Basic Tor question

I don't know much about software, computers, etc compared to most folks on this site. I'm hoping someone can give me a simple answers to a few questions:

How safe is Tor?

What do people use Tor for?

What are the vulnerabilities of Tor?

 

http://www.torproject.org/docs/documentation.html.en

 

What is your actual definition of safe, what are you trying to accomplish here?

In simple terms, there is no 100% real safety...

You know the expression you get what you pay for? Well you don't pay anything for Tor so don't expect much and if you are really concerned about your privacy and safety I'd stay very far away from Tor and find a good private VPN that you pay for...

If you're looking for free safety, forget it...

 

Most people use Tor to browse the open Internet. See the Tor Project front page. This gives them anonymity without privacy. It is also useful for creating anonymous webmail and e-currency accounts. Most Tor vulnerabilities relate to this use of Tor.
https://secure.wikimedia.org/wikipedia/en/wiki/Tor_(anonymity_network)#Weaknesses

Tor hidden services offer privacy and anonymity with end-to-end encryption.
https://secure.wikimedia.org/wikipedia/en/wiki/.onion

People who desire serious privacy and anonymity do not rely on commerical services. One court order will turn your privacy protection service into a data collection service. Even the best VPN service in the world is just a toy. If you want real privacy don't use the open Internet.

 

Thanks for the responses. Obviously there is disagreement. My interest is just theoretical. So, with Tor the exit nodes are the vulnerability insofar as the traffic between the exit node and my computer is unencrypted and viewable?

 

No, it's "unencrypted" between the exit node and the destination - if you don't use other means of encryption such as TLS ("https").

About the "disagreement": there are several threads on this such as:
https://www.wilderssecurity.com/showthread.php?t=277329
and a currently ongoing discussion here
https://www.wilderssecurity.com/showthread.php?t=285780&page=9
(which isn't finished yet )

 

All VPN's will have the same "flaw." Why? Because the VPN cannot control the destination. If the destination does not utilize SSL, then the exit node on your VPN will always be able to see what you are doing. The only way to ensure privacy is end-to-end encryption and the only way to achieve that is to have the destination offer it as an option. So, basically, it depends on what sites you are visiting.

Since a private VPN can just as easily snoop at the exit node as a rogue Tor node, I would rather trust Tor since it is not under the control of a single entity. If the Tor exit node is rogue, he might be able to see what you're doing (if SSL is not in use), but he wont know who you are. This is not the case with private VPN's because they control all the nodes in the network. But, in the case of Tor, it would be exceedingly unlikely that one rogue entity would be able to control all the Tor nodes in your circuit (all the nodes are chosen at random by Tor, which makes it even more difficult for an adversary to control). And has been mentioned, Tor has its own little network (a darknet) with the .onion suffix. If you visit these sites, they are all encrypted end-to-end automatically.

Bottom line: private VPN's probably are a bit faster for browsing, but they likely offer less anonymity. For everyday browsing, the privacy of Tor and VPN's are the same.

 

It's more better to have that than nothing. ....besides, I love the smell of Onions.

 

If it is set up correctly I guess it is pretty safe. One thing though. If you set up the Vidalia bundle, go into firefox about:config and toggle geo.enabled to false. That has been fixed in the Tor Browser Bundle but with the Vidalia bundle and Firefox, unless that is disabled your location can be revealed.

Not long ago I read that a politician was asking Google or Twitter or someone to reveal the IP address of someone who was criticizing him. There was no defamation of character or threats or anything illegal. Just criticism. If I were going to criticize a politician like that I would use my VPN or at least Tor. But I may do it from a public connection. You can drive up into the parking lot at a Red Roof Inn and get a connection etc... And NEVER log into your secret account with your true IP.

Political activists who live in repressive countries use Tor. Criminals use Tor. People who just like privacy and anonymity use Tor.

The connection goes through a series of encrypted hops. But it is finally decrypted and sent out to the internet. If someone is monitoring that exit node, they could read anything that is sent. They may not know where it came from, but based on what they see, if you give out your personal info, they may be able to figure it out.

