Blogs

Crowdfunding the Future (of Hidden Services)

Hidden Services have received a lot of attention in 2015, and Tor is at the center of this conversation. Hidden Services are a Tor technology that allows users to connect to services (blogs, chats, and many other things) with neither the user nor the site giving up identifying information.

In fact, anything you can build on the internet, you can build on hidden services. But they're better--they give users things that normal networking doesn't authentication and confidentiality are built in; anonymity is built in. An internet based on hidden services would be an internet with Tor built in--a feature that users could take for granted. Think of what this might mean to millions of users in countries like China, Iran, or the UK. Yet currently, only about 4% of Tor's traffic comes from hidden services.

So we at Tor have been considering how we might meet the challenge of making them more widely available. In this post, we will briefly discuss the role of hidden services before we explore the idea of using crowdfunding to pay for bold, long-term tech initiatives that will begin to fulfill the promise of this technology.

Hidden Services are a critical part of Tor's ecosystem

Hidden Services provide a means for Tor users to create sites and services that are accessible exclusively within the Tor network, with privacy and security features that make them useful and appealing for a wide variety of applications.

For example, hidden services are currently used by activists and journalists to publish blogs--in anonymity and free from retaliation. They are used by NGOs to securely receive information on government corruption and injustice from concerned citizens. Newspapers such as the Washington Post, and human rights groups such as Amnesty International use them to receive leaked information. They are used by people looking for the latest cat facts, companies that want to secure the path of their clients or by people chatting securely and anonymously -- including at-risk journalists talking to sources.

In addition, developers use hidden services as a building block to incorporate Tor's security and anonymity features into totally separate products. The potential of hidden services is huge, and much of it is yet to be explored.

Next Steps for Hidden Services

We want to make this technology available to the wider public as these services will play a key role in the future of secure communications. This means that we must increase the uses for hidden services, bring them to mobile platforms for anonymous mobile apps, and vastly increase the number of people who use them.

Since our goal is wider use, it is imperative that we build them to be more secure, easier to set up, better performing, and more usable. Clearly, the questions that we answer in early deployment efforts will inform how we answer the deeper questions pertaining to massive worldwide deployment.

We must engage a large number of people to bring hidden services to the next level. Until now, hidden services development largely relied on the volunteer work of developers in their spare time. This will not be sufficient if we are to make the leap to transformative hidden services.

We are currently evaluating funding strategies that will support our Hidden Service initiatives in the short-, intermediate- and long-term. In order to fit the requirements more conservative large funders have, so we can fully sponsor the Next Generation Hidden Services, we must put preliminary pieces in place. And for that we will reach out to crowdfunding. To do this right, we need your feedback.

Why Crowdfunding?

Crowdfunding allows us to engage the broader community in grasping the opportunity that this new technology promises. We are confident that we can deliver significant advancements in the hidden services field in the short-term, and that many small donors who understand their context will be eager to contribute. We intend to begin by prioritizing the improvement of the security, usability, and performance of the current hidden services system.

Further, we want to make sure we support the efforts of community projects and that the community is participating in shaping the evolution of hidden services. For example, it would be important to assist and improve the Tor integration of projects such as SecureDrop, Pond, Ahmia and Ricochet. We are in the unique position to be able to shape the Tor protocol to make these projects easier to use and better performing, and we would like to identify ways to promote broader deployment of these projects.

Identifying, prioritizing and meeting future challenges will require engagement throughout the greater community. For instance, as changes and enhancements are introduced, we hope to speak with the best bug hunters, cryptographers and privacy experts and ask them to audit our code and designs. Non-technical users could help us evaluate the usability of our improvements.

For this crowdfunding campaign we have identified a few possible ideas-- but the point of this post is to ask you for yours. Here are three projects that we have come up with so far:

  • Information Panel for Hidden Service Operators

  • An application that Hidden Service operators could use to learn more about the activity of their Hidden Service. The operator would have access to information on user activity, security information, etc., and will receive important system-generated updates, including log messages


  • Fast-but-not-hidden services

  • A way to set up public hidden services with improved performance but reduced server-side anonymity. Basically, hidden services that don't care about anonymity but still want to protect their clients with Tor's cryptography and anonymity, will be able to run faster since they don't need to protect their own anonymity. This is an optional feature that suits the needs of large sites like Facebook and reddit, and will make their hidden services faster while also reducing the traffic they cause to the network. Also by optimizing for performance in this specialized feature, we can optimize for security even more in the default hidden services configuration.


  • Next Generation Hidden Services

  • Tor has been at the center of hidden services from the beginning. We have big lists of changes we need to do to the Tor protocol to increase the security of hidden services against cryptanalysis, DoS and deanonymization attacks. We also want to improve guard security, allow operators to store their cryptographic keys offline and enable scaling of hidden services to new levels. This is a big project but we hope to start crunching through it as part of this crowdfunding campaign.


