Help Tor Find a New Executive Director

by ailanthus | July 21, 2015

The Tor Project is continuing its world-wide search for our new Executive Director. We need your help to find this person, whether they work for a nonprofit organization, for a tech company, at a university, for an open software project, or somewhere else entirely. We are open to candidates from lots of different backgrounds.

Here's a link to our original blog post with many more details, including how to submit candidates: Tor Project Launches Worldwide Search for a New Executive Director

An excerpt:

"The Tor Project, one of the world’s strongest advocates for privacy and anonymous, open communications is currently seeking an experienced Executive Director to lead the organization. The new Executive Director will spearhead key initiatives to make the organization even more robust in its work to advance human rights and freedoms by creating and deploying anonymity and privacy technologies, advancing their scientific and popular understanding, and encouraging their use."

Please take a moment to consider whether you know a candidate, likely or unlikely, who might be a great fit for this position.

Thanks!

Comments

Please note that the comment area below has been archived.

July 22, 2015

Permalink

If I understand correctly, Roger D, currently the interim Director, says he doesn't want the job on a permanent basis. Is that still true? Some people might be discouraged from applying if they believe someone else has the inside track.

I hope you can find someone with an established record in civil liberties and/or human rights, with enough technical knowledge to win the respect of the developers, and with demonstrated leadership/media skills.

Anyway, good luck. The future of the Project (and Tor users everywhere) depend upon the Search Committee finding the right person.

Yes indeed. Here's the mail I've been sending people to encourage them to think about who would be a great person:
---

Hi !

I'd like your help with getting a great new executive director for
Tor. Some of the characteristics I'm hopeful for are a) connections in
the non-profit space, b) familiarity with the free software ethos, and c)
ability to manage people. But that said, we want many qualities in our new
execdir, and there is no single person that will have every one of them,
so we would be wise to find somebody who complements what we have already.

Please take a moment to think about whether you know somebody who would
be a great fit, or you know somebody who might know somebody. Then
either let us know, or pass this mail on, or whatever steps you think
best. Maybe this person is in the non-profit or funder space now, or
maybe they're in industry or academia or the free software world or
somewhere else. Maybe they are you! :)

And don't worry, Nick and I aren't going anywhere. But we would
love to spend more of our time on coding, designing, researching,
community-building, mentoring -- all of the things that brought Tor to
the amazing place it is today.

Here's the blog post with many more details,
including how to submit candidates:
https://blog.torproject.org/blog/tor-project-launches-world-wide-search…

Thanks!
--Roger

July 24, 2015

In reply to by Anonymous (not verified)

Permalink

Wow, that would be amazing. But I gues that's not possible due to his situation in Russia. Tor's new executive director has to be able to travel. Ed can't do this.

He should still be recruited as a developer or something equally useful that allows for remote participation. His popularity would be invaluable to the Tor community. His values are almost perfectly aligned with that of the Tor project and he is fortunately a very skilled programmer. Plus, he could probably use the money.

No, I think Ed's situation makes him a stronger candidate for Tor. His plight is one that resonates with free-thinking people around the world, and I think the fact that he's sort of stuck in Russia could make him a more effective figurehead for the Tor project... He's obviously got love and respect for the project. And a few words from him, as well as a well-placed sticker on his laptop, did a lot for creating interest and curiosity in the project. He's inspirational to so many, has a broad and deep understanding of why we need Tor. I'm hard pressed to think of someone better suited for the role. Mr. Snowden, take our money, please!

Fact is Snowden is currently officially considered a fugitive criminal in the US, and Tor is a US based organization that one of its' main PR problems is that Tor is considered by many as a criminal-friendly tool. And fact is he is a devisive figure, many americans consider him a traitor/soviet collaborator/nation securitiy risk.

If and when Snowden is exhonorated and returns to US then I'm sure it would be great to have him in the Tor team, but until then it is not possible.

If I might be so bold, why the hell is Tor still an U.S. based organization anyway?! Sure it gives you standing in US courts, but that seems to be about it on the plus side.
Keep an office and the legal form at your current base and move to Switzerland or Brazil.

Also, continuing this line of thinking, why should it matter what "many americans" consider him to be? Since these "many americans" who continiously don't use their own brains but are informed by fox news and alike have a trained attention span that equals the distance between wallpaper and wall: Who the fuck should give a shit about them until they learn?
Making them learn works about as well as bringing democracy to a country. Both are processes that need to be accomplished from within.

Furthermore, having read this, I don't think suggesting anyone without a U.S. passport makes much sense, as he/she/it could be denied from entering the U.S. or staying there anytime. Something the government sure has an interest in.

It actually really discourages me to read such standardized "the US and it's population are more important than any other country/population" on this blog.

If you can't get this out of your heads, how should the fox news audience ever achieve it?