I have also heard that bad people who have control of these nodes can inject malicious codes back to you....or something like that. But that is beyond my understanding. But so then maybe if you are using Tor, it would be a good idea to open your browser in Sandboxie and then delete the sandbox when you are through, to prevent any bad stuff from coming back on to your computer.

 

And if you click on "share my location" or whatever it's called. Firefox will not automatically share Geolocation without your consent (unless there's a vulnerability in the code).

If your connection isn't end to end encrypted someone in between can not only read the data, he can also change it.
This doesn't just apply to Tor though! There are all sorts of other MITM attacks that can do that like ARP spoofing on the local network or DNS poisoning. Good host security is a must in any case. Injecting malicious scripts through MITM is far less of a risk than already compromised servers (SQL injections...) "serving" exploits to anyone, no matter how they connect to the site.

Besides hardening your OS and browser (there are lots of ways and good resources here on the forum, if you allow a shameless plug: https://www.wilderssecurity.com/showthread.php?t=274296) you can also put the whole OS into a VM and firewall that so it can only connect through Tor/VPN. That way, even if an attacker gets in he can't find out your true IP because the VM never sees it.

 

It would be much easier if the attacker controlled the updates of the TOR servers in your list, by populating it with tons of rogues, all him.

 

If you are a networking and security expert, it is relatively safe. If you are novice, there are many ways things can and have gone very bad, and you should only use virtualized instances like TorVM, JanusVM, or xB Machine to access Tor safely.

Depends on the user. Those running tor as clients use it for web surfing mostly from 3rd-world countries, hacking/marketing/spam, and for general anonymity while web browsing. Those running tor as exit nodes use it for capturing click-stream/marketing data, sniffing client credentials, or because they want to help expand tor. The reason for this is there is significantly greater incentive to participate in the tor network if you are evil, rather than because you are a generous person. There are also those that run "bridge nodes" in order to assist anti-censorship efforts.

Statistically speaking, if you look at the traffic on a tor exit node, most people use tor for downloading pornography, but it is very useful for evading censorship in most non-democratic countries. If you were to gauge risk vs reward, tor is an asset for users in 3rd-world countries, but is a liability in for users in 1st-world countries. So it depends on where you are, your needs, expertise, and your risk profile.

Your activities through tor are exposed and manipulable by anyone who wants to run a tor exit node. The tor client and assisting softwares have also been compromised multiple times, resulting in man-in-the-middle attacks, browser hijacking, remote file disclosure (your documents), and remote code execution (rootkits, virus, malware). Tor's anonymity is also inherently vulnerable to multiple attack types because it is based on participation from other users.

Except for the fact that it has happened on more than one occasion, compromising over 150,000 tor users the last time it was publicly exposed in August 2007.

 

Yes, "relatively". The browser bundle is also "relatively" safe as it mitigates most common pitfalls and is regularly updated.

That's the nature of software. I love your expression "and assisting software".
What do we have there? Huge web-browsers with tons of plugins and extensions from "caring" software developers like Adobe?

Yes it's a mess and yes, we've already covered how to protect against this risk. This is nothing unique to Tor either.

Another great statement I simply needed to quote...
Every anonymity "solution" is "inherently vulnerable to multiple attack types because" <insert its design principles and mode of operation>.

Just like with security there is no "solution" for anonymity. It's a process and everyone needs to answer for themselves what's good enough for the particular threat model, risk and probability.

Are you referring to Dan Egerstad?
Can you name a source that would confirm your statement that he was able to "control all the Tor nodes in your circuit" of 150000 Tor users?

My sources tell me something else: He did not break the Tor network and couldn't find out the IP of Tor users.
He simply sniffed a lot of plain text traffic and published that. What a great accomplishment!

The scale of high value targets like embassies and VISA sending plain text data over an highly untrusted network is news worthy of course. But really, their own fault. You can't blame Tor for that, they make it pretty clear in their FAQ:
https://trac.torproject.org/project...exitnodeseavesdroponcommunicationsIsntthatbad

 

The browser bundle is moderately protected against known side-channel attacks and weak against 0-day side-channel attacks, which covers most of the attack surface. However, using a VM client is superior as it protects against virtually all side-channel attacks known as well.