    Your Idea for Hidden Services?

    Long story short, we are looking for feedback!

  • What hidden services projects would you like to see us crowdfund?

  • How do you use hidden services; what makes them important to you? How you want to see them evolve?

  • We'd love to hear your ideas on picking crowdfunding rewards and stretch goals.
    Also, we are curious about which crowdfunding platforms you prefer and why.

  • Feel free to use the comments of this blog, or contact us directly at tor-assistants@torproject.org. Also see our wiki page with more information!

    In the following weeks, we will update you on our progress, incorporating feedback we receive from the community. We hope to make this process as transparent and public as possible!

    Thanks!

    EDIT: The "Unhidden Services" paragraph was expanded and changed to "Fast-but-not-hidden Services". The previous name was too scary and the description not sufficient to show the potential of the project. Please send us better names for this feature!

    Tor Weekly News — March 25th, 2015

    Welcome to the twelfth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

    Tor 0.2.4.26, 0.2.5.11, and 0.2.6.5-rc are out

    Nick Mathewson announced three new releases by the core Tor team. Versions 0.2.4.26 and 0.2.5.11 are updates to the stable release series, featuring backports from later releases and an updated list of Tor directory authorities.

    Tor 0.2.6.5-rc, meanwhile, is the second release candidate in the upcoming Tor 0.2.6 series. It fixes a couple of possible crashes, and makes it easier to run Tor inside the Shadow network simulator. To find out more about all the new features that are expected in this release series, take a look at Nick’s guide on the Tor blog.

    Please see the release announcements for details of all changes, and download the source code from the distribution directory.

    Tor Browser 4.0.5 is out

    Following the disclosure of two potentially serious security flaws in Firefox, the Tor Browser team announced a pointfix release of the privacy-preserving browser. Tor Browser 4.0.5 is based on Firefox 31.5.3 ESR, fixing flaws in the handling of SVG files and Javascript bounds checking that could have allowed an adversary to run malicious code on a target machine.

    This is an important security update, and all users of the stable Tor Browser should upgrade as soon as possible. Users of the alpha Tor Browser release channel will need to wait another week for an updated version; in the meantime, as Georg Koppen explained, they “are strongly recommended to use Tor Browser 4.0.5”. Download your copy of the new Tor Browser from the project page.

    Tails 1.3.1 is out

    The Tails 1.3.1 emergency release was put out on March 23, following the Firefox security announcement. As well as Tor Browser 4.0.5, this release includes updates to key software, fixing numerous security issues. All Tails users must upgrade as soon as possible; see the announcement for download instructions.

    This release is also the first to be signed by the Tails team’s new OpenPGP signing key. For full details of the new key, see the team’s announcement.

    Who runs most of the Tor network?

    The Tor network is a diverse and mostly decentralized system, and it would not exist without the efforts of thousands of volunteer relay operators around the world. Some focus on the task of maintaining a single relay, while others set up “families” of nodes that handle a larger share of Tor traffic.

    In an effort to identify the largest (publicly-declared) groupings of relays on the Tor network today, Nusenu posted a list of entries found in the MyFamily field of Tor relay configuration files, grouped by total “consensus weight”. This list also includes other relevant data such as the number of Autonomous Systems, /16 IP address blocks, and country codes in which these relays are located; as Nusenu says, “more is better” for these statistics, at least as far as diversity is concerned. If the concentration of relays in one location is too high, there is a greater risk that a single adversary will be able to see a large proportion of Tor traffic.

    Nusenu also posted shorter lists of the largest relay families sorted by contact information, and in the course of all this research was able to notify some relay operators of problems with their configuration. The future of the MyFamily setting is still being discussed; in the meantime, thanks to Nusenu for this impressive effort!

    Miscellaneous news

    Nathan Freitas announced Orbot version 15-alpha-5, bringing support for the meek and obfs4 pluggable transports, QR code bridge distribution, and other new features closer to a stable release.

    George Kadianakis invited feedback on proposal 243, which would require Tor relays to earn the “Stable” flag before they are allowed to act as onion service directories, making it harder for malicious relay operators to launch denial-of-service attacks on onion services.

    Nick Mathewson asked for comments on a list of possible future improvements to Tor’s controller protocol: “This is a brainstorming exercise, not a declaration of intent. The goal right now is to generate a lot of ideas and thoughts now, and to make decisions about what to build later.”

    David Fifield wondered why many of the graphs of Tor user numbers on the Metrics portal appear to show weekly cycles.

    Jens Kubieziel posted a list of ideas for the further development of the Torservers organization, following recent discussions.

