A month with BADONIONS

Discussion in 'privacy problems' started by mirimir, Jun 26, 2015.

  1. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    https://nakedsecurity.sophos.com/2015/06/25/can-you-trust-tors-exit-nodes/

    https://chloe.re/2015/06/20/a-month-with-badonions/
     
  2. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Hopefully, this is an example of an oversight or a slow moving bureaucracy, not something worse. It's entirely possible that those are government controlled exits. These and other related issues keep cropping up with Tor and make one question its trustworthiness. That too could be by design. Creating doubt and division is standard operating procedure for the NSA. IMO, the best a user can do with this specific issue is to blacklist those exits.
     
  3. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    I hate this thread.

    Whenever possible I try to stay encrypted past the TOR exit node (such as here).
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Yes, but many Tor users still haven't gotten the message :(

    And maybe worse, the Tor Project is not being very forthcoming about this. Most of the exits that she identified as bad are still part of the Tor network. Maybe that's because they don't trust her methodology. But at least they could say that, no?
     
  5. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The issue also opens up some far more serious possibilities like coercion or governments seizing or controlling a large percentage of the exits. I share her concerns over the centralization of control which makes that center of control a very choice, high value target. Tor already has trust issues due to where a lot of their funding comes from. Their lack of a response and failure to take any action only adds to the problem.
     
  6. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    318
    Governments have the budgets to make as many tor nodes as they want and provide them with as much bandwidth as they want. Government owned nodes could easily dwarf the numbers of privately controlled ones.
     
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    That is true for one reason only, inaction. If even 1% of the people hosted a relay or exit, there'd be more nodes than all the governments combined could create or ever hope to monitor. It's the inaction of people that makes their actions possible. Government resources might be huge, but they're nothing compared to the combined resources of the people. It's past time that people wake up and realize that.
     
  8. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    318
    Probably a lot of people who could host one because they have the resources are afraid to in case it makes them a target for surveillance etc.
     
  9. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    689
    Speaking of people in general, I wonder how many have actually heard of Tor let alone know what a relay or an exit node is. With those I touch base with offline I never hear it mentioned.
     
  10. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    Thanks mirimir. I took a look at her research and it's very interesting. I would hope the TOR developers would take her seriously o_O


    I checked the TOR nodes she was talking about and they are in the Ukraine and India.

    Not suprising :D The guy in India is the main culpret. He is running Windows LOL.

    That's because TOR is taboo in society.

    There are basically 3 types of TOR users tin foil hat wearing folks, pedophiles and drug dealers. Ask yourself would you want to be indified with those 3 users?
     
    Last edited: Jul 13, 2015
  11. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    That individual chose to do this. He could have done the same thing with linux. Windows has nothing to do with it. I ran an exit for almost 2 years on Windows. Anyone choosing to run an exit should take the time to properly secure and harden their equipment, knowing that it's a potential target.
    That might be able to be applied to Tor users. It doesn't fit relay and exit operators. We "tin foil hat wearing folks" might choose to run an exit. That label is disappearing fast now. A pedophile or drug dealer won't run an exit. Relays and exits are publicly listed. They don't want that kind of attention. They're just Tor users, just like government and corporate criminals.
     
  12. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    The Making of a Conservative Environmentalist, by Gordon K. Durnil, 2001, at p. 43
    http://www.iupress.indiana.edu/product_info.php?products_id=21990
     
  13. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    689
    indified? why do I get the feeling that wasn't an honest mistake? Call it all the tinfoil hats you want but all I'm interested in is the facts AND protecting my privacy which I should have every right to do. The fact is unless you obfuscate your ip, you're identified. If you don't want that happening then how many ways are there to fix that? Afaik not that many.
     
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    @mirimir
    Two sets of laws and standards of acceptable behavior. The one for corporations and governments is anything you can get away with is allowed. If they're caught, they get a public slap on the wrist.
     
  15. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    noone_particular I agree with you. My comment was a bit tounge and cheek really. Please don't be offended. I know there more factors at play for TOR users.
     
  16. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I didn't take you that way. You were basically repeating the script the media uses to describe Tor users. Even in local news, that control is obvious. Example: every time someone gets busted (or framed) for child porn, there's always an interview with the frightened mother who's scared for her kids. Around here, they keep reusing the same interviews.
     
  17. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    Yes I know how the media works. The corperate-tabloid media really has it in for TOR. I don't subscribe to their agenda.
     
  18. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    In that respect, they're no different than the countries with "state controlled media" as the US is fond of saying. The only difference is that in the US, state and corporate are interchangeable terms. The real problem is that most of the people in the US are too absorbed in self gratification and garbage entertainment to see it. The near ideal flock of sheep. All that's left is disarming them.
     
  19. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,150
    Location:
    UK
    @noone_particular - poor Internet users are already disarmed. We have these delusions of avoiding being low hanging fruit, spending time and money in attempts to protect ourselves, when the systems themselves are "terrifically weak" and in some cases, deliberately compromised. There are HUGE penalties for any citizen attempting self-defence (responding to attack), and the only people "legitimately" able to attack are our wonderfully accountable government agencies.

    So as far as the Internet's concerned, they've already achieved Machiavelli's goal regarding the citizens. What they appear to have neglected is that they are killing the golden goose.
     
  20. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    There is a double standard involved that users could take advantage of. Corporations and businesses have greater freedom to defend themselves, and more. If users incorporate, the same laws should apply.