I think Snowden is a great idea. Why would he need to travel? He is in Russia for heaven's sake. Traveling done through the web. Snowden has proved his patriotism and belief in our rights to free speech , freedom of the press , and a free from tyranny and fascism idea that was once , uniquely found in the American Constitution and the Bill of Rights.

July 24, 2015

Permalink

Seriously, Edward should be petitioned by the entire community. His efforts have been revisioned by US congress and a penalty free return is inevitable (for now he can operate remotely). Imagine the impact his leadership would have on the Tor project and the anonymity scene as a whole. Not to mention all of the knowledge he holds about surveillance and security. He is the ideal candidate.

If the Tor doesn't at least attempt to reach out to him, I'll be very disappointed. A possible result of egotism (spotlight being shifted).

His status as a respected whistleblower will help garner positive attention to the Tor project and help to reinforce our goals. He probably needs a job considering the circumstances. Let's show him support and provide him with steady income. It's the least we can do.

I can see it now... News broadcast: "Renowned whistleblower Edward Snowden has been pardoned by the US government and will be returning to the US as the executive director of a project called Tor." Enough said!

Egos aside. It wouldn't hurt to try! Please let us know when the attempt has been made :)

Cheers!

I really understand your enthusiasm. But unfortunately, we have to face reality. An executive director Edward Snowden working remotely for Tor isn't what Tor needs right know. Tor needs someone who leads the organization and represents the main face in public, which includes physical presence at events, conferences and meetings. Being the 'Big Brother' connected via video chat remotely isn't the same as physical presence at the venue.

I know it's hard but reducing expectations prevents disappointment.

@Kate Krauss: By the way, what about Jake? Isn't he the perfect representative for Tor? At least, he is doing a great job as main advocate for Tor. He's eloquent and highly skilled in the field of rhetoric. OK, I see he can't travel everywhere either (political harassment by the USG). Furthermore, he seems to be too radical to be acceptable for the funders in the USG arena.

July 25, 2015

Permalink

@moderator

It's a bit bad that it takes so long until new comments are approved. That doesn't foster the discussion.

August 07, 2015

In reply to kernelcorn

Permalink

Why not make us help you guys moderate, show some un-moderated messages on the blog, some place, and when 2+ people didn't think it was spam, or vice versa, the message get moderated.

Because that would mean messing with the blog code which:
a) no one has time for
b) is some old ancient nasty thing with a lot of kludges held together with ducttape, periodic animal sacrifices, and prayer
c) is going to be replaced hopefully sooner rather than later

yawning

July 25, 2015

Permalink

The blog backend is terrible, and there's no one formally tasked with moderating it. I periodically go through and clean out the mountains of spam that accumulates if it doesn't, I think other people do most of the legit post approval.

August 27, 2015

In reply to yawning

Permalink

A blog is a forum post with forum replies. So, use a forum. That's what we do in all of the projects I have a lead administrative role in. I recommend Simple Machines Forum (SMF). You can see how I use SMF for my personal business blog at livebusinesschat.com (LBC), and you can also see how we use it in a much more sophisticated way, including as a simple bug tracker, at forum.coincompendium.com (CC forum).

Sometimes a specialized solution just creates specialized problems that an insufficient number of people are solving. Forum software is much more general-purpose and much more widely used, thus it is better tested and more reliable. Bugs that would go unnoticed on specialized blog platform software would be found much more quickly by the relatively huge user base of popular forum software.

Think of it this way:

Because blogs fundamentally differentiate between article posters and commenters, the number of blog article posters is limited to privileged people who have a blog. But, on a forum a poster and a commenter is the same thing, so the number of forum posters is larger than blog posters by (probably) several orders of magnitude. Which software, by nature and necessity, is the most reliable? The forum, of course.

Fundamentally, what a blog poster wants is higher visibility than blog commenters. Even the most primitive forum software makes it easy to raise the profile of whatever posts you choose. It is straightforward to configure SMF to automatically raise the profile of certain types of posts. There is more than one way to do this, but the methods I have chosen make it easy to make as many blogs or whatever you want to call them (venues, channels, news, announcements, alerts, pings, etc, etc, etc).

The best part is that you can provide a blog to a user that has complete control over their own blog, but is otherwise like an ordinary user on the rest of the forum. And, of course, if you don't want your blogs to function like forums, it's trivial to simply disable the unnecessary features, to restrict its functioning to be identical to a specialized blog platform - but without all the bugs and maintenance hassle.

If the Tor Project would like help configuring a general-purpose SMF forum to replace the blogs, I would be happy to help with that. If you want to know more about me, you can read my (badon) mediawiki.org user page at this URL:

https://www.mediawiki.org/wiki/User:Badon

July 25, 2015

Permalink

My worry candidate would be someone with a great resume...
but a deep-seated and masked sense of rivalry who would instinctively work behind the scenes to ultimately oust the founders.

