Basic Tor question

It's only fair that if you took the time for a detailed reply I should do the same...

Transparency doesn't solve anything per se. But it empowers people to make the right decisions. But isn't that what free speech, democracy, checks and balances is all about?
To me this looks just like diversion. How does this relate to an anonymity network?
I'm not talking about governance, all I'm interested in is to know as much information as possible about a 3rd party that promises anonymity yet knows who I am and knows who I'm talking to. That by it self is a paradox, no wonder people start asking question.

Actually I notice you keep talking about privacy. But I'm not interested in privacy. For that I use end to end encryption and no solution where another party encrypts and decrypts my data and then sends it out in plain text.

This doesn't follow. The crypto analogy doesn't work much better than the car analogy.

I think you could show me around your data center and give me access to all source code and it still wouldn't make a difference regarding my trust.

Once I leave it's a black box again and you have the ability to flip a switch and record everything. I want anonymity that doesn't require trusting anybody with my identity.
This is impossible to do legally but decentralized networks, Tor isn't the only one and in my eyes far from being the strongest, brings us closer to this goal.

This is not a proof, this is only an indication.

How do you mitigate fingerprinting of the encrypted stream originating from the customer going into the network? If I look at the traffic of an ordinary desktop PC often the only active network connection is to a single website.

What about let's say a French user who visits french websites. How many are active on a given day? What if it's only a handful. What if it's Welsh and there's a single customer in Wales? Does multiplexing help against an attacker who can observe all traffic going in and out your "backbox".

I know these are borderline cases but something to think about.

Well said. But OpenVPN isn't the only application active on a PC.

Let's recap, what are the most realistic threats for a Tor user?
exit node sniffing: no problem with end to end encryption
exploits and vulnerabilities in applications, Tor itself, any web clients, security software and kernel.
Xerobank has exactly the same problem. We need to harden the clients.
Realistically firewalling the complete OS so it never connects non-proxied isn't enough because of identifiable documents one might have laying around or personal online accounts one might access from that system.

Finally, the whole "global attacker" is pretty academic.
Just like cryptography in the real world isn't usually attacked with brute force farms but rubber hose/side channels attacks a network compromise of Tor or xerobank is less likely than a good old hardware keylogger, a hidden camera, a wiretrap.

In conclusion this would mean that if one fully trusts Xerobank and believes that it works as advertised it isn't technological so much stronger that one needed to discredit Tor.
I know one argument is user friendliness and how easy it is to make errors for a newbie. But I heard they are working on a ready made proxy solution themselves.

You announced it as "breaking Tor" IIRC, without any ifs and buts attached. In fact all it does is use some "side channel" attacks which only work against people who aren't familiar with security and/or haven't configured Tor correctly. It was nothing groundbreaking, quicktime, flash, java were all known to be able to bypass the proxy settings of a browser.

Tor is alpha software, don't rely on it for strong anonymity. It says so itself when you run it. One really shouldn't be surprised that against a powerful adversary a 3 hop into the plain text internet isn't good enough.
The privacy implications are all well documented as well.
You can't blame Tor for working as it says on the tin.

Is that like a legally binding guarantee? You know, can I sue you on that?
I imagine, "Hi there xb customer, <insert 3 letters> has forced all our Xero AGs that handle traffic, 1, 2 and 3, to log all data and notify them about anything "suspicious". If you aren't doing anything wrong (you dirty terrorists) carry on and keep paying that monthly subscription. You are safe with us, just trust us. Always at your service... "
Sorry for being cynic but the first duty of an AG is always the bottom line. You can't scare away your biggest asset (that is if "they" even let you).
If Xb actually works like you describe you wouldn't have much say in any case, it wouldn't matter what you'd "personally" do.

An idea I just had: What would you say about a parallel Tor network where all nodes are operated by a few "legal entities". Customers would pay for access, one could market with better speed and more security and privacy (exit nodes, directory authority, more crowding, you name it).
Strange, sounds a lot like Xerobank, I wonder...

I'd be interested, what would you say if the Torproject announced to offer such a commercial service? They upgrade their software to 0.3 and add some mixing, padding and splitting to harden it against attacks from the outside. Customers could buy a hardware device that transparently encrypts and routes all traffic.

Oh why didn't they think of that, or anyone else for that matter (except you?)? Tor is BSD licensed there would be no problem legally speaking.
One would make money with it and offer a product that is "better" than any single hop VPN and can match your offer in every of your bullet points (so I really wonder about your previous comment about "duplicate our method").

