----- Forwarded message from Adam Back adam@cypherspace.org -----
Date: Mon, 14 Oct 2013 12:02:04 +0200 From: Adam Back adam@cypherspace.org To: Eugen Leitl eugen@leitl.org Cc: Cpunks List cypherpunks@cpunks.org, info@postbiota.org, zs-p2p@zerostate.is Subject: Re: [tor-relays] NSA's "Tor Stinks" Message-ID: 20131014100204.GA28712@netbook.cypherspace.org User-Agent: Mutt/1.5.21 (2010-09-15)
Btw speaking of GCHQ or NSA operating Tor nodes, of course that is inevitable; and to the extent that they are not perfectly policy aligned a good thing, and they'll try to do a professional job of securing their own tor nodes :) eg if you are a chinese dissident maybe you want to use them as one hop.
You just dont want them controlling to many nodes. And probably the Russians, French, Israelis, Chinese etc are all running Tor nodes and even less mutually cooperative. What we could really do with is North Korea, and Iran intelligence services running some also.
I suspect to the extent that they are experiencing limited success you could imagine its because not ony are some nodes controlled by users, but more that some are operated by mutually distrustful competing intelligence agencies.
The intelligence agency nodes are probably better secured than user nodes, though some user nodes maybe run by security capable and conscious users. The intelligence agencies however have a budget for and hoard of unpublished 0-days on PC & router operating systems so they have a slight edge.
Also the intelligence agency is not going to cave under legal pressure when someone from law enforcement comes with threats and demands relating to exit traffic so they have that advantage too.
It would be better to my mind if they just came out and said yes this is our node and ran it from their own domain tor.gchq.gov.uk or tor.nsa.gov; then users could opt to use it. However I suspect they think no one would use it, or the people they actively want to use it (who they are trying to trace) would avoid it. Could be useful if they used an identified one and a plausibly hidden one.
Speaking of plausibly hidden I notice there is mention of code word 'NEWTONS CRADLE' in one of the docs for a GCHQ tor node operation, speculating could that be some MoD funded student at cambridge in their dorm? (Quite commnon in the UK for students to be sponsored by a company they will work for afterwards or a government career they took a break from. A couple of my classmates at BSc, University of Exeter (UK) comp sci BSc were openly MoD sponsored.)
No matter, its trivial for establishment to provide perfect cover for node operation, just run from home address, or persuade ISP/telco to route traffic via DSL lines identifying IP address range as a IP forwarding proxy. They can do whatever they want, you'd think that more likely, however a university dorm IP address range would look nice and plausible/credible also, maybe more so than a DSL address. Probably a university upstream or the university IT itself (universities often take defense contracts) could fake it or operate it under contract with intelligence cleared dual-hat admin if they cared enough.
I do think it would be very useful if the intelligence agencies running tor nodes also ran one on their own domain. Then you could route via one who's government is overtly supportive of your political cause. (Doesnt protect you from backroom information exchange deals and horse trading, which I'm sure happens even with sworn enemies, but its a start if you are unintersting enough!) However I expect another reason they dont want to do that is they dont want to enable people to get stronger privacy period. They have a dual hat, they want internet privacy for their own open source research, but they selfishly dont want other users to have privacy or gain any privacy as a side-effect from their own.
Adam
On Mon, Oct 14, 2013 at 11:18:33AM +0200, Eugen Leitl wrote:
----- Forwarded message from Jesse Victors jvictors@jessevictors.com -----
Date: Tue, 08 Oct 2013 13:23:48 -0600 From: Jesse Victors jvictors@jessevictors.com To: tor-relays@lists.torproject.org Subject: [tor-relays] NSA's "Tor Stinks" Message-ID: 52545BC4.3020106@jessevictors.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0 Reply-To: tor-relays@lists.torproject.org
I recently ran across several articles related to the NSA's attempts at cracking Tor and de-anonymizing its users. They are after terrorists and other individuals who seek to do harm of course, but their work obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities. So far, it appears that the cryptographic standards and protocols implemented by the Tor devs appear to be holding, which I find interesting. The NSA has been trying other methods to figure out Tor, including identifying and then infecting user machines, trying to control/hijack the Tor network, or by influencing the network as a whole, and they've had a very small amount of success, but not much. One thing that was especially interesting to me (and I expect to everyone on this mailing list) is that they are trying to control more relays via cooperation or direct access, which can then be used for timing attacks or disruptions to the users. They are also trying to shape traffic to friendly exits. For anyone interested, I would highly recommend these links: http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-pres... http://www.bbc.co.uk/news/technology-24429332 http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-enc...
Also, from http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-int... it appears that their opinion of Tails is that it "adds severe CNE misery to [the] equation". These are all highly informative articles, and it appears that Tor is remaining resilient to their efforts, as long as people (including relay/exit operators) use the latest software, remain aware that Tor doesn't protect them in all aspects, and as long as there are enough non-NSA relays and exits (we need more!) such that everything they see still remains encrypted and anonymous. Interesting I say.
Jesse V.
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
----- End forwarded message -----