I'm referencing softwares like vidalia that are included in the bundle. However, again, VM is superior solution as it protects against those mean plugins and evil proxy-resisting programs you mention too.

I disagree. Tor has spawned a host of new attack types that are not possible on other systems. Ex: Sybil attacks are relatively unique to tor. Control port attack? Unique to tor. Directory Authority hijacking? Unique to tor. The list goes on. Other anonymity networks just don't have those vulnerabilities because they don't rely on participation.

Anonymity solutions are not a zero-sum game. For example, is there any reason to continue using xyz solution if a new technology comes out that is faster and entirely immune to traffic analysis altogether?

Lol no.

Sure, you can confirm it with tor lead developer Roger Dingledine.

 

Yes, that's the fundamental design decision behind Tor.
Let's take another solution, what would you like, xerobank?
I won't challenge you on technical attacks, there are some ways too, less than in Tor maybe. You sure know better than me.
But attacks can have very different faces, what about legal pressure?
Just like the Tor devs try to make it hard to break the network xerobank tries to make it harder for goverments et al to pressure them, demand logs and backdoors and so forth.
What this means is "xerobank is inherently vulnerable to government pressure because it relies on a small number of legal entities that control the complete network". Would you agree on that?

Yes there are some reasons, like xyz is open source and audited while you can't trust the new solution yet because its track record is too short.

Will do.

 

You could say that as a design decision, but effectively that isn't the case in reality. Remember: leveraged unpredictability.

My concern when evaluating anonymity systems is the effective "level" of anonymity provided to the user at a minimum level. In this capacity, do you trust a network that has been compromised countless times and continues to be compromised, or do you rather trust a network that has never been compromised?

Presuming they've both had sufficiently motivated and powerful attackers (which i can attest to ) and you're rational, you might advocate for the solution which hasn't been broken.

How long or how much scrutiny until you trust a system, I wonder. I feel the same way about crypto ciphers, but where trust and transparency come into play in anonymity and privacy is a little more murky.

Security components should be transparent, open source, and auditable. Privacy components should be opaque, blackbox, and without logs. There is no effective transparent anonymity :: there is no trustable security that is opaque.

 

We all know Steve has a product to sell which competes with Tor.

I'll post some links and leave it at that.
http://archives.seul.org/or/announce/Sep-2007/msg00000.html is the vulnerability referred to above.
The attack mentioned didn't work with the control port disabled or password protected and Roger Dingledine knows of no compromise of 150.000 users (yes, I asked him).

For a different perspective please visit https://www.torproject.org and read up on their documentations.

 

I know I shouldn't but I can't help it, I need to reply to these points.

Point 1
"leveraged unpredictability"
No, I don't remember. This is not a term anyone uses except you.

From your faq:
"The location of our servers is secret."

Please tell me, how can you keep servers secret when they are attached to the internet and routing traffic? You are one true genius, that alone should make you millions. Citing Bruce Schneier sure gives the whole thing some ponderosity.

I don't know how your network works (it's opaque you know) so let's be generous and say you have 100 servers in 20 different countries.Would it be hard to get a suppoena for every single one of them? I guess so, but would it be "impossible"? If it's impossible, then prove it so I can verify how strong xerobank's anonymity is. If it's not impossible than it's vulnerable, see my previous statement.

Point 2
a) "Privacy components should be opaque, blackbox, and without logs"
b) "do you rather trust a network that has never been compromised?"

It's brilliant!

No, wait. Let's play "do you see the flaw in the picture?"
Oh right. Why didn't I see that right away?

When you use an opaque blackbox anything you never know if and when you have been compromised.

Point 3
"In this capacity, do you trust a network that has been compromised countless times and continues to be compromised"

How many flaws are
a) countless
b) continuing
c) are inherent to Tor
and not:
a) application level attacks that don't "compromise the network" but only single vulnerable configurations
b) pebkac
c) based on the assumption of a global attacker against whom xerobank is just as vulnerable
?

Point 4
"There is no effective transparent anonymity"
The desing must be open and must not be based on trust and promises of a 3rd party.