So, why is that?
Could it be it's because people actually believe in decentralized networks? That they want to build something that makes a bit more sense than "anonymity through promise".
Note how all the major projects are at 0.something? None of them are finished, maybe they never will be finished but I applaud their efforts. It's hundred times more exciting than a commercial blackbox product. It doesn't always have to do with people being too cheap or people being so stupid that they don't believe in marketing speak...

 

This issue has always concerned me. According to the XeroBank documentation, this isn't an issue because deposit and access accounts are decoupled by the VAULTS system, and because network design prevents (or at least, complicates) connection tracing. Of course, I need to trust Steve et alia on that.

These are very good points. I believe that it's prudent to use a dedicated machine (or VM) for each identity, with no overlap of any kind -- documents, access history or whatever.

 

That's a red herring. The money trail is irrelevant because Xb and every outside observer already has your IP that connects to the entry nodes. Getting your identity from the ISP is trivial for the attackers we talk about.

 

Yes, of course, it's obvious that I'm connecting to XeroBank. However, unless that in itself becomes illegal, I don't believe that helps attackers who can't simultaneously observe all XeroBank entry and exit nodes.

In any case, I was responding to your point that XeroBank knows who I am, and who I'm connecting to. If XeroBank's claims are true, they're just another "omniscient" attacker, with no privileged information. That would be rather unique for an anonymity provider.

 

Depends on how you look at it.
Other providers too say:
"We don't keep logs, we don't look at our customers traffic except when they start DOSing us, honestly. And when LEA comes in and raids us all they find is a locked down server with no logs and all data in RAM and a kill switch"
Single hop. Nothing fancy. But when it comes down to hard facts they are exactly the same as xerobank.

Xerobank is able to log and see everything, they say so in their TOS, a single hop VPN is obviously too.
The "distinct jurisdictions" is lots of empty talk. All the states mentioned are NATO members or "friendly" states. Xerobank would never publicly reveal if they had a black room in their blackbox network (641A was kept secret too).
If you are Chinese or Russian this might be reassuring but I doubt that's their primary customer base.

So we have a provider (a single guy for all we know) whom you need to trust to be trustworthy as he says and you need to trust him that their isn't a backdoor in place already.

Now he can argue you can't prove the negative and similar tried rhetoric tricks (Steve is very experienced in these discussions, just search the net - much more than I. Let's wait for theback slash...).
But those don't change anything. It's simply not "good enough" if one says, look, I'm telling you the truth but I can't prove it because I operate a blackbox network. The fact that there hasn't been a published case of someone being prosecuted based on evidence gathered from within xerobank doesn't prove anything either. You don't give up inteligence sources like that.

I'm not saying this is happening. But it's possible and that should be concern enough. You don't have to be "paranoid" to be worried. Let's start with critically thinking and cut through all the BS right to the facts, or more to the point the complete lack of any reassuring facts.

 

Indeed.

Customers typically have no "hard facts" -- except the fact that they need to trust their providers. In that sense, XeroBank is the same as single hop VPNs, because in either case, you're hosed if they betray you. OTOH, if they're both being honest about their services, XeroBank is clearly more secure than single hop VPNs through multiplexing, crowding and so on.

IMHO, their PP and TOS are rather ambiguous about that. As I recall, Steve has stated that XeroBank has never been compelled to even attempt to break its customers' anonymity. Perhaps he will clarify that.

Indeed. AFAIK, Steve's always been clear that users need to trust providers.

Technical facts are indeed hard to come by for users of anonymity services. However, users can assess potential providers by looking at what they've done and what others say about them.

 

My previous questions weren't rhetorical. I really am interested in your replies.

Transparency lends the illusion of integrity, because things designed or run poorly in the open look the same as things designed well in the open if you aren't an expert. Humans rely on groupthink, stereotypes, bias, and other mental shortcuts to reach decisions. They aren't actually researching the tech down to a mathematical level, breaking out fuzzers for bugfinding, performing traffic tests, researching the code quality and security model, etc. They are humans, so the currency they deal in is trust, but not trust based on their own research, but trust based on the opinions of others they perceive as authorities. So typically the "right" decisions aren't so much about being correct or secure as about being popular or well spoken of. That is the "wisdom of the masses". In this particular case, whomever has the most positive comments, publicity, community gets the most trust. The illusion is that trust is verified. The real question is what level of information from a 3rd party, with strategies and intellectual property to protect, would actually satisfy you?

In tor, the person who knows your identity (entry node) and who you are talking to (exit node) are broken apart. That is not because this is more secure or affects your anonymity, you are just splitting your trust domain. The reason this is done in tor is because it is required: untrustworthy nodes are allowed to participate, so therefore you can't allow them to know enough pieces of the puzzle because they can't be trusted as a partner. If you eliminate the untrustworthy nodes, there is no longer a need to separate the two across different entities.

