Re: Security Focus story
On Fri, Mar 09, 2007 at 08:37:58AM +0100, Alexander W. Janssen wrote: If TOR would legally qualify as an ISP, we're in deep trouble. We don't provide access to the Internet, and we're not charging for it. Last time I looked the data retention laws also allowed a loophole for very small providers. Keyword: the upcoming data-retention laws in Europe. Even if you ran a Tor node with logging, and you gave BKA a slice for the time window they ask you for, that would be quite useless. -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: Warnings on the download page
On Thu, Mar 08, 2007 at 07:17:09PM -0600, Mike Perry wrote: The current simplest advice I can give people is to remove all plugins: http://tor.eff.org/download.html.en#Warning Do you have any suggestions on safe ways to back off from that? I have a couple more points - the second browser phrase should link to http://portableapps.com/apps/internet/firefox_portable because otherwise it's not really easy to have a second firefox installed. I hear from people on OS X who use Firefox for safe stuff and Safari or something else for non-safe stuff. They seem happy enough. I'm not comfortable recommending portable firefox yet, due to a problem that Steven Murdoch found a while ago: when firefox starts up, it hunts around on your hard drive to see if there are any plugins, and then it enables those. I think there are some ways to disable this behavior, but it's not disabled by default... so it's not so easy as just adding a link. :( Also, isn't Portable Firefox Windows-only? Or am I confused? I think we should also mention that we do scan the exits to try to verify they are behaving well, but we may miss some. How often are you doing this scanning at this point? Speaking of which, a frequently asked question that isn't answered on the FAQ is: I'm pretty sure my exit node is screwing with me. How do I figure out which exit node it is? My answers so far have been - Run at loglevel info and go look through all the stuff that makes no sense to you. Not so easy. - Use Vidalia's Network Map window and watch which circuit your stream is connecting to. Easy -- if you use Vidalia. - Connect to the control port manually and ask for stream and circuit events and then let it scroll. When something goes wrong, look at the output and piece it back together. Any ideas on a more foolproof approach? :) --Roger
Re: Security Focus story
On 3/9/07, Eugen Leitl [EMAIL PROTECTED] wrote: On Fri, Mar 09, 2007 at 08:37:58AM +0100, Alexander W. Janssen wrote: If TOR would legally qualify as an ISP, we're in deep trouble. We don't provide access to the Internet, and we're not charging for it. Last time I looked the data retention laws also allowed a loophole for very small providers. I hope so, although I wonder how small will be defined. How would you tell how many users your have on your TOR-node? Keyword: the upcoming data-retention laws in Europe. Even if you ran a Tor node with logging, and you gave BKA a slice for the time window they ask you for, that would be quite useless. No; the point is if you'd qualify as an access provider you need to enable relevant logging. ETSI already defined interfaces and data-sets which would come quite handy. But I agree with you: The law isn't here yet. Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: Warnings on the download page
On Thu, Mar 08, 2007 at 08:33:29PM -0600, H D Moore wrote: Seems like two big items I need to add to decloak are Flash and the shiny no-proxy Java connection mode (which seems to apply to TCP sockets only). What does the current Torpark ship with? It would seem like a hardened version of Firefox would be good to use. -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: Warnings on the download page
Thus spake Roger Dingledine ([EMAIL PROTECTED]): Also, isn't Portable Firefox Windows-only? Or am I confused? True, just going for what I assume is the majority of our userbase first. Especially people who are going to have difficulty with this stuff. Was also in a rush and didn't check out the plugin thing right away, sorry. I think we should also mention that we do scan the exits to try to verify they are behaving well, but we may miss some. How often are you doing this scanning at this point? Couple times a week for overnight runs. Pretty much whenever I add new functionality to the stats gatherering system I do an SSL + http scan with the old perl scanner controlling the new python core before checkin. The problem is the http scanner