    Mashael AlSabah and Ian Goldberg published “Performance and Security Improvements for Tor: A Survey”, a detailed introduction to the current state of research into performance and security on the Tor network. If you want to get up to speed on the most important technical questions facing the Tor development community, start here!

    Aaron Johnson announced that this year’s Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETS) is accepting two-page talk proposals, rather than full-length papers, in the hope that “this will make it even easier for more of the Tor community to participate, especially people who don’t write research papers for a living”. If you can offer “new ideas, spirited debates, or controversial perspectives on privacy (and lack thereof)”, see the Workshop’s website for submission guidelines.


    This issue of Tor Weekly News has been assembled by Harmony, the Tails team, nicoo, and other contributors.

    Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

    Tor 0.2.4.26 and 0.2.5.11 are released

    Hello! I released Tor 0.2.4.26 and 0.2.5.11 last week. This is the formal announcement.

    (Per usual practice with non-critical stable releases, I've delayed
    the tor-announce announcement to give distributions have a chance to
    make packages. If you are a packager and you didn't notice that,
    please let me know and I'll put you on the list of people I notify
    extra-early about new releases.)

    Tor 0.2.4 and 0.2.5 are stable release series. Going forward, they will continue to only receive patches for really serious issues.

    You can get the source code for Tor 0.2.4.26 and 0.2.5.11 from the download page, or at https://dist.torproject.org/. If you're running TorBrowser 4.0.5, you already have Tor 0.2.5.11. Remember to check the signatures!

    The changelogs follow below... read more »

    Tor Browser 4.0.5 is released

    A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

    Tor Browser 4.0.5 is based on Firefox ESR 31.5.3, which features important security updates to Firefox. Additionally, it contains updates to Tor and NoScript.

    Note to Tor Browser alpha users: There won't be a corresponding alpha release based on Firefox ESR 31.5.3 this time as we are currently in the midst of preparing releases based on ESR 31.6.0. Alpha users that can't wait another week are strongly recommended to use the Tor Browser 4.0.5 meanwhile.

    Here is the changelog since 4.0.4:

    • All Platforms
      • Update Firefox to 31.5.3esr
      • Update Tor 0.2.5.11
      • Update NoScript to 2.6.9.19

    Tor 0.2.6.5-rc is released

    Tor 0.2.6.5-rc is the second and (hopefully) last release candidate in the 0.2.6. It fixes a small number of bugs found in 0.2.6.4-rc. It is the smallest 0.2.6 release to date, but has a couple of important fixes.

    You can download the source from the website; I'd hope that the releveant packages will be online before long, and that this will ship with the next TorBrowser.

    If you're curious about all the cool features coming up in Tor 0.2.6, I wrote a post about it a couple of weeks ago.

    Changes in version 0.2.6.5-rc - 2015-03-18

    • Major bugfixes (client):
      • Avoid crashing when making certain configuration option changes on clients. Fixes bug 15245; bugfix on 0.2.6.3-alpha. Reported by "anonym".
    • Major bugfixes (pluggable transports):
      • Initialize the extended OR Port authentication cookie before launching pluggable transports. This prevents a race condition that occured when server-side pluggable transports would cache the authentication cookie before it has been (re)generated. Fixes bug 15240; bugfix on 0.2.5.1-alpha.
    • Major bugfixes (portability):
      • Do not crash on startup when running on Solaris. Fixes a bug related to our fix for 9495; bugfix on 0.2.6.1-alpha. Reported by "ruebezahl".
    • Minor features (heartbeat):
      • On relays, report how many connections we negotiated using each version of the Tor link protocols. This information will let us know if removing support for very old versions of the Tor protocols is harming the network. Closes ticket 15212.
    • Code simplification and refactoring:
      • Refactor main loop to extract the 'loop' part. This makes it easier to run Tor under Shadow. Closes ticket 15176.

    Tor Weekly News — March 18th, 2015

    Welcome to the eleventh issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

    An animated introduction to Tor

    Nima Fatemi announced the release of a short animation offering Internet users a brief and lively introduction to the tracking and surveillance they face online, and the ways in which Tor Browser can protect them. The result of a collaboration between the Tor Project and KAJART Studio, the video is available for download or sharing online, with voiceovers in five languages and subtitles in a further three.

    “But we still have work to do”, as Nima explained. “If you have an idea for making better videos and documentation, or if you’re a visual artist and you can help us explain these complex technologies in simple and understandable forms to inexperienced users”, then please see the Tor Project’s website for ways to get in touch; the same goes if you want this animation to be available in your language. See Nima’s post for further details, and be sure to share the video with your friends and contacts!

    Thanks Reddit!

