I've heard a lot of people on the left argue that Tor is likely backdoored because it was created by the U.S. Navy for spies to communicate and is still funded by the government. Yasha Levine has written a lot about this:
- https://surveillancevalley.com/blog/tor-files
- https://thebaffler.com/salvos/the-crypto-keepers-levine
He also appeared in TrueAnon episode 50 to talk about this.
On the other hand, a lot of people in the crypto and tech community disagree with this. They believe that Tor is not backdoored for one or both of the following reasons:
- Tor is open-source and has been audited.
- The U.S. Government would never do such a thing.
They also point to a leaked NSA presentation from 2007 that admits the NSA can't deanonymize Tor users.
What are your thoughts?
To my knowledge they have their techniques to deanonymize people, in a targeted manner, but at its core I don’t believe the protocol is backdoored.
Yeah, if I remember correctly, when the feds took down the Silk Road dude they basically had to hack a server inside the TOR network to serve exploit code that forced the browser to bypass the TOR network. There was a couple of months where everyone was freaking out because there was a sudden influx of people complaining that they were unexpectedly making unsecured requests to some server in langley or something like that.
I'm not even sure if it was a hacked server.... I seem to remember them busting a hosting provider popular for TOR servers on the claim of child pornography and then suddenly all the servers owned by that provider began serving up dodgy code.
Another reminder to never reuse usernames and passwords on the internet.
they have actually dropped ** cases in order to hide their methodology.
Wow.
Also, damn.
Edit: thinking about this further, they're probably like "damn Epstein 2.0, do better opsec. Also, come work for us lol."
javascript exploits
To expand upon this, interested parties should look up "canvas fingerprinting."
JSHTML5 contains within it certain functions that a server can use to query information about your system, setup, and display (such as resolution of the window loading the resources, custom fonts being displayed by the system, etc.), and if your setup is weird/unique enough, it can form a "fingerprint" of your oddities which can be used to track you across the web. This is why TOR's instructions tell you not to resize the window. If everyone runs the TOR browser at the default resolution, that is one less oddity that can be used to track individuals.It’s not so much that they have to get into “a server inside the tor network” but they can go after users of tor hidden services if they somehow track down the server hosting that particular hidden service, but the whole system is built around making that very difficult.
Yes! Hidden services was what I was talking about. It's been a while. :grinning face with sweat:
Those links you posted were what I was talking about. I know they claimed to have gotten the Silk Road dude over him using the same username, but I remember at the time (along with the timeline of the hack) that it all stank of parallel construction so they wouldn't have to admit to the hack.
The case of freedom hosting, however, is more interesting, as I discussed above.
I mean, the thing about TOR is it relies on its distributed nature to help obfuscate traffic. When you've got access to the literal backbone of the internet, as we know is largely kind of the case. See: Room 641A Hunting down the location of a Hidden Service ceases to be an impossible task. Not easy, but no more impossible than spinning up enough of your own exit relays to map synchronous traffic.
jfc, this conversation is becoming a total trip down memory lane. I'm remembering years of arguments during the 90's with people over whether or not ECHELON was real. brb gotta go build a Faraday cage in the woods.:grinning face with sweat:
True. We're talking some pretty high end stuff when it'd probably be more akin to that xkcd comic about breaking encryption with a wrench.
Exit nodes and hidden services are entirely separate topics. A connection to a Tor hidden service requires both server and client to each form a three-node Tor connection to what's called a Guard node, which acts as an intermediary in the connection between them. At no point are any exit nodes involved in this process. Exit nodes are only involved in connecting to the regular internet through Tor.
Yeah, I wasn't trying to say they were the same, merely remarking on the scale of what they have access to. Hiding a needle in a haystack is a great technique, but it's important to remember our opponents do still pretty much have access to all the hay.
Fair enough, but I think the main way the authorities find hidden services is by hacking the server (over a Tor connection) and then having it ping them in Langley on the clearnet, something that's pretty trivial for any state-level actor. And I thought it was worth clarifying the point about hidden services because this is a point of confusion for most people regarding how Tor actually works.