(For example a coup could be done thru good news: bringing new funders on board from a previous position, putting them on the Board of Directors, and then giving the board to understand that the Tor founders are replaceable technicians blocking administrative progress and that new funding pledges are ready but conditional on ouster.)

One unusual source of talent is the congressional staffer corps.
Senior staff in both houses see their jobs as temporary stepping stones to something else, typically senior executive positions in the government or highly paid lobbying positions. A small number of these senior staffers might be aligned on the right side of privacy, have extensive non-profit connections thru their work, and not be completely ignorant on the SW and SW ethos side of things.

An EFF lobbyist might be able to identify such characters?

July 28, 2015

Permalink

I disagree about Edward Snowden. I really think he did something amazing. However it also must be clear that I consider him a hero for that very act.

However, I think despite all this Edward Snowden's biggest problem was not the fact that the NSA spies on the whole planet, but that the NSA spies on US-American citizens. Edward Snowden appears(!) to think that the US has the right and should control the world (for the greater good), just make sure that power doesn't get abused and that US-American citizens should not be spied upon. I accept this opinion, even though I counter it. However I don't think that this makes sense for being the Executive Officer of the Tor Project, especially because of certain relations the US has towards certain countries (that I politically do not want to defend at all).

Last, but not least I think Edward Snowden has way better skills elsewhere and I think he would do an amazing job as Tor contributor as an architect or developer, because he has great insight in how things work. I think, if Edward Snowden would be the Executive Director instead that would be a tremendous waste.

Please don't get me wrong. I really do not think badly of Edward Snowden and from all the interviews with him he seems to be amazing. I don't agree with everything, okay, but hey, people don't have to. I just think when it comes to this very specific position one might find other people.

Other than that: I actually think Edward Snowden should do something less stressful for a while. There should be something like a whistleblower fund or so to help people like Edward Snowden, because I'd imagine it gets way harder to get a well-paid job in the field one feels most comfortable with after blowing the wistle, but that's a different topic..

July 28, 2015

Permalink

"Here's the mail I've been sending people to encourage them to think about who would be a great person:"

Thanks, that's pretty clear :)

I can only offer general advice about desirable characteristics of the next Executive Director (see the other threads).

I'd love to see Edward Snowden play a major role, but reluctantly must agree that he probably is not currently in a position to perform security-critical work. I think he's been doing a fine job acting as a kind of "elder spokesman" via telepresence, and I'd love to see him on salary at Amnesty International, HRW, RSF, EFF, or Access Now.

(IANAL. If hiring Snowden is "illegal" according to USG/HMG, perhaps it is time for these great organizations to consider moving to a safer home.)

July 29, 2015

Permalink

> My worry candidate would be someone with a great resume...
but a deep-seated and masked sense of rivalry who would instinctively work behind the scenes to ultimately oust the founders.

Is that really likely? Is there some precedent you have in mind at another NGO?

> (For example a coup could be done thru good news: bringing new funders on board from a previous position, putting them on the Board of Directors, and then giving the board to understand that the Tor founders are replaceable technicians blocking administrative progress and that new funding pledges are ready but conditional on ouster.)

You would probably agree then that a major priority for the Project is to diversify funding to ensure that no one government, agency, or corporation has too much influence. (I have in mind not so much a precedent as a related concern: I worry about the increasing influence of a handful of mega-corporations on the Linux Foundation, through the fact that their employees are writing a larger and larger fraction of kernel code. These companies have deep ties to USIC. Might they be tempted to try to insert backdoors on behalf of USIC--- or even to spy on business competitors?)

More generally, you would probably agree that a priority for the Search Committee should be to be suspicious of USIC attempts to "shape" the eventual choice to suit its own "interests". It seems likely they will try, and clearly it would be a disaster for the world if they succeeded.

> Is there some precedent you have in mind at another NGO?

More a composite of various cases over time.

If a new chief is known mainly for "soft skills" and lacks core knowledge of their organization, they tend to feel inferior surrounded by lieutenants who know more than they do. The new chief solves this in either of two ways: changing the focus of the organization so existing personnel lose their advantage, or by replacing those that know. (Only the latter would be relevant for Tor.)

July 29, 2015

Permalink

> One unusual source of talent is the congressional staffer corps.
Senior staff in both houses see their jobs as temporary stepping stones to something else, typically senior executive positions in the government or highly paid lobbying positions.

While there may be some individual exceptions, corruption appears to be the rule in American politics, as you yourself suggest. This would be almost as awful as Tor hiring Michael Hayden away from the Chertoff Group.

I think it is essential to greatly *decrease* the influence of the USG on the Tor Project, given the increasingly oppressive role played by the USA on the world stage.