I'll trust a system once I fully understand how it should work by desing and once I can fully verify that it does indeed work according to specs.
For some systems that means never.

Point 5
In case you want to discredit what I say and in the interest of full disclosure, and to mess a bit with your worldview:

I don't use Xerobank, never have, I'm not affiliated with Tor in any way. I don't even use Tor nor do I care much about anonymity on the Internet.

The sole reason I am bothering is because I hate it when people spread misinformation.

 

I know that I shouldn't butt in, and I just can't resist entirely

Although the exact phrase may be, the concept is timeless -- Sun Tzu to John Boyd.

 

katio, realize that you are talking about xb vs tor. I am only talking about xyz vs tor. it appears you have a specific agenda since your comments sound emotional, so i'll try to entertain it below.

Although you may not be familiar with this term, you will find many other security experts who are. What it mean is that not revealing your position and strategy is advantageous. Schneier puts it rather aptly in stating that a general does not broadcast the locations of his tanks, and the secrecy in their location is advantageous in denying the enemy from strategic intelligence.

I'm shocked that you think that publicly exposed servers are the only servers. Surely, as such a strong advocate of tor, you are familiar with the concept of hidden services and by extension, hidden servers. Please see the term "reverse proxy" if you would like to know more.

You're thinking like how tor works: quantity over quality. Tor nodes are weak against legal attacks. They are run by individuals, they are not hardened against tampering, and cannot afford any defence against a serious adversary. But ok, let us say that somehow subpoenas are served to all xb nodes. The machines themselves keep no logs, and will not render any useful information if forcibly captured. This happened prior in a couple countries already. Why didn't we broadcast this? We aren't ThePirateBay, and taunting adversaries is usually unwise.

However, this is not relevant towards anonymity per se. But your question is loaded, as there is not yet a published metric for anonymity, so you wouldn't be able to verify how "strong" any anonymity network is except comparatively by properties. And if we're going to compare properties... lets take a look at the anonymity sets via crowding. The average tor node has ~150 to ~250 users at any time, with one stream (circuit) per user, and each circuit is relatively distinct to traffic analysis. The average xerobank node has ~400 to ~1100 users at any time, with a single multiplexed stream between nodes that frustrates traffic analysis. Comparatively, xerobank provides "stronger" anonymity than tor because we use anonymity technologies concentrated on high resource nodes. This is not to say that xerobank is undefeatable, but it takes a stronger adversary to compromise xerobank than it does to compromise tor.

again, you picked xb versus tor. tor isn't a competitor, their users generally are not willing to pay more than $0, so there is no profit in 'wooing' them.

Only if the entire system is blackboxed. Again, the security components should be transparent, the privacy components should be opaque. There is no reason for you to attack this idea, it is also used in tor, which you appear to have confessed to trusting so you already agree to the principle.

There is no such thing as transparent privacy. The concept is a logical fallacy. Opacity is required for privacy. In the subject of anonymity, this is embodied in encryption, private asymmetric keys, shared secrets, hidden services, etc.

Tor's solution protects at layer 7 of the OSI model (least possible protection for the user against side-channel attacks). XeroBank protects at layer 4 and above of the OSI model. This is why I advocate the use of TorVM/JanusVM if you have to use tor, in order to get to layer 4 protection with additional side-channel attack protection.

Regarding application level attacks, the tor control port vulnerability compromised every version of tor on every client on every OS, including even the text-based browser lynx. This attack hijacked the entire tor network, allowing for full traffic analysis and deanonymization of all tor users. I suggest you ask Roger for verification, and you can also ask him why you weren't aware of the complete compromise of all tor users. Are you still sure your trust is well founded?

