ManBearPig
Diamond Member
deleted
Last edited:
-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
Can someone explain what Tor is?
- Thread starter ManBearPig
- Start date
Chiefcrowe
Diamond Member
This link pretty much explains it all:
https://en.wikipedia.org/wiki/Tor_(anonymity_network)
Since it is routing through many hosts, it is slower but that is the tradeoff for appearing to be from a different address.
https://en.wikipedia.org/wiki/Tor_(anonymity_network)
Since it is routing through many hosts, it is slower but that is the tradeoff for appearing to be from a different address.
lxskllr
No Lifer
Wikipedia, and the site pages would be your best bet. It's both simple and complicated.
Very tersely, it's used for anonymous communication, and to avert tracking. Your communication is wrapped in encryption layers, and goes through at least three hops before it hits the open web. Each hop knows where the communication came from, and where it's going, but no one knows the whole path.
There's also hidden services which are completely within the Tor network. Those are completely hidden, and the location can't be ascertained.
It's very slow, but valuable if you require privacy. There's also ways to do it wrong, and governmental impediments if you live in that kind of country. That's the complicated part. If you need to be private, you need to read the docs. There's a lot of things you should do/use in Tor that could affect your privacy. Tor is anonymous, not secure, and you could compromise your anonymity.
Very tersely, it's used for anonymous communication, and to avert tracking. Your communication is wrapped in encryption layers, and goes through at least three hops before it hits the open web. Each hop knows where the communication came from, and where it's going, but no one knows the whole path.
There's also hidden services which are completely within the Tor network. Those are completely hidden, and the location can't be ascertained.
It's very slow, but valuable if you require privacy. There's also ways to do it wrong, and governmental impediments if you live in that kind of country. That's the complicated part. If you need to be private, you need to read the docs. There's a lot of things you should do/use in Tor that could affect your privacy. Tor is anonymous, not secure, and you could compromise your anonymity.
lxskllr
No Lifer
Enough nodes is the operative phrase. The way to combat subversion of the system is by participating in the system. Setting up as a relay is easy, and it also helps hide your own traffic amongst the noise.
Figuring out the traffic flow from one node to another is one thing, having any clue what is in it and where the ultimate end point is another. While nothing is perfectly secure, the logic behind the onion routing makes it very difficult to pin traffic on any specific person. Is the traffic coming from node A for node A (as in to exit to a user browser) or is it passing though traffic for node b,c,d,e,f,g,h,i,j,k at the same time?
Considering they still haven't found freedomhosting (it has been in the news for hosting drug sites and other stuff) and that has been running for years, I would place a 1/2 decent bet that sending a secure journalist email in a repressive government is "fairly safe."
Yeah. When I was curious about it I was running a nonexiting relay for the hell of it. If my ISP had been monitoring my connection, they would have no clue what I was up to (the might assume tor) because my node had made a connection for at least 1 packet to about 350,000 IPs in a month.
It was neat seeing it work but not that useful for me since it seemed many sites tried to block the exit nodes.
lxskllr
No Lifer
Yea, the exit nodes are the tough part. I don't have the resources atm, or the desire to deal with hassle to setup an exit, but it's something I have in mind for the future. I think buying server time anonymously and redoing it every time it got shut down would be the way to handle it. I dunno. I'd have to do a lot more reading before I got into that aspect of it.
The NSA does not care about taking down freedomhosting or any underweb hosts/sites. In fact, if they knew its location the gov would not shut it down as they could then swarm it with their own nodes in order to piece together its traffic. If they shut it down another one would pop up someplace else and they'd have to start all over.
It would be much easier than you think to determine where the nodes are if you have 1,000 or more "custom" nodes routing traffic in a certain manner, and distributed in such a manner, that patterns become obvious rather quickly.
You've been warned. 😉
Uh huh. Where is support and documentation for these claims? Ambiguous "you have been warned" doesn't mean anything.
These "claims" are just the result of understanding how tor works. The limitations in tor anonymity are well documented and discussed. Google should find any info you require.
Instead of looking there first, I recommend you do a bit more reading on, and get a better understanding of how the tor network operates. When you understand it, my above "claims" will appear rather obvious.
I'll try to give an example: If there are 1,000 tor nodes, 1 is a computer geek wanting to explore the tor network, and 999 are NSA nodes, how easy would it be to find this 1 person? The onion only adds 1 layer per node, and traffic generally goes through 3 - 5 nodes before reaching its destination (an onion resource or an exit node). In this example the computer geeks traffic will be hitting an NSA node 100% of the time for 100% of his routing. As each NSA node is aware of the IP's of all other NSA nodes, the computer geek sticks out like a sore thumb, and his traffic, source and destination, can be monitored very easily. If there are 10,000 geeks using tor at any one time, how many NSA nodes are required to be in the mix in order to have a high (> 90%) success rate at tracking any one nodes source traffic from the source to its destination? 1,000? 5,000? 20,000? Whatever number of nodes is required, the cost would be a drop in the bucket compared to the NSA budget for such monitoring activities (billions), e.g. their million sq ft data center going up in Utah, so it would be foolish to assume they wouldn't.
Last edited:
So what your saying is that in your completely unrealistic situation that you would be identified.
Well for 1, the NSA does not control all the other nodes. For 2, a request coming from my node could be originating on another node "1001" so there is no actual proof the connection even came from me. The NSA nodes would have no idea what actually came from me and what is relay traffic as there is nothing to differentiate what the local user relayed vs another node relayed through my node.
You comment seems rather close to "locks are not secure" because someone some where has cut every possible combination of key.
Actually 20,000 NSA nodes would be fantastic since it would speed up the network while really not giving the NSA anything useful other than maybe a "best guess" about which nodes are heavy users.
Also, nice dodge on having to do any effort to support your position and just telling me to Google it.
Last edited:
And from what I recall, that is only a subset as the system doesn't give everyone a full list.
--edit--
I just looked at the TOR metrics site and they are currently tracking 200,000 relays. Even if you use the old 2011 "potential exploit" for TOR that required you to control 33% of nodes you are looking at running at least 66,000 nodes to have a chance to break 2 / 3 layers and then have to statistical brute force the third.
This just might explain why they haven't found freedomhosting yet. They have been trying to shut it down for years because of the sites it hosts.
Last edited:
Yes, but if they are monitoring traffic to specific websites/services/ip's via control of exit nodes, and they notice over a period of time that traffic to those sites always appears to originate from your node, it becomes obvious very quickly that your node is the originating node. The odds that somebody else is routing through your node every time are basically nill.
In your unreasonable network sure. However the relay nodes are always relaying and are wide open to any other node on the network. They are also trading pathing information. There is always chatter. Reality doesn't match theoretical in this case. There is still no way to verify that the request came from my node from "me." Your unrealistic case hinges on my node being 100% contained inside an NSA network. That isn't reality. Any other random node on the internet can and will relay through me at any time.
Not true. I made your node 100% contained in my example to explain how it would work, but it certainly doesn't hinge on that. With enough nodes and enough time (and enough traffic from you) "they" can narrow down traffic between nodes to you.
This weak point in the anonymity of Tor traffic is well known. No point in arguing it.
Yet you continue to refuse to post any support or links. Your evidence is discarded until support yourself.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
