TLS NPN (Next Protocol Negotiation)
Over on the TLS WG mailing list at IETF there is some debate over the NPN (Next Protocol Negotation) TLS extension, which originated outside of TLS WG but is now starting to be brought up there for standardization. The thread starts at http://www.ietf.org/mail-archive/web/tls/current/msg06862.html Much of the debate centers around the idea that NPN will make it harder for network operators to know what protocols users are using over TLS and hence to block particular protocols while permitting others. One of the proponents (Adam Langley, who has been doing a lot of other fantastic work on making TLS better and more ubiquitous) mentioned the idea that Tor is an intended use case for this behavior, although there hasn't been any other explicit discussion of this. http://www.ietf.org/mail-archive/web/tls/current/msg06866.html "The design, as is, was picked because the use cases considered were either ambivalent on this point [in effect, whether to reveal which service the client is interested in contacting earlier in the protocol] or favoured the privacy side (i.e. Tor)." (Apparently the notion is that the protocol negotiation would happen late enough that the encrypted session is already established before the client and server decide which particular service the client wants to talk to, so you could multiplex, say, a web server, a Jabber server, a Tor server, and an IMAPS server all over tcp/443 and an eavesdropper wouldn't trivially be able to determine which one the client was communicating with -- except if side channels gave it away, of course.) I'm tempted to reply pointing out that _all_ uses of TLS represent at least potential support for a threat model in which a network operator is the adversary whom users are trying to defend against. So there's not much conceptually new about having TLS reduce network operators' control over traffic, although some of the people in the discussion seem to feel there is a qualitative difference between, say, keyword filtering and protocol filtering. Has anybody from Tor been working on NPN? -- Seth Schoen Senior Staff Technologist sch...@eff.org Electronic Frontier Foundationhttps://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Project 2008 Tax Return Now Online
Thus spake Anon Mus (my.green.lant...@googlemail.com): > >1) this is a freesoftware project the code is there for all to see, > >hopefully clueful people other than the US Government are reading it. > > Unfortunately, whilst there are clueful people watching the software, no > one has yet decided to publically produce and share a modified version > of this code which protects from a Global Adversary who is analyzing the > traffic (real time or.not). > > I await that day, but believe it will not be soon, because it would be > foolish to take on such a task, only to have the Tor project themselves > then radically change the code and so as to make the unofficial > modification obsolete. You're right, that's exactly why the work hasn't been finished yet. Everyone smart enough to do it realized that we'd just cause git conflicts with their work. They'd be foiled once and for all. ONCE AND FOR ALL! It has nothing to do with realizing that the best designs for these sorts of networks to date still aren't certain to be foolproof or fast, or that completing and proving such a design to be secure and scalable under a useful threat model would be at least a master's thesis. It has nothing to do with realizing that any naive padding solution would be instantly broken, providing a unique fingerprint for everyone using it, while *still* not providing substantial actual protection of their traffic. It has everything to do with the fact that the conspiracy is SO VAST AND OPPRESSIVE that everyone smart enough to do this project realizes that we'd just break their commits and there would be NOTHING THEY COULD DO ABOUT IT. Tor: 1, You Guys: 0. It's great being on the inside. > >2) no matter who's funding it the US gov't could read the code (see > >above) and would continue to (potentially) have a near global view of > >internet traffic. > > Well its obvious that who funds it get to make the decision as to what > anonymity "protection" gets put in. I see you've been reading between the lines on our monthly status reports, our roadmap docs, our trac projects, our specifications, our proposal process on or-dev, our TODO files, and so on. Very clever of you. For those not as swift as our detective here, the evidence (with full revision history) is hiding in plain sight at: https://svn.torproject.org/svn/projects/todo/ https://svn.torproject.org/svn/projects/roadmaps/ https://gitweb.torproject.org/tor.git/tree/HEAD:/doc/spec/proposals https://trac.torproject.org/projects/tor/wiki/sponsors https://blog.torproject.org/category/tags/progress-report/ The conspiracy is really too obvious in retrospect, especially if the likes of you were able the figure it out. We should be more careful with our future conspiracies. This has been noted in