It must be? In order to satisfy anonymity, or in order to satisfy your curiosity? You are free to create your own solution, and choose to publish the workings of it or not. You may find that if you build a better mousetrap, others want to duplicate your work. If imitation is the sincerest form of flattery, the tor project speaks very highly of xerobank and others:

xb browser -> 2 years later: tor browser
scatterchat (cDc) -> 2 years later: tor im
xb machine -> 1 year later: tor vm
xb cryptorouter -> 4 years later: tor router

Anyhow, back to your trust and promises:

The entire tor network itself is based on trust, although it isn't obvious at first blush because there is so much ridiculous talk about decentralization and distribution. The reality is you are blindly trusting the tor directory authorities, and they are centrally controlled by single centralized entity(s). You don't have to compromise thousands of nodes to defeat tor, you only have to influence less than a handful. And in the case of the tor control port exploit, you didn't even have to defeat a single node to defeat the network: the compromise was based on the blind trust of tor users on directory authorities.

So I should presume you pour over the designs and verify the engineering schematics of your car, your household appliances, your computer, etc. in order to trust them to operate as they purport. After all, you put more trust into and have significantly higher risks, even of real physical harm, associated with those things than any computer network. Or do you just trust them, and the technical jargon and whitepapers and consortiums are just for reinforcing your faith?

Amen.

 

Sure, makes sense. But that's not what I'm talking about. That's kind of a far fetched analogy when talking about the xerobank network.

"Our servers", you don't make any explanations what that means.
Does it mean "All our servers"? Does it mean "all the important servers that matter"? It looks like that.
So when attacking Tor you have a "serious adversary" in mind. Someone who can do traffic analysis and timing attacks at a global level. This someone also likely has a global view of all xerobank traffic, sees all servers that are routing customer traffic and can determine where they are located and who owns them.

Oh right, opaque and all that. How do I know you didn't keep logs and no one was arrested?
Let's assume you don't keep logs, xerobank could be forced to keep logs for a specific user from "now on". No one would be any wiser and LEA doesn't ever have to reveal how it got the evidence, they can make something up.

You have two options: few nodes and much crowding or many nodes and less crowding. The former is weaker against "legal attacks", the latter weaker against technical attacks. You can't win.
You need many nodes and lots of crowding but that's not possible in a low latency network.
These numbers you name, how can I verify that? How do I know that "on a slow day" there aren't just tens of users on a given node?

Yeah, sure.
Just like them bloody pirates never pay a penny for music, right?
Though I wouldn't know, I'm not one of either.

Privacy needs trust. Trusting an opaque system is a logical fallacy.
You make strong claims how secure your product is and all I see is rhetorics and not the least bit of verifiable fact:
You don't log, you have thousands of users, you have hidden hardened servers, you multiplex traffic. Why should I believe all that?

That's what I said.

You got it wrong. Not every configuration of Tor was compromised. Lots of people using tor as a standalone without vidalia or tork had the control port disabled. Some people using transparent proxies would have it not exposed or password protected.
The vulnerability had the potential to affect the majority of Tor users at the time but it didn't "hijack the entire tor network".
I asked Roger on confirmation on that, that's what he said basically.

All software has vulnerabilities. OpenVPN or whatever you are using had vulns too.

https://svn.torproject.org/svn/projects/articles/circumvention-features.html

There are flaws and weaknesses in the concrete systems. Tor is evolving and working on these problems. Designing such a network is a difficult task.
But unlike a closed system the problems are in the open, you can check for yourself how much you trust its design. Weaknesses can be openly discussed and if you can come up with a solution, patches are welcome.

I trust that all complex systems have bugs. I get in the car and hope for the best, I don't trust that it works 100% all the time. It's simple probability calculus. I also don't trust Tor in the sense that it offers 100% anonymity.

But, unlike xerobank, I trust it to the extend that even though I don't trust any node and any developer it can still provide some level of anonymity.
In an open system, if there's a compromise like hijacked directory authorities it's much more "probable" that someone will discover and publish it just like it's more probably that flaws in a car are discovered when the hood isn't welded shut and you can bring it to any 3rd party garage for a check.

 

It isn't really that far fetched. We go to extreme measures to protect our clients, and we don't mention what some of those extreme measures are in order to prevent adversaries from being able to attempt counter-measures.

Correct, this generally means "all the important servers that matter".

Yes and no. When attacking tor, as proven, it doesn't take a global adversary to defeat tor's solution. It doesn't even take sophisticated traffic analysis if you were a global adversary because you can follow tor circuits from node to node to undo the anonymity, like following a string. XeroBank minimally takes a global adversary, and a global adversary who can do advanced traffic analysis on multiplexed traffic and global timing attacks.