itself is MD5 based, and it does nothing to find nodes that deliberately target dynamic content.. So maybe I'm doing nothing of substance at this point. Speaking of which, a frequently asked question that isn't answered on the FAQ is: I'm pretty sure my exit node is screwing with me. How do I figure out which exit node it is? My answers so far have been - Run at loglevel info and go look through all the stuff that makes no sense to you. Not so easy. - Use Vidalia's Network Map window and watch which circuit your stream is connecting to. Easy -- if you use Vidalia. - Connect to the control port manually and ask for stream and circuit events and then let it scroll. When something goes wrong, look at the output and piece it back together. Any ideas on a more foolproof approach? :) Heh. I haven't had much luck with 'foolproof' anything lately. It definitely shouldn't be anything other than in-memory. It would be nice is Vidalia had a list of recently used exits and a list if IPs visited for each (with some expiration time of like 5 min?) Even with Vidalia it is hard to open the network window while the stream is still attached to your circuit. Usually by the time you notice its long closed. -- Mike Perry Mad Computer Scientist fscked.org evil labs
Re: Building tracking system to nab Tor pedophiles
The approaches suggested won't work if you use Firefox with NoScript set to disable JavaScript, Java, Flash and any other plugins. Agreed. Firefox work better on security site nor IE is a big hole. Cesare
Re: Building tracking system to nab Tor pedophiles
On Wed, 2007-03-07 at 14:02 -0500, Michael Holstein wrote: I've seen a VM that routes all traffic over TOR, invisibly to the O/S. (Not sure what they do about UDP). Developed at Georgia Tech. One better .. TOR on OpenWRT on a Linksys router. Tor at the *hardware* level. WRT and things liket this have not enought juice for Tor But something similar already exist http://www.winstonsmith.info/pbox/index-e.html HTH -- +--- http://www.winstonsmith.info ---+ | il Progetto Winston Smith: scolleghiamo il Grande Fratello | | the Winston Smith Project: unplug the Big Brother | | Marco A. Calamari [EMAIL PROTECTED] http://www.marcoc.it | | DSS/DH: 8F3E 5BAE 906F B416 9242 1C10 8661 24A9 BFCE 822B | + PGP RSA: ED84 3839 6C4D 3FFE 389F 209E 3128 5698 --+ signature.asc Description: This is a digitally signed message part
Re: Warnings on the download page
I've been watching this thread with some interest and as the Talk of mis-onfigured browsers and mis-behaving plug-ins grew I found myself thinking that there must be an easier way to fix the problem. It occured to me that what is needed (at least until a more permenant solution can be found) is a way to stop the offending material from making it to a potentially misconfigured application. So I started thinking about another proxy in the chain to strip all java and java script etc.. it then occured to me that Privoxy can most likely do this if a much more strict action file were written. so my questions are: 1 - Can a modified actions file be made that would strip all Java/javascript, flash, steaming media, etc. From looking at the Privoxy documentation it looks possible so far (but I'm no privoxy guru) 2 - If 1 is possible wouldn't it be easiest to include the stricter action file in the tor/privoxy/vidalia bundle. Tell people look, a lot of stuff isn't going to fly.. but trust us.. you don't want it too Just wondering Freemor -- Freemor [EMAIL PROTECTED] Freemor [EMAIL PROTECTED] This e-mail has been digitally signed with GnuPG signature.asc Description: This is a digitally signed message part
Re: Warnings on the download page
On 9 Mar 2007 03:21:05 -0600, Mike Perry wrote: Just tested windows media player 10 plugin, which I believe is installed by default on pretty much every windows box.. It ignores proxy settings. Great. I found most applications on a Windows system respect the settings configured under Internet Options (i.e., XP SP 2 under Control Panel-Internet Options-Connections-LAN settings, or through IE7 on XP SP2 under Tools-Internet Options-Connections-LAN settings). I have also found that most applications on a Windows system know nothing about Firefox's proxy settings. I am not writing this from a Windows box, but I wonder if WM10 is the same. Also, I tend to firewall off all connections that go to the outside world when using Tor, except those connections by Tor itself. On Windows, I generally use per application settings through my personal firewall. For example, Firefox is configured to only be permitted to connect to the local system, not the outside world, and WM10 is not permitted to connect to anything. Not perfect by any means, but it helps to prevent accidents. -Andrew