To mention two examples ripped from the current headlines: in the "national interest" of positioning the US to intervene militarily in resource rich African (Nigeria), President Obama just praised Ethiopia as a "democratic nation". Ethiopia! And in another thread in this blog, we've discussed why the support of the USG for "lawful access" (state-sponsored hacking) services companies is so dangerous for human rights around the world.

I tend to think a more natural place to look would be among people with executive experience in human rights organizations or civil liberties organizations.

It is critically important to make a good choice, and anything tending to suggest to the user base that the USG is worming its way even further into the Tor Project would be deeply harmful.

Re backdoors concern, continued reply:

I feel there is a strong committed culture at Tor. And doubt members based in the US have any fear of arrest merely for participating in Tor.

On the contrary, it is the technical and resources problem of global government-level adversaries that is immense and not completely solvable for a project that is committed to provide almost "normal" browsing in terms of speed and running browser codes. These actors don't need "backdoors" in open source code and in any case they can replace object code at the individual user level (which hopefully doesn't scale well as Arma has mentioned here several times).

That all dwarfs the issue of top-down backdoors that worries you. There are other kinds too. Perhaps someone similarly hostile as you to the U.S. but technically competent might join Tor to put in your own backdoor to help whatever countries you approve of harm in some fashion whatever countries you disapprove of (e.g. US).

July 29, 2015

Permalink

> The blog backend is terrible, and there's no one formally tasked with moderating it.

IMO, Roger should not wait to fix that.

July 31, 2015

Permalink

I think Ed would do just fine, but others may differ such a tor sponcers and others
its really nothing to do with freedom of speech etc at the end of the day.

Dr Fred Piper

July 31, 2015

Permalink

> More a composite of various cases over time.
>
> If a new chief is known mainly for "soft skills" and lacks core knowledge of their organization, they tend to feel inferior surrounded by lieutenants who know more than they do. The new chief solves this in either of two ways: changing the focus of the organization so existing personnel lose their advantage, or by replacing those that know. (Only the latter would be relevant for Tor.)

I have the impression that you may speak from experience, but, from the corporate world, not the NGO world. I hope. If you haven't been following the Hacking Team story, that saga offers a sobering example of how a company culture turned sour, after the CEO decided to take the company down the path of state-sponsored-criminality. I don't think that is at all likely to happen at Tor, however, and hopefully would be unlikely at other human rights NGOs.

It is critically important that any credible candidate for Exec. Dir. of Tor Project recognize that, while as I have argued good long term planning, media relations, and maybe even some legislative lobbying may be essential for the long term survival of Tor, in the short run, the only truly essential people are the developers. All choices must verify the criterion of not impeding critical bug fixes or important security/anonymity/usability improvements.

I suppose the devs could help by trying to give the next Exec Dir a chance to prove he/she understands their needs, but this all seems awfully hypothetical, unless you know something I don't.

July 31, 2015

Permalink

> The position could be held by anybody anywhere in the world. There is no requirement for him to oversee the project from US soil.

There is no intrinsic requirement for the Tor Project to be based in the US, and increasingly, some good reasons for it to move.

(The unsolved problem is: move *where*?)

Tor Project employees, especially senior executives, must often deal with sensitive issues.

One problem with choosing as Executive Director someone who participates mainly or exclusively by "telepresence" is that electronic communications are-- hello?! did anyone not understand this lesson from the Snowden leaks?!-- highly vulnerable to interception by NSA SIGINT operators, and to a somewhat lesser extent (?) by other bad guys. Potentially, even communications encrypted may be or may become vulnerable. (Bruce Schneier is among those who worry certain features of AES which could possibly be exploited for direct cryptanalysis. Just because no-one has yet openly published a POC does not prove it is impossible. And GPG relies on an aging encryption algorithm.)

It is a safe bet that some of David Vincenzetti's friends are fantasizing right now about doing to Tor Project what Phineas Fisher did to Hacking Team. What some people with hidden cameras did to Planned Parenthood. And so on and so forth. We can mitigate the hazards by passing the most sensitive communications by word of mouth, and keeping no electronic records.

We need to make everything as hard for our enemies as we can. Choosing as Executive Director someone who is already targeted by (one presumes) every Earthly intelligence agency with global ambitions just doesn't make sense. Much better to try to keep a core of employees in one place, near a windowless meeting room which is regularly swept for bugs.

August 03, 2015

Permalink

Hopefully the new person will be smart enough to reverse the blazing stupidity of having chosen StackExchange as the site where new people are told to go and get their questions answered. Here's a perfect example:

https://tor.stackexchange.com/questions/7353/does-windows-10-compromise…

A person innocently asks a valid question, immediately gets his question downvoted and then locked out (by people that you will very rarely see actually answering *anyone's* questions, as they obviously regard themselves as elite administrators who are above that). Meanwhile, the non anally fixated and ego driven people can't actually try to provide answers to the question because it's locked. StackExchange is all about rating and criticizing people with questions, so that new users feel like chumps and NEVER come back.