Logical fallacy: You can't prove a negative.

But then again, if someone was arrested, the powers that be would likely be announcing it in the newspaper like they do anytime someone from another service is arrested.

Could xerobank be forced? Or would xero networks just refuse because they are outside US/UK/EU jurisdiction? And if push somehow came to shove, would xero networks refuse and shut down the network? Just look at the france node that was complained about: french intelligence started snooping around so we shut the node down that they were trying to tinker with. Or better yet, let me tell you about how the auth system works a little further. We separate the user identity from the user traffic using asymmetric crypto for authentication and accountancy. So we know a user is authorized to use our network and we start routing for them. But we don't associate their traffic to the user, and the origin of the traffic is lost when it reaches the xerobank exit node. It isn't just a matter of not logging, we mathematically broke the link between the two. But you are right, if we had no integrity and a quorum of admins colluded, we could log and you wouldn't know it. But since we have a profit motive, and that would destroy our ability to be profitable if it was ever discovered and the reputations and careers of those involved, we wouldn't ever risk it. Then again, there are plenty of tor nodes that actually do log exit traffic, but they have nothing to lose and can always return under a different name in a participation-based network.

I have no illusions of being able to "win". We have exceptionally strong protection against legal attacks to the point where they have ceased because they have been unfruitful. But when push comes to shove, our users will outlast tor's users, and we would rather go to jail or shut down operations than sacrifice our integrity.

Actually, in theory, the strongest system would have as few nodes and as high crowding as possible. There are physical limitations there that are quickly reached. So we prefer as few nodes as possible to create the strongest anonymity through amplifying our crowding. The low latency issue, yes that is where a lot of the high costs come in. We use dedicated 1000Mbps nodes on extremely low latency routes (<40ms) in order to provide users extreme anonymity at very low latency (~60ms-110ms).

You can't verify it on the tor network, but if you ran a node you would see those numbers are approximately right. For xb, part of our network design doesn't allow participation or external influence, so you can't run a node to find out, you would have to ask someone who knows. BUT... inside safehouse, we are working on providing internal xerobank metrics that include telling you our network routes, latencies, congestion, location, etc. There aren't really any "slow days" since unlike tor, our users are always connected all the time routing all their traffic and not just browser traffic because we use vpn technology.

Yes, except the majority of those "pirates" live in 3rd world countries and have an income that doesn't allow them to afford 1st world luxuries like internet access at home. This isn't to talk bad about people who use stuff for free, infact we'll be offering a limited version of xerobank for free, soon.

I presume from this statement you don't use a bank.

Now adays, banks are more like you describe: transparent and without any privacy but with lots of oversight. Yet somehow there is no consumer confidence, and scams abound by those operating the bank because the transparency doesn't provide the verifiability that is implied. This doesn't make their constituents more secure or confident, infact banking confidence is at an all time low and is riddled with entrenched government surveillance.

Generally, they used to be private and from that confidentiality came trust. Why? Because they operated as they claimed, and all external evidence indicated that. Infact, the highest regarded privacy and confidentiality from banks came from those that were the most opaque: swiss banks. Trust of privacy systems stems from their opacity of the content inside them, not the transparency of the walls around them.

You don't have to, infact the paranoid can never be satisfied. But I think the evidence speaks for itself: our network has never been broken. The one you prefer, has been and will be again. There is some level of disconnect there where paranoid people prefer honestly bad solutions rather than confidentially secure solutions because their curiosity bothers them more than their integrity. But it all comes down to trust again.

But you are right, the verifiability from the user side isn't possible because that would constitute a giving intelligence to adversaries. How can I verify your swiss bank account has the balance in it that you claim? I can't.

The vast majority however were naked. But if you want to get into semantics, yes there were a fraction of a percent of tor users who weren't affected. Especially those who had been protected by using JanusVM, which is the whole point: don't access tor without layer 4 protection or better.