our files. > So if you were the Global Traffic Analysis Adversary then you would > distract, delay, deny and defend lack of protection from your analysis. > If you also funded the project then that would make that task easier. Don't forget all the University professors and grad students doing Tor research independent of the Tor Project. They are paid off to keep quiet, too. Most of them have island beachfront property (but under black ops front company names, of course). It's a pretty sweet gig. > So whilst there is no protection in Tor (by official policy) from the > Global Traffic Analysis Adversary (aka US -GOV) then you can expect to > unmasked for every usage you make of Tor. Unless of course, you were the > US -GOV in which case you can add that protection into your Tor nodes > and Tor clients. Correct. Of course, you could add that same protection in too. But, then, of course, we'd break your commits. This is the one advantage of sponsoring Tor. The US Gov't quickly realized that otherwise, we'd break their commits too. They had no choice, really. It really is the best revenue model for Open Source Development yet. We should write a book, if it weren't so damn secret... > For instance if I were US - GOV (i.e. it was my job to spy on your > traffic) I would, at the very least, > > [ REDACTED ] You know too much, Mr. Anon Mus. The Adversary has been alerted. Prepare to be silenced (if we're lucky). -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpPKj6m8cjZc.pgp Description: PGP signature
Re: Tor Project 2008 Tax Return Now Online
On Mon, Aug 16, 2010 at 11:32 PM, Julie C wrote: > The larger threat that I see is the Tor Project is absolutely ... dare I say > it? ... PATHETIC AT MARKETING ITSELF. > Something has been bugging me the last couple days about the bigger picture > of the funding issue that came to light with the cryptome posting a couple > days ago. It became clearer to me today as I was driving through my > neighbourhood (yes, I am a Canadian) - only $500,000 in funding for all of > 2008 for the Tor Project?! [snip] This is neither fair nor reasonable. When Wikimedia broke into the top _10_ most popular sites, with something like 100 million unique viewers in a month the annual income was comparable to the tor project. It only broke 1m in fundraising at the very end of 2007. It takes time to scale up an organization so that it is able to spend large amounts of money in an efficient and responsible way. The Free Software Foundation 2008 990 reflects 1m in income and the FSF has been around for 25 years and supports many initiatives. Mozilla Foundation's 2008 990 reflects 1.2m in income (this isn't the whole story, Mozilla's finances are greatly complicated). > Good grief, my neighbourhood homeless shelter gets 5 times that much funding > each year. And there are likely 15 shelters in my city that get that much or > more - per year. And this is in just 1 city in 1 country! [snip] I'm sure if I looked around I could find some initiative to give blankets to kittens which raises more than all the orgs I've mentioned combined, people allocate their charity in weird ways... and it's isn't like homeless shelters are unreasonable things to support. But more importantly, all of these orgs are growing. I expect that they couldn't efficiently use all they could possible bring in, and people are still coming to terms with the idea that software projects can be deserving charities. "Software... thats the stuff that made that Bill kid one of the richest people in the world, right?" So cut the Tor folks a little slack, and if you see a way that you can make a real contribution to improving the situation then speak up. Everyone is a master fundraiser in their own mind. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Project 2008 Tax Return Now Online
On Mon, Aug 16, 2010 at 11:31 AM, Mike Perry wrote: > > Yes. The larger threat is that funders can stear funding in a general > direction. Say, by prioritizing performance over censorship > resistence, or censorship resistence over anonymity research. > > So far however, it appears that everyone involved is on the same page, > and believes that performance, usability, censorship resistence, and > general anonymity research are *all* important to our goal. > > > The larger threat that I see is the Tor Project is absolutely ... dare I say it? ... PATHETIC AT MARKETING ITSELF. Something has been bugging me the last couple days about the bigger picture of the funding issue that came to light with the cryptome posting a couple days ago. It became clearer to me today as I was driving through my neighbourhood (yes, I am a Canadian) - only $500,000 in funding for all of 2008 for the Tor Project?! Good grief, my neighbourhood homeless shelter gets 5 times that much funding each year. And there are likely 15 shelters in my city that get that much or more - per year. And this is in just 1 city in 1 country! Sorry, Roger and Andrew, but as talented as you are, I think you have to make it a priority to get some