Re: Warnings on the download page
This would have to support all sorts of variations for media files: document.location = something.ext meta refresh URL=something.ext iframe src=something.ext frame src=something.ext img src=something.ext (some cases) bgsound=something.ext ..etc Seems easier to lock down the browser and prevent any and all media/plugins from executing. -HD On Friday 09 March 2007 11:37, Freemor wrote: 1 - Can a modified actions file be made that would strip all Java/javascript, flash, steaming media, etc. From looking at the Privoxy documentation it looks possible so far (but I'm no privoxy guru)
Re: Warnings on the download page
--- Freemor [EMAIL PROTECTED] wrote: so my questions are: 1 - Can a modified actions file be made that would strip all Java/javascript, flash, steaming media, etc. From looking at the Privoxy documentation it looks possible so far (but I'm no privoxy guru) (Note: Mr. Keil is the authority on Privoxy in this list so he may have better information.) Privoxy doesn't filter HTTPS and IMO that makes Privoxy a non-starter in regards to filtering. IMO all filtering, User-Agent spoofing, etc should be handled by the browser (about:config is your friend) because the HTTP/S protocol is filtered. The 'warning' intro Mr. Perry and Mr. Dingledine wrote should be followed. http://tor.eff.org/download.html.en#Warning These are the extensions I use: TorButton CookiesCuller QuickJava NoScript Flashblock AdBlockPlus Filterset G. Updater RefControl (spoof referrer) http://www.stardrifter.org/refcontrol/ I have my about:config edited to spoof my User-Agent Cheers, Get your own web address. Have a HUGE year through Yahoo! Small Business. http://smallbusiness.yahoo.com/domains/?p=BESTDEAL
Re: Boulder Tech report on low-resource routing attacks on Tor
Hi all, I've been thinking about how exit and entry nodes controlled by the same adversary can easily determine if they are in the same circuit due to the predictable nature of circuit set-up (timing). Well, what about altering that? Perhaps Tor nodes should form long-lived exploratory circuits (a la I2P). Tor should slowly extend these, with unpredictable timing intervals, perhaps over the period of dozens of minutes, or even hours. Most of these circuits are not completely formed, and thus should not be used to route data. Since there are many of these, if one dies (they are long-lived so chances of early death are not negligible), so be it. This will allow circuit formation timing to be less predictable. As an added benefit, a Tor node may have a number of 1-hop or 2-hop circuits that it can use at any time, and by extending those, instead of forming new, full-length circuits from scratch, we can make recovery from circuit failure faster. Thoughts? Thanks, Eugene Thus spake Paul Syverson on Wed, 07 Mar 2007: From: Paul Syverson [EMAIL PROTECTED] Subject: Boulder Tech report on low-resource routing attacks on Tor Date: Wed, 7 Mar 2007 17:16:43 -0500 Cc: Kevin Bauer [EMAIL PROTECTED], Damon McCoy [EMAIL PROTECTED], Dirk Grunwald [EMAIL PROTECTED], Douglas C. Sicker [EMAIL PROTECTED] To: or-talk@freehaven.net Reply-To: or-talk@freehaven.net The following are some comments on the Univ. Colorado at Boulder tech report Low-Resource Routing Attacks Against Anonymous Systems that has been getting lots of press and other web attention lately and been somewhat discussed on this list. It is only today that I have managed to find time to sit down and read the paper. The nutshell for people that don't want to read the details below: A good paper. It does _not_ show Tor to be broken. (Nor did it ever claim to. I only state that because of some of what has appeared in the blagnpress, which to their credit, the authors tried to curtail.) It is a nice contribution, especially in showing the limitations of the current approach to entry guard selection. Overstates its novelty over prior work, which is really unnecessary because it makes valuable contributions of its own (and which is more or less my fault not theirs, cf. below). More details: This is a nice piece of work. Its greatest contribution is in directing attacks on entry guards. In the theory and simulation work in which such ideas were introduced by Wright et al. they were introduced (as helper nodes) to reduce