Technically he is being accurate in that the tor *network* wasn't hijacked, but the majority of tor *users* were. What do you call it when 100k+ users are diverted off the tor network to a private compromised network? In a participation-based network, we would classify that as complete compromise: tor was empty (anonymity set dropped to ~0), and the compromised network was full of tor ex-users who were none the wiser.

The OpenVPN project seems to disagree with you.

But abstractly you are correct, software has bugs. But it is hard to beat tor for having vulnerabilities, but adobe and microsoft are strong competitors for that title.

Personally, I prefer a car that doesn't constantly break down. Further, it wouldn't fill me with trust and satisfaction if I had a car that constantly broke or was recalled, no matter how quickly or often the manufacturer fixed the problem.

A system that requires increasingly complex "fixes" for addressing design (flaw) issues doesn't meet that standard. We don't have directory authorities to compromise. We don't have evil exit nodes to inject traffic. We don't have participants to launch sybil attacks, etc.

I prefer when things are done right the first time, and I also find that elegant and robust solutions that don't have complex parts to break are usually more reliable and higher performing. Perhaps that is why even the Tor Project previously hired current xb team members to develop software and patches to deal with those security vulnerabilities.

 

Thanks for taking your time and answering my points.

Too bad we can never agree on the basic problem you so eloquently described with "Privacy components should be opaque, blackbox, and without logs."

Though you must have misunderstood me with the remark about banks. (I also have to say this is a flawed analogy because swiss banks never claimed they don't know: who their customers are, what "data" they transfer, and who they are dealing with. All they promise is to keep that info private from OTHER 3rd parties which one could never verify, here the analogy works again)
How can we assure privacy? We need strong crypto that needs to be "open" - we agreed on that. It can mathematically assure confidentiality and integrity. Further we need a way to control all parties involved, oversight, checks and balances. Without it things might appear more secure to the average customer because he'll never be notified if something "bad" happened.
If there's a security breach in a corporation, if there's a serious vulnerability in software it will be almost always be covered up unless there's outside control that keeps everyone honest.

It's also too bad you have this incredibly sophisticated system and you can't show the world how it works and silence all the naysayers because that would break its security.

We can't even agree on the fact that a system based on few nodes is "inherently vulernable to government pressure".
Outside US/UK/EU jurisdiction?
Panama...

Or that Tor isn't inherently more vulnerable to traffic analysis?
Going by what information is publicly available there aren't a lot of "active" xerobank customers. A few thousand maybe. (It wouldn't be a big problem for the security of your network to reveal that?)
You can reduce the complexity of such attack by filtering out all non English speaking users accessing content in their own language and time of day/time zones. One could easily determine that whenever customer X connects to xb a new connection is opened to domain y. People generally are very predictable and creatures of habit.
This doesn't prove anything yet, but statistically X's anonymity is broken, especially if he continues using the same circuit for other sites as well.
Then you just need good old physical wiretapping, evil maid etc. in case xb takes too long to activate the logging.

re OpenVPN, note the "Not to our knowledge (as of 2004.12.08 )"
other sources disagree...
http://www.cvedetails.com/vendor/3278/Openvpn.html
for reverence:
http://www.cvedetails.com/vendor/3132/TOR.html

Tor through a transparent proxy isn't like a car that "constantly breaks down". Further misuse of that analogy doesn't bring us any closer to a solution either.
If you know of an attack that works against a "properly configured" Tor installation or could demonstrate that you can deface a Tor user, that would give your claims about Tor so much more credibility. You've done so in the past and never delivered (deanonymizer).

I see this always get missed but Tor is more than http tunneling, the exit node "vulnerability" is the most likely threat but it doesn't exist if you use hiddenservices/onioncat (or use TLS and know what to look for).

 

It's my pleasure; sadly I often don't have time to visit this forum as often as i would like, but intelligent debate is pretty rewarding.

It probably requires more explanation and we might get to an agreement on the terms and limits. There is a group-think trend today that transparency can solve bad governance, but it can't. Consider, if you needed to see all the opaque content, that destroys encryption. Maybe there is a better analogy. When I talk about opaque privacy and transparent security modules, think about crypto: The encryption algorithm MUST be source viewable and auditable (transparent). Agreed? However, the password or crypto keys input into the encryption algorithm MUST be secret (opaque) in order to maintain integrity of the data. It is this way with anonymity as well: The software involved must be open source, but the operations must be opaque.