Then you may not be interested in anonymity, because it is not possible without privacy. Privacy is essential for achieving anonymity, necessitating the differentiation between security (transparency) and privacy (opacity) working together to clarify their roles. When transparency starts encroaching into the realm of privacy, it will erode anonymity. There is no such thing as a transparent anonymity network. However, a completely opaque anonymity network is possible. Infact, the strongest anonymity ever designed (immune to all traffic analysis), zero knowledge protocols, were completely opaque.

I'm not sure there is a simpler way to explain it.

I agree.

You are always forced to trust someone. In tor's instance you are trusting the directory authorities, which can "flip a switch" and hijack your entire session and traffic and capture your identity without notifying you. The false warm fuzzies of transparency can blind you to the real trust model. It always comes back to trust in every system. Since trust is relatively illusory, it is wise to trust the fewest entities with the highest integrity.

So again, do you trust the network that has been broken and will be broken again, or the one that has never been broken? Which has higher integrity by that simple definition?

Being that we live in reality rather than on paper or in theory, I would say effective practicality and track record is not only the bottom line but perhaps the only line.

Really? When I run a netstat command, i see hundreds of active connections (these all go through our vpn). Do you mean the encrypted properties of the transfer, like download size and latencies?

Depends on the attacker's technique. Some attacks are more effective than others. For example, a netflow attack won't work properly, but traffic correlation on encrypted fingerpints can work better (we do some trivial traffic shaping), and timing attacks will work best.

Protecting the host against running malicious programs is outside of the threat model.

Mostly, except for a big key difference: Side-channel attacks against 3rd party applications work against tor to cause IP leaks, but they don't work well against VPNs.

I couldn't agree more. This is why we are working on Safehouse, a new virtualized platform that is a universal vpn client and can connect to virtually any anonymity network.

Agreed. Safehouse addresses this by sandboxing the network-exposed OS inside a hardened linux environment. And it also defeats browser fingerprinting attacks

It seems academic, I agree, but only because of the subtlety of ubiquitous and powerful surveillance. However, for the NSA, GCHQ, MSS, and a handful of other intelligence agencies it is a daily reality and a very real goal to be able to deanonymize anonymity networks when needed. However, there is a goldilocks zone in there, but it requires more elaboration.

My only real argument here is to not ascribe faith and attribute it to trust, because it is often misplaced. That tor users aren't aware that they were massively compromised multiple times is a rather serious issue that doesn't square with the level of trust granted, which undermines the concept of transparency that is so championed.

Deanonymizer utilized multiple unique 0-day attacks that we discovered, and worked against a properly and default configured tor software suite, not just tinkered or misconfigured versions. The point is to illustrate that the solution of many providers is not sufficient for the risky behavior their users engage in. More importantly, it demonstrates the need for vpn implementation clients rather than standalone proxy applications.

That isn't my argument. My argument is that it doesn't take a global adversary to compromise all tor users, it was done remotely with a single machine. XeroBank's users cannot be defeated by such a trivial attacker.

Yes. I have little flexiblity when it comes to integrity.

That isn't the exact protocol, lol. Investigation, evaluation, and execution in a little more apt.

Don't be ridiculous, all the terrorist use tor, duh.

I'll assume you mean corporations. Generally yes. The first duty of a corporation is to maximize the value for shareholders because they have voting rights and agency. But xero networks isn't set up like a normal company; investors don't have voting rights or even operational influence in order to avoid agency conflicts. Admins are empowered to say "no" to questionable orders without recourse. And yes, xero would not allow the network to continue to run if put under duress.

While it is true that I don't have sufficient influence to corrupt the network, I do have sufficient influence to bring an investigation that may result in drastic measures to prevent users from being compromised. For better or worse, my name is closely tied to xerobank, regardless of influence, so when I pledge my integrity to its operation in advisory capacity, by extension I vouch for those on the xb team and xero networks in the limits of their respective roles.

Tor isn't an efficient design for a single trust entity network, nor is it commercially viable. There is no need for 3 hops, directory authorities, proprietary clients. The performance of onion routing is too low and too slow, the technologies insufficient to protect against moderate analysis by global adversaries, and the capabilities insufficient to be used for a full VPN. Ironkey tried this and it limped along and finally died a quiet death.