vulnerability. As a recent addition to Tor, the nature of defense they provide but also the possible risks from how they are used in actual implementation and deployment needed to be explored. It was understood from the start that there is something of a tradeoff in introducing them. It was realized that profiling without entry guards was in practice trivial enough that the additional risk of adding entry guards and thus simplifying and enhancing profiling for anyone who unfortunately had an adversary guard node was clearly worth it. I don't think this paper changes that. However, by attacking the guard selection process itself, the research forces us to examine it more closely. What they did was apply techniques that Lasse and I developed in Locating Hidden Services to ordinary client circuits. Though we had said this would be straightforward to do, we didn't actually do it. Because we were focused on the deployed Tor network we could not pursue this sort of attack there. We were also focused primarily on what could be accomplished with a single hostile node. This limits to cases of either a hostile website (as in Murdoch and Danezis and as mentioned on p. 10 of this tech report) or a hostile client and a hidden service, which is what we reported on. Deploying a Tor network on PlanetLab and using synthetically generated data removes some of the in the wild reality from the results. But, by accepting this limitation, it allowed them to obtain data at all about Tor circuits for ordinary use (not hidden services). Much in the practicality spirit of onion routing. The experimental networks were more than an order of magnituded smaller than the current deployed Tor network. One cannot be sure something will scale until actually trying it, but in this case there is no reason to doubt it does scale. Still if we take the 9 percent figure given by the authors as an arbitrary line at which attacks become significant, that is still almost a hundred nodes in the current network. At about twice the entire size of the experimental networks that were set up this starts to be a bit more than low-resource. Still one could do quite a bit with less than 9 percent. Also, as a counter to my own point, see On the countermeasures below. On prior work: Before I start noting all the things that the authors didn't properly cite, I should observer that
Re: Removing 1 modular exponentiation
James Muir wrote: The following recent preprint deals with the subject of this thread: A. Kate, G. Zaverucha and I. Goldberg Pairing-Based Onion Routing pdf CACR 2007-08 http://www.cacr.math.uwaterloo.ca/techreports/2007/cacr2007-08.pdf -James Nice. Patents are going to be an issue for this one and we will need a ECC library. And the distributed key-issuing thing will need to be figured out. PBC, cited in the paper could sove issues 1 and 2. I did find http://www.argreenhouse.com/society/wcan06/wcan06s1p2.pdf as a solution to issue 3. Look at section 2.2. So now I have to ask the ugly question: How do we run this concurrently with the old protocol? Thanks, Watson Ladd signature.asc Description: OpenPGP digital signature
Re: need help with Uninstall for Mac
On Fri, Mar 09, 2007 at 01:40:28AM -0500, [EMAIL PROTECTED] wrote 0.4K bytes in 16 lines about: : I installed the bundled package posted on the site last week. I don't : know the Terminal well but this is what I get back... Which bundle? And does the uninstall script exist in /Library/Tor? -- Andrew
Re: need help with Uninstall for Mac
It was the Mac OS X 10.4 (Tiger) Universal Binary 0.1.1.29 bundle. When I open OSX/Library/Tor I do not see an uninstall script. Any suggestions? Jay [EMAIL PROTECTED] wrote: On Fri, Mar 09, 2007 at 01:40:28AM -0500, [EMAIL PROTECTED] wrote 0.4K bytes in 16 lines about: : I installed the bundled package posted on the site last week. I don't : know the Terminal well but this is what I get back... Which bundle? And does the uninstall script exist in /Library/Tor?
Re: Removing 1 modular exponentiation
Fergie wrote:
-- James Muir [EMAIL PROTECTED] wrote:
The following recent preprint deals with the subject of this thread:
A. Kate, G. Zaverucha and I. Goldberg
Pairing-Based Onion Routing pdf
CACR 2007-08
http://www.cacr.math.uwaterloo.ca/techreports/2007/cacr2007-08.pdf
I'm quite happy to see some objective dialog on the list
again. :-)
- ferg
I have a very incomplete proposal for adding this to tor. It is badly
written and probably breaks a lot of stuff. A lot more work needs
doing, like on how we get a distributed PKG.