Tor does this with key negotiation in the onion layers. The opacity of the privacy component is maintained. But the software and how it works must be known to the operator. In the case of tor, every user is the operator so the entire system has to be exposed. In the case of xerobank, only xero networks is the operator. So while it may not as easily engender good feelings because you can't see behind the curtain, it follows the same principle and acquires the additional advantage of operational secrecy to deny adversarial intelligence.

Agreed. And internally, we do have oversight. But again, even with oversight, there is a level of trust that is exercised because the threat of rogue admins can only be mitigated to a certain degree. Regarding the customer, we know who our customers are and can contact them if anything "bad" were ever to happen. Our first duty is to protecting our clients, even at the expense of our lives. I personally would rather die than sacrifice my integrity.

It isn't that sophisticated, just powerful and elegant designs. And the explanation doesn't require any complex details, as we've outlined it in other threads on this forum. The details that people keep pressing for are specifics that are not relevant to security but only for how to duplicate our method. If you have any questions about our technical security, we're happy to discuss it.

I think the proof is in reality, not theory and speculation, not to mention there is more protection that we disclose (including panama). The reality is we've got a system that is designed to provide the strongest consumer anonymity on the market while being extremely resilliant to legal pressure. Such to the point where we used to receive 50 to 60 inquiries per year from investigators and a raid or so, and now these activities have dwindled even in the face of growing global fascism and surveillance states. Why? Because the attacks for them are costly, unsuccessful, and extremely embarrassing for them.

If you don't understand the concept that following a string across x nodes is easier versus trying to do traffic correlation on multiplexed traffic, I don't know that agreement is possible because the definitions themselves answer that question.

I'll elaborate on that: A global adversary can trivially trace back a tor connection across 3, 30, or 3000000 hops on circuit based traffic without doing any traffic matching/correlation and only doing netflow analysis. Not so with XeroBank. The global adversary will have to devote more resources and have stronger motivation to compromise our multiplex network.

You're still thinking like tor. Tor handles a few streams per client, called circuits, somewhere around 8 last time i checked, and only connection-based TCP. XeroBank handles thousands of data streams per client across all applications, including UDP and TCP. A tor user connects and visits a website and disconnects. A xerobank user connects, and thousands of streams can be opened, and the user doesn't disconnect until he shuts down his computer.

A xerobank user doesn't just surf anonymously. His entire internet experience become anonymous.

Excellent links. You should read those a little further. The "dangerous" remote code executions don't apply to xerobank customers. In the case of xerobank, it would have to be xerobank doing the attacks. Which of course doesn't make any sense or expand the attack landscape, because we are already in the trust domain of the user who is running xerobank software he downloaded from us and is already sending his traffic to us. So those vulnerabilities aren't applicable to xerobank users. The attacks on tor, however, anybody can perform those because anyone can participate and are applicable to tor users.

Only if that transparent proxy is a VM or hardware device. If it is the standard tor software or tor bundle, it seems to be directly applicable: Tor gets a vulnerability exposed (who knows how many years it was exploited before someone informed tor about it) and then you consider Tor broken. They issue a patch and an apology and you have to download new tor software. That is a repair. Tor gets severely broken and sends out a warning to all users that they must update immediately. We call that a recall. Seems like a good analogy to me.

Are you sure about that? Deanonymizer to date has unmasked over 1,400 tor users on the results page when i checked last year. And that was when we were updating it. We should probably put what % of users who took that test failed so you can get a more accurate picture.

If the only way to use tor safely is for hidden services, there is no point in using tor for 99.9% of their users, whom aren't using hidden services at all.

 

Thanks Steve.
I have to admit you know how to sell your stuff. Save to say we won't be able to solve our disagreement.

There are different views on these matters and I hope I presented one that is critical of the concept of centralized anonymity and privacy. I'm certainly not the most qualified one to do that but I think there's some valuable information in this threat for everyone reading it. Draw your own conclusions...