That's all in the self interest of StackExchange corporation, NOT IN THE INTERESTS of having as many Tor users as possible.

Tor is supposed to be about freedom of expression, but the most Draconian, censoring and ego-driven discussion site on the internet was chosen to supposedly help and encourage new users. If Tor is only about the long term, elitist users, then you have no anonymity with your very small crowd. Have you forgotten that?

August 04, 2015

Permalink

I think that Snowden will perhaps know someone. I think Snowden still needs to work 24/7 at keeping himself safe.

August 05, 2015

Permalink

Second the expressed dissatisfaction with stackexchange.

Q for Mike Perry: it appears that the "rowhammer" bitflipping attack is enabled by "watering hole" websites using Javascript. Is it time to add JS-disabling to the higher levels of Tor Browser security?

http://arstechnica.com/security/2015/08/dram-bitflipping-exploit-for-at…
DRAM “Bitflipping” exploit for attacking PCs: Just add JavaScript
Dan Goodin
4 Aug 2015

August 07, 2015

Permalink

I like this site. Thanks to Tor. It rhymes with my innermost sense of freedom of non-violent expression and association with no fear of intimidation from anyone, any authority whether government, religious or monetary organisations.

Good luck in your search for finding an Exec for Tor.

My only 2 cents contribution is the following:

1) Those who are very good/talented programmers and developers are usually weaker in Big picture views.
2) An Exec who is good at both Detailed and General Principles of Freedom of Expression is hard to find.
3) It might be necessary to find someone who is outside the computing or software engineering expertise.
4) It might be necessary to have a team of leaders instead of one leader. Otherwise, it will have to be an overseer who has a few team leaders within each specialty groups.

Good day to all your folks.

August 09, 2015

Permalink

I think the Project needs one leader. This is not inconsistent with the suggestion that the Project be organized into functional teams, with the possibility of forking a new project whenever some tool which originates in Tor becomes very useful for other open source projects.

I believe that one natural place to search for promising candidates would be in human rights organizations or civil liberties organizations. Look for someone with leadership experience, preferably someone already known to at least some of the key Tor developers. Bonus points for candidates who have a history of skepticism towards mega-corporations such as Google and Amazon, and extra points for those who have been targeted by "cybercrime/cyberwar" type governmental military or civilian agencies.

Not that I want to encourage anyone to "poach" leading talent, but the Exec Dir job of Tor Project is too important not to make an exception.

Does Christopher Soghoian have leadership experience?

https://en.wikipedia.org/wiki/Christopher_Soghoian

"On October 27, 2006, then-Congressman Edward Markey called for Soghoian's arrest.[25] At 2 am on October 28, 2006, his home was raided by agents of the FBI to seize computers and other materials".

August 12, 2015

Permalink

Please look deeply into their past connections. This would be the way to derail TOR if an establishment scumbag gets the role

August 13, 2015

Permalink

I strongly agree that it is essential to keep out people who are controlled or even much influenced by the "intelligence needs"/"national interests" of the US (or any other) government. USIC and their British sidekicks are devious and determined to destroy everything that benefits or empowers ordinary people, such as Tor.

I don't think the Project is in a position to do background checks beyond those which would normally be done by any NGO in considering candidates for an executive position. But as long as the Project bears in mind the likelihood that NSA will attempt to influence critical decisions to suit its own agenda, I think common sense may be as good as anything else at making it too easy for USIC to put a Kim Philby at the head of Tor.

While I believe USIC and their sidekicks are capable of anything nasty, I think the greatest danger that NSA will "shape" the future development of the Tor Project comes through dubious funding sources such as DARPA, SRI (which has longstanding ties to USIC), and NED (an Eisenhower-era holdover). For this reason, I hope the next Exec. Dir. will make it a priority to develop secure funding not tied to USG (or Russian or Chinese or UK governments). Ideally the Project would avoid taking money from any government or giant corporation, but as long as overall funding is sufficiently diversified, it might be acceptable to take some money tied to governments which have a good human rights record. On these grounds USA, UK, China, Russia, Saudi Arabia, and a long long LONG list of other nations are disqualified, but Iceland might be acceptable.

August 13, 2015

Permalink

I know this is not suit for this article but anyone that have seen this news?

Hornet Tor alternative for high-speed anonymous browsing revealed
http://www.zdnet.com/article/hornet-tor-alternative-for-high-speed-anon…

This claims that it is capable of processing anonymous traffic at over 93 GB/s.

I think it's also based on onion routing,so is there any possibility to use this tech in next generation hidden service or tor system?