---
Watson Ladd
Filename:107-PBC.txt
Title:The pairing-based key negotiation protocol
Version:0.0.1
Last modified:
Author:Watson Ladd
Created:9-March-2007
Status:Open
Overview: This document describes a new version of the tor protocol
that uses pairing-based cryptography following [1].
Motivation: The protocol described in [1] is much more efficient in both
bandwith and CPU then the current protocol.
Backwards-compatability: Sadly, use of the VERSION cell will negate some of the
advantages of the new protocol. This is very much
a work in progress. Current solution is a new cell
type.
Proposal:
Section 0.0: Magic Numbers
Section 1.0: Circuit Establisment
Section 1.1: The distributed PKG.
Section 2.1: The new directory format
Section 0.0: Magic Numbers
Curve P-521 in FIPS 186 [2] is to be used. New cell types is defined:
[7] CREATE_WARPSPEED, and [8] EXITING_HYPERSPACE
The master key expiration period is 24 hours exact to the nearest
second. The private key expiration period is one hour to the nearest
second.
Section 1.0: Circuit establishment
In 1.1 the orgin of v_m, U, and sU will be mentioned. v_m is a
timestamp consisting of the number of seconds since midnight
Jan 1, 1970 to the begining of the Master Key Validity Period.
Let i be an index variable taken over all OR's in the circuit.
Then let Q_vi=H(v||ID_i) where v is the timestamp at the begining
of the Private Key Validity Period, and ID_i is the ID of router i.
Then let y_vi=P(sU, Q_vi). Let r_i be random integers not zero in
Z_n where n is the size of the group. r_i's are selected randomly
for each OR i. Then let P_i=r_iU and compute y_vi^r_i for each OR i.
From each y_vi^r_i a forwards key K_f_i and backwards key K_b_i are
computed.
Let A,..,N be the nodes being put into an onion circuit. Then the
CREATE_WARPSPEED cell being sent to A has the following payload:
cid,r_AU,{B, r_BU,{ ... {N, r_NU, {NULL}_{K_f_N}}...}_{K_f_B}}_{K_f_A}
On recipt of a CREATE_WARPSPEED cell the OR i computes P(r_iU,d_vi)
and from it derives K_f_i and K_b_i. It then finds out what router
to send the next CREATE_WARPSPEED cell to. In the process it chops off
the router's name and replaces it with the circuit id it wants to use
for that link of the circuit. The NULL message is a EXITING_HYPERSPACE
cell.
On noticing that the decrypted message is an EXITING_HYPERSPACE cell,
the OR is
expected to send a CIRCUIT_CREATED cell back, encrypting it with K_b_i,
just like
all traffic on the newly established circuit.
Section 1.1 TODO
Section 1.2 TODO
signature.asc
Description: OpenPGP digital signature
Slightly OT: 'Big brother' surveillance makes waves in Sweden
Almost On Topic (related, anyway): http://www.thelocal.se/6619/20070307/ A far-reaching wiretapping programme proposed by Sweden's government to defend against foreign threats, including monitoring emails and telephone calls, has stirred up a fiery debate in the past few weeks, with critics decrying the creation of a big brother state. The new legislation, to be presented to parliament on Thursday, would enable the National Defence Radio Establishment (FRA) to tap all Internet and telephone communication in and out of Sweden. Beware, people of Sweden, and the west in general. Very good reason to use Tor right there. More Slightly Off-Topic: FRA is visiting websites with information about Tor. And they are not using Tor to do it (Yes, I realize the Xiando Total Surveillance Office is evil. But you guys are using Tor, aren't you?) (Please don't reply to this unless you absolutely have to, this isn't immensily Tor-related, only something which makes a very good argument when you're explaining Why You Should Use Tor within Sweden - and the west in general)
How to run Tor from USB with Linux (Kubuntu 6.10)
Hi, Forgive the naive nature of this question... I have compiled Tor and I want to run it off my USB HDD but I'm not sure how. Should I just copy over the build directory ~/tor-0.1.2.10-rc/? If so what are essential files? What should the DataDirectory option be set to? Regards, Food fight? Enjoy some healthy debate in the Yahoo! Answers Food Drink QA. http://answers.yahoo.com/dir/?link=listsid=396545367