Oh yeah, you're probably right. If I remember correctly from the Snowden dumps, the Alphabets keep a whole bunch of sweet 0 Days.
The U.S. Government would never do such a thing.
Hahahahahahahahahaha
A lot randos on Hacker News believe that :rolling on the floor laughing:
On the other hand, I've literally seen the former NY AG Eric Schniderman post on there.
I think it's not backdoored precisely because it was created by the US Navy for spy communications. The US government knows full well that any backdoor they put in for themselves could (and, eventually, would) be found and exploited by other intelligence agencies, rendering the whole project useless for its original purpose. I'm not saying the US government has some ethical objection to lying and spying, but it's in their best interest here to make tor as secure as they say it is.
That's not to say it's flawless, but I doubt the flaws are deliberate.
The encryption is probably not broken but the government can, and probably has:
The ability to detect tor traffic at the customer facing interface of an ISP, which would deanonymize tor traffic
The ability to buy thousands of tor nodes at under $100 a piece, including entry/exit nodes, and use aggregate data to determine the location and identity of webservers
The control of a lot of VPNs, which will log your usage of tor traffic
And don’t forget the cooperation of every american ISP and probably a bunch of other NATO ISPs too. Long story short, if the US gov ever has a reason to target you specifically, maybe just don’t use the internet anymore
Long story short, if the US gov ever has a reason to target you specifically,
maybe just don’t use the internet anymoreyou're probably screwed unless you are ready and able to physically defend yourself or just leave the country.But if you want to avoid giving them a reason to target you, tor is very useful.
This isn’t really true. All they can tell is that there is tor traffic, and tor works to make it as indistinguishable from normal ssl traffic as possible, iirc.
They can tell that a specific household is using tor, which makes it not anonymous, I said that it doesn't mean decryption. TOR traffic does not behave like SSL traffic.
If you are referring to this, it relies on being able to fingerprint the hidden service traffic by size and frequency of packets, which is easy for the hidden service to thwart, on top of needing to operate a large quantity of not only nodes, but specifically entry guard nodes, and the algorithm for choosing has been changed over the years to limit the impact of attacks like this.
I'm not referring to that, the whole point of security at the
transportation(edit meant network layer) layer is pretty much pointless when the ends are compromised, and it is very cheap to do so.If you're doing VPN to Proxy to TOR or whatever then TOR isn't what's providing you security, you're just using it to access TOR content.
It literally does, though. It, like HTTPS web traffic, follows the TLS protocol specification (colloquially still called SSL). It blends in nearly perfectly, and has dramatically improved over the years in this regard. You can try and track it by blocking entry node IP addresses, but obfsproxy has made this method obsolete.
Yes a lot of things use TLS, HTTPS uses TLS and it's not TOR, TOR is unique in that it operates differently on the network layer than pretty much everything else on the Internet.
Even if we buy that it is trivial to identify tor traffic, what good does this do the surveillor, though? lots of households will be using tor for lots of reasons.
Nobody is using a packet capture as evidence. I can google "how to build a (insert whatever here)" or "how to commit an act of (insert whatever here)" and there would be no consequences/surveillance. Surveillance acts on suspicious activity, not on content, and the TOR network is a lot more suspicious. Nobody I know uses tor for lots of different reasons, just drugs.
If that attack is not what you are referring to, how, pray tell, can they tell who is connecting to what? And if they can’t, then I return to my previous question, what good does it do anyone to know that you are connecting to the tor network?
General trends in traffic. They can determine the location of webservers by general direction of traffic, even if individually the traffic is moving around a network like a ping pong ball.
I still don’t understand why you think that being able to surveil a persons home internet connection changes anything with regards to tor.
If you want encryption, use a vpn, if you want to obfuscate location, use a proxy, if you want the government/your ISP to think you're performing illegal activity, use TOR.
https://www.cloudflare.com/learning/ddos/glossary/open-systems-interconnection-model-osi/
Here you go. TLS is transport layer security. Onion routing is on the network layer. If you don't understand something it isn't techno mumbo jumbo.
Onion routing is on the network layer.
Creating an alternative network protocol is still operating on the network layer. It's still network traffic. It behaves differently on the network layer than virtually all other network protocols.