August 14, 2015

Permalink

Am I naive to suggest Jacob Applebaum? I know he's a bit of a kook but I'm not sure that's such a bad thing.

August 16, 2015

Permalink

Hi everyone,
Please help. I want to change the ip using tor every 1 minute but dont know how.
Please help and forgive me if its out of question.
Thank you

August 17, 2015

Permalink

> I want to change the ip using tor every 1 minute

I guess you mean either "I want to force my Tor client to choose a new identity every minute" or "I want to force my Tor client to build a new circuit for my path to particular website, every minute". I doubt that these are good for anonymity, if they are even feasible, but it might be coax your client to behave this way.

Maybe try this?

https://www.atagar.com/arm/

August 17, 2015

Permalink

@arma: is the following issue a serious concern for people running TBB or Tails, not under a hypervisor, on a computer with an Intel CPU manufactured before Jan 2011? If they think they are a likely target of one or more customers of Hacking Team or Gamma?

http://www.itnews.com.au/News/407809,rootkit-hole-left-in-intel-process…
Rootkit hole left in Intel processors for 16 years
Aug 12, 2015

Intel processors made between 1995 and 2011 contain a serious design flaw that could be used to install invisible rootkits, a researcher has discovered.

...

Intel spotted the error in its processor blueprints and corrected the issue in 2011. Chips built from January that year and onwards are not affected.

According to security specialist Jacob Torrey, operating systems can easily mitigate against the security hole at the hypervisor or virtual memory manager level, protecting themselves from criminals exploiting the design flaw.

Newer operating systems could easily introduce a patch for vulnerable Intel processors, Torrey noted.

August 18, 2015

Permalink

> Intel processors made between 1995 and 2011 contain a serious design flaw that could be used to install invisible rootkits, a researcher has discovered.

As arma said in a recent post, it is important for Tor users to try to avoid being infected with malware in the first place.

The bad news from the cited Black Hat talk: once the bad guy (Gamma, Hacking Team, ...) has succeeded in getting root on the PC/laptop used by the victim (journalist, dissident...), s/he may be able to exploit an un-patchable vulnerability in CPUs made by Intel between 1995 and 2010 to infect the victim's computer with an APT root kit which cannot be removed by re-installation, and which is very hard for ordinary citizens to detect.

SMM root kits have been on the radar for quite some time:

2006: Duflot POC SMM APT root kit
2008: Embleton and Sparks SMM APT root kit
2009: Rutkowska and Wojtczuk SMM APT root kit
2010: Intel discovers wrmsr flaw and quietly fixes it in Jan 2011
2015: Domas SMM APT root kit exploiting wrmsr flaw

From

http://www.channelregister.co.uk/2015/08/11/memory_hole_roots_intel_pro…
Intel left a fascinating security flaw in its chips for 16 years – here's how to exploit it
Iain Thomson
11 August 2015

"By using the wrmsr instruction, the operating system developer can configure a processor core to move its local APIC to anywhere in memory. Just write the new physical memory address to the processor's model specific register 0x001b."
...
"Domas reckons there are hundreds of millions of Intel processors permanently vulnerable – they cannot be updated to fix the problem. A trusty Linux box from the previous decade that's still plodding away, an office of old PCs, or a relative's aging laptop, are the sorts of computers at risk of attack via this vulnerability. Your fancy new gaming rig, your virtual machine in the cloud or on your workstation, and that office PC bought two years ago in the last refresh, are immune."

It is apparently not easy to exploit SMM vulnerabilities, but because SMM is the perfect place to hide a root kit, lots of people have been trying to figure it out.

I am not sure, but it seems to me that people running TBB under their usual OS on a PC/laptop which uses an Intel CPU made between 1995 and 2011 are vulnerable to the new SMM rootkit, provided that the bad guy can get root. Bad guys getting root is already bad news, of course, but the point is that if you suspect it happened, your only option may now be to throw away the computer.

It appears to be possible that people running Tails on a PC/laptop with an Intel CPU made between 1995 and 2010 might be vulnerable to key-logging, tracking, etc, via a Domas-style SMM APT rootkit, provided that a bad guy has been able to get root at some point on the other OS which runs when the computer has not been booted using Tails. Clarification from the Tails team would be very welcome.

It is possible that the wrmsr flaw may be an even more serious issue for people running Tor nodes. Clarification from the Tor team would be appreciated.

AMD is still trying to determine whether its CPUs are also vulnerable to similar flaws. Intel evidently has no intention of patching firmware for affected CPUs, other than high-end CPUs intended for commercial servers.

August 18, 2015

Permalink

I don't think Tor needs an executive director that is famous or publicly well-known to the general public or even the Tor community at large.

