the United States and the DMCA). I suspect that for various reasons, it won't wash so well with child porn.

Here are two occurrences that suggest it would get such charges dropped:

http://www.techdirt.com/articles/20110530/22003714465/austrian-police-seize-computers-tor-exit-node.shtml
http://www.techdirt.com/articles/20110825/13360915683/ice-screws-up-seizes-tor-exit-node-vows-not-to-learn-its-mistake.shtml

No, I mean actual darknets. Any regimes in the business of suppressing information of interest to the general population are more than capable of making darknets no longer viable - it's a not entirely trivial problem, but massively restricting the ability to use encryption within a country's networks is the obvious way.

I don't think that's grounded in reality, and your suggestion is unworkable (unless they are going to restrict all web traffic that isn't cleartext and cripple every big business in the country; bear in mind that one route to a Tor entry point is via an HTTPS connection that looks the same as somebody doing their online banking).

They can DDS the service or pollute it, but even that kind of attack is essentially squashed by building trust mechanisms into the service. I'm not saying that Tor is the ultimate implementation of this sort of thing, but that it's definitely far more resilient than you suggest and something very hard to demolish would appear as soon as there was a need for it.

Even with the potentially vulnerable Tor, the biggest attacks are through social engineering. I think it's reasonable to consider that Tor is a useful tool for infiltrating computer crime. Some would say that Tor originated as a tool of the US government.

But isn't that a clear reflection of what 'banned material' consists of in the West (and in the UK in particular)? Even Official Secrets stuff is generally abandoned once there's any significant swell of public awareness of it - in those sort of cases an anonymous interface to the public web is the more important aspect, I suppose.

Yes, that and human nature make it a pit. There are no notable Tor triumphs, and the last thing people like Assange are interested in is anonymity.

[Zetetic]

I don't think that's grounded in reality, and your suggestion is unworkable (unless they are going to restrict all web traffic that isn't cleartext and cripple every big business in the country; bear in mind that one route to a Tor entry point is via an HTTPS connection that looks the same as somebody doing their online banking).

Only if the extent to which you look at the traffic is which port it's running on. One fairly defining characteristic of 'someone doing their online banking' is the servers to which they're connecting for one thing.

(There's an interesting contradiction here - Tor recommends that you go out of your way to make it obvious that you're running a Tor relay (say, by reverse DNS registration) in order to safeguard the claim that your just a kind of network provider.)

I'm not saying that Tor is the ultimate implementation of this sort of thing, but that it's definitely far more resilient than you suggest and something very hard to demolish would appear as soon as there was a need for it.

I do appreciate Tor's worth as a tool in this time and place. But I do question the idea that darknets, or Tor's anonymity interface, are actually of any use in regimes where's there's significant political will against such tools.

[I accept the terms of the]

Only if the extent to which you look at the traffic is which port it's running on. One fairly defining characteristic of 'someone doing their online banking' is the servers to which they're connecting for one thing.

You're taking that a bit too literally. My point wasn't that the traffic would masquerade as online banking traffic, I was just pointing out the mundane necessity of it. You can't cut out https or SSL tunnels (even to arbitrary, non-whitelisted addresses) without destroying what the web has become.

[Zetetic]

Oh, but I think that's the point - online banking is a very good example. I agree that it would be a remarkably destructive move, but it's still one which I suspect that regimes of various sizes, in a sufficiently tight spot, would take. We might consider that countries like China already have a moderately effective encryption whitelist in place (for domestic institutions at the very least, which would be sufficient) given the political control over certificate authorities.

[mcbpete]

I tried it about a year ago - it seemed like internet circa 1996. Insanely slow download speeds where you could only find something by using a web crawler page to find out other TOR sites, each of which took minutes to load and appeared to use html tags I hadn't seen since altavista was the search engine of choice. As mentioned before - the paedos fried.

[MojoJojo]

Oh, but I think that's the point - online banking is a very good example. I agree that it would be a remarkably destructive move, but it's still one which I suspect that regimes of various sizes, in a sufficiently tight spot, would take. We might consider that countries like China already have a moderately effective encryption whitelist in place (for domestic institutions at the very least, which would be sufficient) given the political control over certificate authorities.

These stories seem to be relevant: http://www.theregister.co.uk/2012/02/10/iran_blocks_ssl_tor/
http://www.theregister.co.uk/2012/02/13/email_back_in_iran_for_now/

Summary - Iran blocked all SSL/TLS last month. Tor project were looking to deploy a workaround, not sure if it happened.

[I accept the terms of the]

The question is, would you ever expect that to happen here? I don't think any government we'll have in my lifetime would be stupid enough.

[Cerys]

The question is, would you ever expect that to happen here? I don't think any government we'll have in my lifetime would be stupid enough.

A couple of years ago I'd have agreed with you. Now? Wouldn't put anything past these cunts.

[Still Not George]

Eek - sorry, that was me.

[Dusty Gozongas]

Ironically (and pertinent to the topic) that's pretty much what a certain LulzSec anon did just before getting nabbed.