    Following Reddit’s generous donation to the Tor Project, Tor developers and community members in attendance at the Circumvention Tech Festival in Valencia responded with a surprise video thank-you message. Bonus points if you can identify everyone who took part…

    Miscellaneous news

    Sukhbir Singh announced the release of TorBirdy 0.1.4. This version of the torifying wrapper for Thunderbird fixes a bug that prevented the email client from opening if three or more IMAP accounts are configured. Apart from an update to the Whonix gateway, no other features are introduced in this release.

    Mike Perry gave details of the Tor Browser release cycle, and discussed a possible synchronization with the release schedule for the core Tor software.

    Jens Kubieziel published his minutes of the Tor relay operators’ meeting in Valencia.

    Sukhbir Singh sent out his status report for February, while George Kadianakis submitted the SponsorR report, and Arturo Filastò reported on the activities of the OONI team in January and February.

    David Fifield published the regular summary of costs incurred in February by the infrastructure for meek.

    WhonixQubes offered an update on recent progress in the Whonix+Qubes project, including architecture improvements, upstream integration, better documentation, and more.

    Thanks to Peter from ftp.yzu.edu.tw for running a mirror of the Tor Project’s website and software!


    This issue of Tor Weekly News has been assembled by Harmony and Karsten Loesing.

    Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

    Releasing Tor Animation

    Dear Torizens,

    I’m thrilled to finally publish something we’ve been working on for a while.

    The “Tor Animation” is a short video to help new users and members of our community become more familiar with Tor and understand how Tor Browser protects their privacy online.

    The Tor Animation is available in the following languages for stream and download in two sizes of High Definition (~95M) and High Quality (~15M).

    Arabic: HD, HQ, YouTube
    English: HD, HQ, YouTube
    Farsi: HD, HQ, YouTube
    French: HD, HQ, YouTube
    German: HD, HQ, YouTube
    Spanish: HD, HQ, YouTube

    Subtitles are available in Arabic, Basque, Chinese, English, Farsi, Filipino/Tagalog, Finnish, French, German, Polish, Portuguese, and Spanish. (special thanks to Karsten Loesing for coordinating the translations)

    You can find all the files in this directory, which is also available via torrent.

    This could not be possible without the fantastic work of the KAJART studio (@KajartStudio) and the Tor community and we'd like to thank everyone involved.

    But we still have work to do. The idea behind this video and other activities like the UX studies is to get closer to end-users and understand their needs. So if you have an idea for making better videos and documentation, or if you're a visual artist and you can help us explain these complex technologies in simple and understandable forms to inexperienced users, please step forward and contact us.

    Please consider helping us make the video available in more languages. To make this easier for you, we've added a version of this video without the voice over for download. We'd be glad to accept translated subtitles for any language. If you're also interested in providing voice-overs, please talk to us first. Send your contributions and any feedback to tor-assistants at lists.torproject dot org or contact mrphs on IRC.

    Please download and share this video with your friends and help others understand Tor better.

    And if you liked the video, make sure you donate to the Tor Project, so we can make more cool things like this.

    With love and respect,
    Nima Fatemi

    TorBirdy 0.1.4: Fifth Beta and Bug Fix Release

    We are happy to announce the release of TorBirdy 0.1.4, our fifth beta release. This is a bug-fix release, which fixes an issue with TorBirdy 0.1.3 that prevents Thunderbird from starting if three or more than three IMAP accounts are configured. This was reported by users in several tickets (#14099, #13982, #13722, #14007, #14130) and affects all platforms.

    Changes in TorBirdy 0.1.4

    0.1.4, 09 March 2015
    * Fix bug that prevented Thunderbird with TorBirdy 0.1.3 from starting
    in profiles with more than three IMAP accounts (closes #14099, #13982,
    #13722, #14007, #14130)

    Technical Explanation

    This bug was due to a variable in a for lop that was declared twice and was affecting the enumeration of an outer loop (lines 521 and 531 in components/torbirdy.js) used to iterate over IMAP accounts. Please see commit 625f80e in the TorBirdy repository for the fix.

    Users who are not affected by this issue (less than three IMAP accounts configured) may also upgrade but note that this release does not introduce any new features.

    We offer two ways of installing TorBirdy -- either by visiting our website (GPG signature) or by visiting the Mozilla Add-ons page for TorBirdy. (TorBirdy 0.1.4 has been fully reviewed by Mozilla.)

    Using TorBirdy for the First Time?

    As a general anonymity and security note: we are still working on two known anonymity issues with Mozilla. Please make sure that you read the Before Using TorBirdy and Known TorBirdy Issues sections on the wiki before using TorBirdy.

    We had love help with getting our patches accepted, or anything that you think will help improve TorBirdy!

    Feel free to follow along with the release on the tor-talk mailing list.

    Syndicate content Syndicate content