XeroBank is fast, powerful, and elegant. We employ true anonymity technologies like multiplexing to provide stronger protections, we are protocol agnostic routing both UDP and TCP, and our system is robust enough to handle all network traffic for thousands of users. Hell, we even have a type of node for web surfing only that can handle 20,000+ concurrent users with little performance degradation. Keep wondering.

Our team sold hardware security devices that did exactly this for years before it occurred to tor. So I would say good luck, and thanks again for the recognition that our innovations are still worth imitating.

It sounds like you are saying we use similar technologies or techniques, which is wildly inaccurate. XB and tor don't have the same properties or capabilities. Tor uses onion routing, xerobank uses cascades. tor users circuits, xerobank uses multiplexed streams. Tor is TCP-only, xerobank is protocol agnostic. XeroBank protects at level 4 and above, Tor protects at level 7. Tor uses directory authorities, XeroBank preshares routes. Tor can be compromised by individual participants, XeroBank cannot. They are so alien to each other, it is hard to compare them without abstraction.

I admit that is definitely a problem, but mostly one of branding and bias. Tor isn't decentralized, it is centralized in the directory authorities, which can corrupt the network and void all of the system you shouldn't be relying on for strong anonymity. The problem isn't "anonymity through promise", it is that you as the user have no real way to verify the anonymity purported, or to measure it. If you were able to have a metric for it, it would matter less if the system was public or private.

I wouldn't be so quick to call the poor "cheap", being cheap is a luxury of someone who has money to spend. As for marketing, I think they do believe it, because meaningless marketing phrases like "non-profit" and false statements like "decentralized" have come to characterize the very system you champion. The fact that you didn't know, until this very conversation, that virtually all tor users had been compromised rather implies that you've been starstruck and bamboozled, but not by me.

 

I appreciate all of the responses. Admittedly, most of them are beyond my knowledge or understanding. It's curious to me that most of the threads on this board which start off as Tor questions invariably become Xerobank questions.

Let's say that I want to post a non-traceable message on a blog, does Tor work for that? I've also heard that websites can ID one's computer through something called a MAC address - is that true? And as I understand it, even with Tor, the traffic coming back to one's computer can be recorded by one's IP provider (eg, comcast). If this is true, I'm surprised that anyone would consider Tor safe.

 

Peer review, experts, people qualified, not the "lusers" in case that wasn't clear.
Transparency is working better than secrecy on all levels if history is an indicator.

I fully disagree. It's done so on purpose to increase anonymity by design.
You aren't a "trusted partner" for me. You could be an US LEA honeypot and that's something anyone serious about his anonymity would never risk.
With Tor I risk that maybe there's an undiscovered flaw in the network and that maybe someone is doing full traffic analysis right now which may admissible in court as evidence. I think it's far from "group think" or "faith" to come to the conclusion that this is a more acceptable risk.

Are we arguing semantics now? Do you make up your own definitions on the spot?
"Everyone knows what I'm doing but no one knows who I am" Is that not possible?

I'd be very interested what a cryptography expert would say about you misusing cryptography for your analogies.
It makes no sense, you need to do a better job explaining it.

Hu, that's interesting, really.
It's also incredibly naive. But I think you are misrepresenting it on purpose.
The idea is to trust more entities less and that's a better model than trusting one completely. In one case different entities check on each other to make sure they are all honest, for a compromise they need to collude. How can I "measure" integrity? Does that come down to fuzzy feelings too (which I don't have with commercial anonymity providers).
A different model would be a darknet where you only trust people you know.

I don't know where you get the Tor is "the very system I champion", I already said I didn't. It's not completely decentralized now, but it might be one day.
Freenet is maybe closer to these goals but there's no point in pointing out their weaknesses either before they release version 1.0

"Virtually all tor users had been compromised"
I searched the internet and could not find a single evidence that would agree with this statement. I've repeated that several times and you haven't produced a single source. That leaves two options:
>It's true. Then someone has been covering this up. That would be a huge story. It's your chance to get in the media and tell everyone how your network was never compromised (which could be true or it could not be true)
>It's not true. Then please stop spreading lies.

It's meaningless. If you had been compromised it's more probable that no one would ever hear about it, especially given the threat model we are talking about.

Then you are one ridiculous multi-tasker.
I don't and most people I know don't use their network like that.

When it comes to Xerobank it's not. But when it comes to Tor it suddenly is.
Deanonymizer ONLY attacks programs outside the threat model.

Tor can work as a VPN too. Onioncat can route UDP too.

For those it's surely a piece of cake to coerce you into installing a black room?
On the one hand they are so scary that only xerobank can protect against them, on the other they have given up against you because it would be -"extremely embarrassing for them" although you would never "taunt adversaries" as it's "really unwise".
Yes, please elaborate on the 'goldilocks zone'?