The Tor project needs someone who can be trusted, someone who is not at risk of being exploited by nation states, criminal organizations or any other group with their own self-interests that could hurt any user or future user of Tor.

The executive director should be fluent in technology allowing only the technical team to surpass that knowledge yet amongst their peers they command a leading knowledge of today's technologies as well as vision of future technologies developing including the low-down on cryptography, networks, virtual tech from containers through to SDN, a good understanding of the work of W3C/IETF/EFF and at least some degree of knowledge about security practices in general from securing their personal domain to operating in a secure organisation's domain.

The executive director should be someone who is a natural leader, that does not bark commands but instead invites people to engage in the mission. I would hope that the executive director would be an advocate for what is being called the 'open organisation' which bases itself on the principles of open source ecology, meritocracy and transparency.

Finally, I would hope the executive director would be someone looking to stay in the role for at least 7 years, seeing it as an opportunity unlike any other that is more based on bringing their talents to the Tor project rather than using the Tor project to promote their own personal agenda / career.

Like the last 500 posts - you want Superman. You want Jesus. You want the hand of god on earth. Keep praying. Your post reads like a prayer.

You need a shot of practicality.

Edward Snowden elected as lead "In absentia" until he decides to stay.

Truth is this: No man can lead this. He doesn't exist. You need a construct. A God. You need a new God. Elect "Dread Pirate Roberts" -- while knowing it's no one. It's an idea. People die. Ideas don't die.

Make the idea. Afterwards -- make the religion.

Then employ converts.

https://youtu.be/3posPWuA9Ss?t=130

This is so basic.

August 19, 2015

Permalink

> I think the greatest danger that NSA will "shape" the future development of the Tor Project comes through dubious funding sources such as DARPA, SRI (which has longstanding ties to USIC), and NED (an Eisenhower-era holdover).

Stand by that, but...

http://america.aljazeera.com/opinions/2015/8/russians-exiled-back-to-th…
Russians exiled back to the kitchen
The Kremlin is trying to create a paternalistic relationship between the state and its citizens
Svetlana Gannushkina
August 19, 2015

"On July 28, Russia designated the National Endowment for Democracy, a Washington-based nonprofit, which has supported human rights and civil society groups in the country, as “undesirable” and banned it."

... NED has never looked so good.

August 21, 2015

Permalink

> I don't think Tor needs an executive director that is famous or publicly well-known to the general public or even the Tor community at large.

That all sounds sensible to me.

August 24, 2015

Permalink

> Am I naive to suggest Jacob Applebaum [for Exec Dir of Tor Project]?

Not everyone can watch videos so many thanks to bancfc for posting a summary of Jacob Appelbaum's talk. As evidence that his expertise is best reserved for coding work, from:

https://lists.torproject.org/pipermail/tor-talk/2015-August/038847.html

> Debian Hardening topics covered:
* Disabling Avahi and Samba NFS by default
* Packaging grsecurity/PaX, Pond, xmpp-client, Tor Browser, Tor-launcher and pluggable transports - work currently being done on Tor related packages as of 2015
* Adoption of Subgraph Oz sandboxing framework
* Cleaning vulnerable legacy networking protocols out of the Debian
kernel
* Distribution of Tor in a base Debian distro
* Giving a sshd onion service as an install time option
* Encryption of system as default on install time
* Address Sanitizer and compiler time hardening of packages
* Adoption of new rootless, type safe DHCP daemon written by him and Dan Bernstein
* Adoption of tlsdate or alternative to unsafe NTP
* Gnuk libre hardware keycard adoption
* Encrypting APT connections to prevent package metadata leaks and make exploiting problems in APT harder

JA replied in the thread:

> There is a great deal of positive feedback from the Debian community.

Indeed, plus one.

In view of existing apt problems, how bad is the wrmsr vulnerability (as an SMM rootkit vector) for those who run Debian on a computer which uses an affected CPU?

> It takes time and effort - if you'd like to help - please join us in
improving Debian!

Ironically, some of the listed items must be accomplished before I would feel safe trying to help, but since this will likely be an ongoing arms race for some time, I think you can expect more help once you reach some critical level of dragnet-thwartdom!

Performance over security also accords with my experience, but I hope that is changing.

Many thanks to Appelbaum and other Tor and Debian people for all your hard work improving communications/cyber security for the ordinary citizen.

August 27, 2015

Permalink

A bit of good news I don't want to be drowned out by gleeful reporting from pimp-media that IBM is calling on corporations to explicitly block torproject.org from their networks (but not for ISPs to block their customers from running Tor clients?):

So often one hears "technical experts" opining that "if the government wants into your computer, they'll get in" [sic]. Some of us have argued for years that evidence suggests that to the contrary, resistance works more often than these "experts" want us to believe.