You have a fundamental misunderstanding of how the Internet works if you think TOR traffic is either completely separate or indistinguishable from other network traffic. Have a good day, hackerman.
Any recommendations for VPNs? I've seen recommendations to make your own but that reduces to the problem of an anonymous host for it.
I don't do anything fun over the Internet anymore so I don't really use one. If the CIA starts guantanamoing chapo.chat users I guess I'm just fucked.
Tor is not backdoored [because] the U.S. Government would never do such a thing.
I've never met a cryptologist who isn't convinced everything needs to be perfect and impenetrable because the US government could go rogue at any second. Including several who work at the NSA lol.
Yeah I do cryptography research and this is the opinion of everyone I've worked with. For example everyone is convinced that NSA broke some of the curves used in eclipitic curve crypto so no one will use them and people are constantly obsessing over finding new curves.
It's over 7 years old now, but the NSA document dump from Snowden includes a powerpoint slide that says, "Tor stinks...but it could be worse." In other words, Tor makes their job harder, but isn't an anonymization panacea--they can find specific people, but they can't just read everything (they way they could back before SSL/TLS was widely used).
I think the question of "is TOR backdoored" is indicative of the wrong approach to operational security. With the rise of the Snowden disclosures of PRISM and other dragnet surveillance programs being conducted by the state, public interest in cryptography and cryptographical protocols skyrocketed. It was a popular conception that with the right cryptographic protocols we could outsmart and elude the state. That operational security was a problem which could be solved with an app. This was a naïve and incorrect mode of thinking.
Cryptography is a powerful tool, and in the right hands it can make the work of the state much more difficult. But cryptographic protocols are only as strong as the weakest link in your organization. Neither are cryptographic protocols immune to social engineering attacks such is infiltration.
TOR must be viewed in this lens. It makes you much more difficult to identify under most threat models, but if your threat model includes the national security apparatus, your challenges will be much more of an organizational nature than a cryptographic nature.
The things that will provide you with the most security are more or less the classic staples of tradecraft: compartmentalization, dead drops, one time pads, holding one on one meetings in person, outdoors, in places that won't be bugged. Separating your organization into an above ground political arm and an underground militant arm with little to no formal communication or contract.
Encryption and authenticity (digital signing) are good general prophylactic practices which should be employed, but staying under the radar and providing as little encrypted cyphertext and metadata as possible should also be a goal when dealing with sensitive projects. While encryption will protect the contents of the discussion, it will still leave a trail of breadcrumbs and help investigators piece together a network of associations.
like i am dumb and don't understand a lot about how tor works but i am pretty sure the kinda of people who understands and use it are usually privacy freaks so i would imagine someone would have exposed it if there was an obvious flaw in the code but i would imagine that with enough specific information like knowing the exact server and stuff they probably could do it
For sure, it 100% is
Completely unironically, everything on or connected to the internet is a honeypot or can be used as one
Yup, most free VPNs (and several paid ones, probably) are honeypots, but that doesn't mean that the VPN standard itself is backdoored.
lot of people in the crypto and tech community disagree with this
Well they must know that their beloved silicon valley is subsidized by the Pentagon so ideologically they need the military to be good
Strong disagree. The crypto open source people are almost all libertarians (left or right). They strongly distrust the state even if they agree with some of its actions.
I don't think that it is fully "backdoored", personally, but if you look into the case of that dread pirate roberts guy, it is plain to see that they can get you if they are willing to pay the resources to do so. I assume the resource cost (e.g. paying multiple salaries to analysts, hosting a ton of TOR nodes) is pretty steep though. Edit: so from other comments I am seeing that dpr got got because he was a dumb-dumb. Still they had to pay spooks (most likely) to sift through intel to find him, so take from that what you may.
TOR is 100% compromised you cannot be ever 100% anonyme in the internet its impossible the corporations letting you use it and google, software and the hardware all are connected to the internet and the corporations and through that everything is compromised if you think apple (microsoft etc) and by extension the government have an acces to your phone do you think they cant read your emails even iff they cant talk about it publicly in court or something they can still read your emails and web history cia backed wreckers downvote smh