1. "outside their threat model"
2. can you show me a 0day you got credited for?
3. I tried, didn't work. Others tried, didn't work. There's a thread on that here if anyone wants to check.
Of the 1400 people, how many do you think purposely engaged in "risky behaviour" just to check if your tool did ANYTHING?

Then tell us how the protocol works.

You don't say! What did I expect, a confession?

Thanks, so how does it work?
I understand all you need to connect to xb is a OpenVPN client. It will take your package which contain the destination IP and possibly plain text data, encrypt that and send it to an entry node.
Unlike other VPNs it won't be decrypted there, that would be pretty stupid. Instead the stream is split, mixed with other streams and re-encrypted and sent to another node. Now we could rinse and repeat and send it to an exit node where all the layers are decrypted but that would be pretty stupid too because the exit node is "known" to the outside world and itself would have to know all the keys. A compromised exit node would lead to a full compromise of all traffic routed through it.
Let's see, how do we solve that? Reverse proxy maybe as you indicated?
The "middle node" decrypts the customer's traffic and tells the exit node to fetch data from the destination for it, encrypt it and send it their way.

Anyone see the big flaw in that design?
Unlike with onion and garlic routing you'd only need to break a single layer of encryption: get the keys off the middle node and you compromise everything.

The middle node isn't very secret. An attacker would record all the encrypted traffic of xerobank customers. Then look at what "interesting" resources are accessed by xb exit nodes. Getting a subpoena for them isn't very hard.
Now you do a live forensics in the datacenter and look at what servers the exit node is communicating with. Subpoena again, copy the keys, decrypt the traffic.
In case they regularly exchange new keys you can "only" compromise traffic from now on.

By all means this is a very weak design, no wonder someone wouldn't want to shed too much light on that.
Please tell me that I'm wrong. But also tell us how it's wrong, if it's wrong.

Hardware VPNs surely have been around long before Xerobank.

 

Just thought I would chime in on this... I searched all over the internet too. I have yet to find this story ANYWHERE. Maybe Steve can clarify this.

Also maybe I am to simple minded or naive but for me Using tor plus SSL on websites makes it awfully hard to track or read traffic. And if a website doesnt offer SSL I either use https proxy provided by ixquick: https://www.ixquick.com/proxy/eng/help.html or this https proxy: https://proxy-service.de/ I know that proxy-service.de keeps logs but what will they log? not my real IP but the IP of the tor exit node. I have flash, java, geolocation, etc disabled and even run it in a vmware machine. I still do not log into websites like banking or amazon etc that require username and passwords. Sure it may not be as fast as Xerobank but as far as being untraceable as far as I can tell that setup should work pretty well.

If all the tor nodes are working together and snooping traffic (virtually impossible from everything I have read and understood) what would they see? All they would see is encrypted ssl traffic. So even if some authority traced the IP to the tor exit node and the tor exit node kept logs (which not all do) how could they read the traffic? How would they know where to go from there?

Then again maybe Ive got this all wrong... But this is my understanding.
Id rather have this than a centralized VPN of any sort.

Also I have discussed this before here: https://www.wilderssecurity.com/showthread.php?t=280059

 

You're not the only one that finds it slightly discouraging. I wanted to talk tor because you've got good questions.

Yes, somewhat. If the blog requires that you register and verify using an email system, you may find it takes 15 to 30 minutes just to make your first post. In that case, I would suggest using something like yopmail.

Myth. Not unless you allow the website to download and run applications on your computer.

Yes and no. The ISP can't see the content, it is opaque to them (encrypted). But they can see you are connected to tor. And if you aren't using a VPN to connect, you may be leaking DNS which tells the ISP which webpages you are surfing to.

 

Actually the payload was published. Somehow, within 30 minutes of being published, it managed to disappear from google cache, and get erased from pastebin, and virtually ignored by secunia. Some people have powerful friends in the highest places.

That setup sounds excellent.

They aren't, it is too distributed and that wouldn't be the weak link to attack. Instead you would attempt to control traffic flows or compromise directory authorities or present strongarmed certificates or a side-channel attack if you are a weak adversary. If you are a strong adversary, you can do other types of attacks that are more successful.

In the case of local and state authorities it wouldn't work because they do not have sufficient observational power over the internet. In the case of a powerful intelligence agencies, it is trivial to compromise like following a string back to its source.

 

Transparency is not compatible with privacy. Privacy must be secret by definition. Transparency only works with security.