professional fundraisers on board. Anonymity, privacy, free speech, and stuff are absolutely more important than a few thousand homeless people in my home town. Somebody is not getting the message out, and all of the volunteers who believe in these bread and butter moral and ethical issues deserve more. Think bigger, please! Who is holding the project back from not thinking bigger? Why isn't the UN sending you $50M a year? Big enterprises need your software. All law enforcement needs your software. All governments need your software. All journalists, all bankers, accountants, lawyers, researchers - everyone who needs to have at least some of their communications off the record. This is the way to solve the US-centric perception, the fear of big government - get everyone to be funding your work. And keep it all open source so no one needs to be fearful of anyone else controlling it. Get 100,000 servers and relays and bridges out there - why aren't Google and Amazon and Microsoft and IBM and others throwing serious weight behind you? That's the challenge that I see is vital for right now. -- Julie C. ju...@h-ck.ca GPG key 06D32144 available at http://keys.gnupg.net
Re: Tor Project 2008 Tax Return Now Online
Jonathan D. Proulx wrote: While I do think it's good to see the funding there are two points that are important to remember. 1) this is a freesoftware project the code is there for all to see, hopefully clueful people other than the US Government are reading it. Unfortunately, whilst there are clueful people watching the software, no one has yet decided to publically produce and share a modified version of this code which protects from a Global Adversary who is analyzing the traffic (real time or.not). I await that day, but believe it will not be soon, because it would be foolish to take on such a task, only to have the Tor project themselves then radically change the code and so as to make the unofficial modification obsolete. 2) no matter who's funding it the US gov't could read the code (see above) and would continue to (potentially) have a near global view of internet traffic. Well its obvious that who funds it get to make the decision as to what anonymity "protection" gets put in. So if you were the Global Traffic Analysis Adversary then you would distract, delay, deny and defend lack of protection from your analysis. If you also funded the project then that would make that task easier. So whilst there is no protection in Tor (by official policy) from the Global Traffic Analysis Adversary (aka US -GOV) then you can expect to unmasked for every usage you make of Tor. Unless of course, you were the US -GOV in which case you can add that protection into your Tor nodes and Tor clients. For instance if I were US - GOV (i.e. it was my job to spy on your traffic) I would, at the very least, 1. Set up global INTEL network of private and institutional Tor servers. These servers would be .edu, .gov, .net (running at legit ISP's), as well as from the homes of hundreds of operatives (police, CIA, FBI, NSA, Homeland Security), .mil (e.g. force bases overseas) and other .gov officials (embassy staff, trade orgs, propaganda orgs like Voice of America offices) globally. 2. On those INTEL servers, a modified Tor software would be run with modifications to create a supersecure subset of Tor. These servers would either be self identifying (as the supersecure servers - SS) or receive a list of ips from a central server. I'd give some of these SS servers name like anarchist, whacko, anarchist or anti-gov/big brov but their ip's would appear to be from telco's, R&D/Ops contractors.. 3. Relatively minor modifications to the Tor code would add this extra protection and priority for the officially supersecure traffic. e.g. i/ Higher/extra layer encription. ii/Protection from Traffic analysis - extra long random length circuits (n = 3..6 variable), chaff traffic (70-90% variable chaff), multiplexed traffic (mixed circuit streams - TOP SECRET) and multiple route traffic (split circuit streams - EXTREME TOP SECRET). iii/Traffic delivery Guarantees 4. Non-supersecure (normal) traffic would be labeled to separate its treatment (as well as logged with the identity ip of the originating Tor user. Potentially then the circuit builders Tor user ip could be sent on secretly, in another layer, to as far as it will go in this SSS Intel network) 5. Potentially, normal Tor traffic could be deliberately sent, by these SS servers, in specific traffic analysis timed sequences to make easier to pick it up when it exits the SSS Intel network by traffic analysis systems . A sort of traffic "signature" to be followed to the source. To a large extent freesoftware defends agains the worst abuses funders can demand (1), but I wouldn't fully trust TOR against China either (2) No comment -Jon *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Project 2008 Tax Return Now Online