No, it is done by necessity. If you didn't do it, there wouldn't be any anonymity in tor. For other systems, it isn't required to achieve anonymity.

Then you didn't understand then what I said about directory authorities, and you don't understand how tor works. You are in the EXACT same position with them, and you are blindly and faithfully trusting directory authorities run by Tor Project, and you could always be victim of a ponzi attack when you do so, and that is why the tor control port attack worked. If tor project was a US LEA honeypot, you would be capable of being fully compromised. There is virtually no difference in the trust model in this respect.

Attacking me is not a substitute for attacking my argument. Perhaps I should have clarified that I am talking about anonymity on the internet, not at alcoholics anonymous. Or do you think you are anonymous if you don't use encryption and allow your ISP can see all your traffic? Anonymity requires privacy. Privacy is opaque.

I think it is you who does not understand the difference in transparency and opacity, security and privacy. Someone get justin troutman in here.

Clearly the evidence in reality has been disproven by your opinion, so there is no point in arguing this further.

Only for a collusion based compromise. Last time I checked, none of the many successful attacks on tor ever had to use this, except for an unpublished attack that did this through traffic redirection so that it influenced your route and thus your peers who were colluding.

Infact, for about ~$10k / month, you could buy the integrity of tor by stuffing the amount of nodes in the network so that you have increasing odds of controlling two nodes in a circuit, which is what is required to beat tor the hard way. Yes, I just said the integrity of the tor network is for sale, cheap, to anyone with money. This will always be a vulnerability for tor by design.

It blows my mind that people do not understand these systemic weaknesses of tor. The question you should be asking is why you weren't told this openly by the tor project themselves, and instead learned it at the hands of some guy on a security forum. I answer your questions, so answer mine.

Aren't you deeply disturbed that you didn't know all tor users were compromised? Aren't you shocked that the integrity of the tor network can be bought and sold like a cheap car? If you are, why would you continue to trust Tor at all? And if you aren't, WHY?

It is time to shake off the cognitive dissonance and re-evaluate what you trust and why. Forget XB, this isn't a tit-for-tat. My question is only about you, Tor, and trust.

Apparently with tor it can be measured in dollars. I await your responses.

 

I can of course answer your statements point for point like above but I don't see why we should continue doing that given this very last question.

My question is about Xb, and Xb only. I asked you some questions which you can't or won't answer for to the reader now obvious reasons.
Instead you divert us with analogies and abstractions that didn't clear up a single thing.
The talk about transparency, security, privacy? Do you seriously believe anyone believes that? You don't discern between privacy and secrecy, cryptography and anonymity and even privacy and anonymity.
It's a nice tactic but I doubt it's working in your favour.

Instead of making these single sentence maxims, why can't you explain you own theories and opinions (as what you provide is nothing more than that) in plain English?

I've stated several times that I don't believe that Tor today offers strong anonymity against a serious adversary. You are attacking a straw man here.
But Xb doesn't offer strong anonymity either as I've repeatedly explained.
It's legally weak, its trust model is weak and I also question it's technical level in several points. A few you admitted to be true, the major ones raised in the last post you didn't bother to reply to.

 

Please see the thread title, it is about Tor. If you have xb questions, that should be moved to a different thread.

Actually, I've answered practically all of your questions point for point on all your posts. You haven't answered any of mine I don't think.

Absouletly, the statements are sound and valid. I can't help if you don't understand them, you may be operating with non standard ideas about what these things are. I spend lots of time thinking about the primitive concepts of anonymity, because they are honestly rather confused the way most people use them.

I thought I was pretty clear on it. I'll state it again:

Privacy and Security are two sides of the same coin, you can't eliminate one without losing the other.

Security requires Transparency, it is good and enables verifiability that the code does what it says and acts how it is purported. Without transparency, security cannot be trusted. Security is embodied in encryption algorithms and similar. An analogy would be a tamper-evident envelope. A violation of this principle would be not using password protection.

Privacy requires Opacity, it is good and enables the data to pass through a security system without compromising the content. Without opacity, content cannot be protected. Privacy is embodied in encrypted data. An analogy would be the letter that goes inside the envelope. A violation of this principle would be sharing your password.

Anonymity requires trust, security, and privacy. The trust components are the peers and peer discovery mechanism. The security component is the softwares on the client and peer(s). The privacy component is the encrypted data and key negotiations that are passing through the client and peer softwares. These aren't the only things that anonymity needs to exist, but they are the ones relevant to this discussion.

I'm not (yet) saying xerobank offers strong anonymity. I will say it offers stronger anonymity than tor because of the comparative properties and effective protection. But i'm not here to discuss xb, this is a tor thread.

I disagree. But the reason I didn't finish answering that particular set of questions is because I've answered practically all of your questions prior, and you've answered none of mine. It comes off as disingenuous to say I haven't answered your questions when I've shown you exceeding patience and extensive detail.

 

Where as this payload published? So your saying the stolen data was published?

Good to hear

In the case of strongarmed certificates doesnt firefox already help protect from that? and tools like this https://www.wilderssecurity.com/showthread.php?t=291958 and this tool which I use: http://netcertscanner.com/sslcertscanner.php or am I incorrect?
As far as side-channel attacks go. I believe having plugins java etc disabled and using ssl have me covered from them. What other types of attacks would be more successful?

So how would they follow the string if all the traffic was ssl? on top of that ixquick does'nt even keep any logs anyway. so where would they even begin with that? But lets assume were talking about proxy-service.de which does keep logs. So they look at the logs and see it points to the Tor exit node IP. They find that computer that is the exit node. They look at the logs.(Assuming it keeps logs) I know they can see that I visited proxy-service.de but after that the traffic is encrypted. Maybe other people also had a request to proxy-service.de? I guess then they would have to narrow down the time at which that tor exit node visited whatever site. Then they could track it to the next computer in the tor circuit. But lets assume the next computer didn't even keep logs? I'm pretty sure they are out of luck.. I could go on and on. Just seems as there would have to be a lot of things EXACTLY right to follow the string. Maybe I am wrong? I don't claim to be an expert nor do I even need such an anonymous web browsing setup but I enjoy discussing these things.

Also I was wondering What if on top of everything else all the traffic was through a VPN.

VPN + Tor + SSL

Would that make the setup any better?

 

Yes, those help. You can protect yourself very well against "side-channel attacks". Use a transparent forced proxy and you can safely use plugins (though keep them updated and sandboxed or whatever for security reasons, or just don't keep anything personal on the system you use for anonymous browsing)
Client side application level attacks are the most successful, they are the cheapest yet are more likely to stay under the radar/get lost in all the noise and "everybody is doing it" so there's less risk involved for an attacker.
On the other hand they are the ones you actually have a chance at protecting against.

By "following the strings" Steve is referring to a passive adversary who can listen to all traffic flowing over internet exchange points for example. If the entry and exit node are in the same country country or in the worst case on same ISP he doesn't have to be a "global adversary".
He can see that you connect to the entry node, and he follows all the connections from that node to the next and so on. Based on the timing of the packages sent and their properties like size and amount he can follow you traffic all across the internet despite encryption.
Of course that only works "live" and not after the fact.
But it's not a far fetched assumption that some agencies are watching and recording everything, just in case...

Discussed here: https://www.wilderssecurity.com/showthread.php?t=285780&page=9
Summary: It doesn't help against very powerful attackers, but it helps against someone who may have compromised the tor network by setting up many rogue nodes and it helps with the problem of exit nodes snooping and tampering with plain text traffic. But if you already and only use SSL it doesn't really make much of a difference in a realistic threat model.

 

Good point. Though it would be difficult to monitor I am sure especially if all the Tor nodes are in different countries. And I am sure that something like Advanced Tor could be used to assure this. http://sourceforge.net/projects/advtor/ I have tinkered with Adanced Tor but have alot to learn with it.

 

Maybe. Plain Tor already allows you to force it to use certain countries as exit nodes.

Nodes being located in different AS that aren't under the jurisdiction of the tor user makes it difficult. It really depends on where the nodes are located. I don't think Tor takes jurisdictions into account when it creates a circuit and in any case the majority of nodes is run in the US and Europe. If it's routed through different locations that aren't willing to cooperate that's where the global adversary comes into play. But remember, one doesn't have to see the complete circuit, for advanced traffic analysis a partial view can already break anonymity.

 

Not stolen data, attack details.

You're thinking of weak certificates that use rsa and weak hashing. By strongarmed certificates, I'm talking about gov approaching major vendors like godaddy/verisign/comodo and demanding a valid cert for a website that they don't own or control. In this way, the cert comes back as completely valid and signed and OCSP valid, but it isn't the certificate that the website provides, it is one that a very influential (gov) MITM would use for seamless hacking. There isn't much protection from this, unless you happen to know somehow what the right fingerprints are on the cert versus the wrong ones.

I've seen some pretty wild attacks. I've seen an attack that uses CSS to load javascript, and then uses javascript to load java. Even if you have those disabled in the browser. Other types of attacks are URI attacks and mime type exploit.