Thus spake Jonathan D. Proulx (j...@csail.mit.edu): > While I do think it's good to see the funding there are two points that > are important to remember. > > 1) this is a freesoftware project the code is there for all to see, > hopefully clueful people other than the US Government are reading it. Yes. The larger threat is that funders can stear funding in a general direction. Say, by prioritizing performance over censorship resistence, or censorship resistence over anonymity research. So far however, it appears that everyone involved is on the same page, and believes that performance, usability, censorship resistence, and general anonymity research are *all* important to our goal. > 2) no matter who's funding it the US gov't could read the code (see > above) and would continue to (potentially) have a near global view of > internet traffic. > > To a large extent freesoftware defends agains the worst abuses funders > can demand (1), but I wouldn't fully trust TOR against China either (2) As an aside, while a global adversary is not something the Tor research and development community feels it is currently capable of defending against in general, there are limits to the ability of even a global adversary to perform accurate dragnet analysis of all Tor traffic. This is primarly due to the Base Rate Fallacy: https://conspicuouschatter.wordpress.com/2008/09/30/the-base-rate-fallacy-and-the-traffic-analysis-of-tor/ http://archives.seul.org/or/dev/Sep-2008/msg00016.html In other words, the average Tor user doesn't have a lot to fear, IMO. However, once you are targeted specifically by a global adversary, or if you are visiting sites that are targeted by a global adversary, your odds of escaping detection do go down drastically. The big problem that Tor faces is that most schemes to protect against this sort of adversary are either costly, unproven, or both. There were a couple of promising papers at PETS this year, but they need to have a bit more time to be reviewed by the research community. They also add non-negligible overhead. http://petsymposium.org/2010/program.php -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpFyv4Sfv9w8.pgp Description: PGP signature
Re: Cannot retrieve apt key from keyserver
Hi David, On 08/16/2010 03:33 PM, via@free.fr wrote: > When I type in the terminal the following line: > --- > gpg --keyserver keys.gnupg.net --recv 886DDD89 > --- > > I get an error telling me the key hasn't been found. I tried to retrieve the > key > from http://keys.gnupg.net/. The key isn't found. perhaps it was just a temporary problem. When I search for the key I get the following: gpg --keyserver keys.gnupg.net --search-keys 886DDD89 gpg: searching for "886DDD89" from hkp server keys.gnupg.net (1) deb.torproject.org archive signing key 2048 bit RSA key 886DDD89, created: 2009-09-04 > How can I install apt repository without this key ? Is there another way to > retrieve the key ? You can install this software without the key by ignoring the warning, but this is not recommended. For receiving the key you can try another keyserver like pgp.mit.edu or pool.sks-keyservers.net. If you prefer a Webbrowser you can try this link: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xEE8CBC9E886DDD89 Michael -- Michael Scheinost mich...@scheinost.org Jabber: m.schein...@jabber.ccc.de GPG Key ID 0x4FF8E93B signature.asc Description: OpenPGP digital signature
Re: Cannot retrieve apt key from keyserver
On 2010-08-16 15:33, via@free.fr wrote: > When I type in the terminal the following line: > --- > gpg --keyserver keys.gnupg.net --recv 886DDD89 > --- > > I get an error telling me the key hasn't been found. I tried to retrieve the > key > from http://keys.gnupg.net/. The key isn't found. Please try: http://minsky.surfnet.nl:11371/pks/lookup?op=index&search=0x886DDD89 *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Project 2008 Tax Return Now Online
While I do think it's good to see the funding there are two points that are important to remember. 1) this is a freesoftware project the code is there for all to see, hopefully clueful people other than the US Government are reading it. 2) no matter who's funding it the US gov't could read the code (see above) and would continue to (potentially) have a near global view of internet traffic. To a large extent freesoftware defends agains the worst abuses funders can demand (1), but I wouldn't fully trust TOR against China either (2) -Jon *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Cannot retrieve apt key from keyserver
Hello, I'm on Ubuntu 10.04 and I try to install tor following http://www.torproject.org/docs/debian.html.en (Option 2). I try to add the following repository: deb http://deb.torproject.org/torproject.org lucid main When I type in the terminal the following line: --- gpg --keyserver keys.gnupg.net --recv 886DDD89 --- I get an error telling me the key hasn't been found. I tried to retrieve the key from http://keys.gnupg.net/. The key isn't found. How can I install apt repository without this key ? Is there another way to retrieve the key ? Regards, David *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