One that we have on deanonymizer.com serves you an mp3 playlist file. IE sees the playlist and instantly calls up Windows Media Player, which doesn't respect proxy settings and has a trick inside it that causes it to phone home directly bypassing tor/proxy settings. Oh, and the MP3 it serves actually reads you your real IP address for extra coolness.

It is best to run your environment in a virtual machine to avoid these kind of side-channel attacks. It also allows you to run flash, js, java etc without worry of them wrecking your anonymity. Or you could just wait till we release safehouse, which has all of that preconfigured.

They can follow an SSL stream all the way home just the same as following plaintext traffic. It is like putting a rubber duck in a stream and watching where the duck goes to follow the flow of the water.

Anonymity doesn't work that way generally unless there is a specific weakness that somehow it fixes, but you may be doing more damage by opening yourself up to other risks. Anonymity is only as strong as your weakest link. A strong solution + a weak solution = a weak solution. Not to mention, you're trusting/sharing your valuable traffic (encrypted or not) with an unnecessary additional peer who could abuse/split/analyze the traffic.

 

I see very tricky indeed... Does Xerobank protect against this?

I will definitely check out your denanonymizer. Im sure there are some pretty crazy exploits available that most people would never even imagine. So you are telling me if I am running Tor for example in Vm ware or Virtual box machine and i run Firefox in the virtual machine I can have java and flash enabled and my real IP will not be revealed? Nice to know.

Thats what I kind of figured. It really kind of adds an extra layer that is not necessary for one and even could cause more problems with the traffic being analyzed possibly.

 

It can't and it's neither in their threat model nor anybody else's anonymity service. You might be interested in addons like firefox perspectives.

Not crazy, really. If you use Tor with the mindset everybody is out to get you, you won't be surprised about anything.
Without using a VM as described you should only trust plain static http, and even that can bite you (vulnerability in the http renderer, libpng, css...)
It's primarily works based on the fact that people trust "media files" while in fact they are much more like executable code...

Can you share some details?
CSS based 0day, code execution, shellcode enables javascript?

I wouldn't say it's that easy. Depends against whom you want to be anonymous.

 

Not yet, this is outside the network threat model. But it isn't outside of the realm of protection we could provide using our client-side software. We have discussed how it could be done using Safehouse.

I edited my statement last night.

I haven't seen any proper classification for the attack, but I'm no expert in that area. I would call it a language-escalation attack. The CSS escalation, if I recall correctly, used embedded html meta-refresh to load a page with javascript prior to the browser checking to see what content was allowed and what was not. I think that would be called a race-condition. The javascript escalation to java I do not know how that worked. I'm lucky to be able to see all these crazy exploits and vulnerabilities. Three days ago I saw a java exploit that bypassed Avira and malware detection to load remote executable code on the latest firefox (common). Just last night I saw a remote XSS vulnerability on a remote-controlled hardware device (rare). We come across a lot of interesting stuff.

 

@everyone interested:
This is an interesting read and answers many questions about what threat model Tor protects against, details on active and passive global and partial attacks and the risks, reasons and mitigations for directory servers:
https://svn.torproject.org/svn/projects/design-paper/tor-design.html

The goal of Tor is to offer anonymity without having you to trust a single provider. We could also think of it as a redundancy: there must not be a single point of failure.
The main weaknesses of Tor are traffic analysis and colluding nodes. The rest are side channel attacks as we called them but those can be solved (by using a transparent proxy, only hidden servers, TLS only...)
Tor is vulnerable to traffic analysis because it makes trade-offs between performance, usability and security. The original onion routing design intended to use padding, mixing and traffic shaping, see section 1, Overview.
But since no one so far has found a solution that is practical as they say "against a realistic adversary" and on the other hand even "costly" measures aren't 100% bullet proof they took a more pragmatic route.
This hasn't been said yet but running your own node helps against non-global traffic analysis.

The only inherent weakness in the onion routing design is the fact that one can run many nodes and pretend to be many different identities which maximises the chances that you control two or more nodes in a circuit.
This can't be solved. Maybe the idea is that since the tor nodes are publicly known someone would notice that a large number of them is controlled by a single adversary. Or one makes the bet that based on the number of volunteers there are more trustworthy people running trustworthy nodes out there than bad guys have resources and persistence both to sustain the attack and stay undetected.

In summary one could say, the basic idea behind onion routing (and by that I'm referring to the original design and not a concrete implementation) is that you don't trust a single entity to protect your identity but instead trust an "anonymous" group of strangers.

 

Interesting read. Reading now but noticed it was published in 2004. Im sure many things have changed with Tor since then. Though Im sure much as stayed the same.