Here is a fascinating report of a possibly state-sponsored attack on an EFF employee, Jillian York, and unnamed other activists, which shows that a combination of technical knowledge and common-sense wariness, plus a refusal to panic easily, can help you to turn the tables on the bad guys!

https://citizenlab.org/2015/08/iran_two_factor_phishing/

When people try this hard to phish you, you know you're doing something right. But the boundary of what seems like outlandish effort appears to be expanding at the speed of scream, so we urgently need more organizations which offer free public-service forensics to lawyers, journalists, activists and other frequent targets of state-sponsored attacks. Here we confront the same problem as (irony!) FBI: the paucity of trained and trusted experts capable of analyzing state-sponsored attacks.

August 29, 2015

Permalink

A new director? Easy...

Contact the staff from Astoria Browser.

Contact the staff from Hornet Browser.

Contact top universities and ask one of their students or professors or alumni or graduates.

Contact Silent Circle staff.

Contact Defcon staff and participants.

Contact Offensive Security group.

Contact Tor fans.

Contact the Swiss Government (they are pro-privacy).

Contact ProtonMail staff.

Contact PGP creator.

Contact Cryptography people.

August 31, 2015

Permalink

Many thanks to Tor and Debian developers for addressing a long-standing concern about vulnerabilities in updating computer systems. In particular, Debian users have typically used a utility such as synaptic which runs the venerable apt package manager to contact Debian repositories to fetch upgraded packages including security patches. Unfortunately, packages are generally downloaded via cleartext http protocol.

Long ago Debian introduced automatic strong cryptographic package verification by apt, a very important mechanism for reducing the possibility of an attacker injecting malware into an http download of software, including security patches. (Such behavior has been spotted "in the wild", and the Snowden leaks confirm NSA has been one of the worst offenders.)

However, apt still "leaks" an enormous amount of information about what versions of what packages are installed on a given computer, and the Snowden leaks confirm the longstanding concern that the most dangerous state level attackers maintain huge databases of which software packages are installed on the computer at the other end of every IP address, including PCs used by ordinary citizens. This information can be exploited by attackers such as NSA/TAO, or murky and possibly state-sponsored groups apparently working in countries such as Russia, China, Iran, Syria, and even North Korea. Or by anyone who intrudes into *their* networks and copies *their* code. However, because of its extensive intrusion into virtually every backbone network on the planet, NSA appears to pose the greatest threat here.

The Snowden leaks confirm in detail long-standing concerns that ordinary citizens can be at risk simply because (for example) they happen to know or be related to a telecom engineer, a scientist, a blogger, or even a high school "student of interest". NSA/TAO operatives and other attackers often break into devices owned by such people looking for information they can use to phish their ultimate target. Ironically, NSA people now admit that they know that state sponsored attackers in nations like Russia and China follow the same practices, without admitting that NSA has been doing this longer than anyone. So even if you believe you are not risk ("I'm a grandma and a good Republican so who would want to read my emails?"), as more and more entities obtain the technological capability to mount attacks similar to what NSA has been doing for decades, you are more and more likely to personally encounter sophisticated attacks.

Now for the good news. As noted in Tor Weekly News, Debian is moving towards a system which allows potentially endangered and responsibly wary users (such as bloggers, journalists, political dissidents, politicians, union organizers, ecological activists, protest organizers) to maintain a Debian system over Tor.

I think this is a really important development and it deserves wider publicity. (Attention Kate Krauss?)

The links cited in TWN assume more knowledge than some readers may possess. I suggest a followup post offering more detail, including the following points:

* you will need to install a Debian "unstable" system
* if you have enough space on a hard disk you may be able to do this without overwriting your existing system, but this can be hazardous and tricky, and a security risk
* purchasing a fresh computer with CPU not vulnerable to the wrmsr bug might be your best choice for your new Debian over Tor system
* you need a working computer with GPG/PGP (to verify a signed file) and a utility such as sha256sum (to verify a cryptographic hash)
* you need a DVD R/W drive for the following step
* with some difficulty, it may be possible to fetch the iso image for DVD #1 over Tor
* using your current system, download from debian.org the file containing the SHA-256 hashes including the iso image for DVD #1 (the unstable version); see
https://www.debian.org/CD/http-ftp/
http://cdimage.debian.org/cdimage/weekly-builds/amd64/iso-dvd/
* verify the cryptographic signature of this file
* verify the SHA-256 sum matches the iso image you downloaded
* burn a bootable install DVD from the iso image
* on the computer on which you will install Debian, boot using the install DVD and follow directions
* make sure to use an encrypted volume, which gives "almost full" disk encryption
* after installing Debian from the DVD you can fire up synaptic and make the changes noted in the links in the TWN post; the apt-tor-transport should be available from Debian for unstable systems as a package you install in the usual way (with automatic verification of the cryptographic signature)
* check for updates and install the new packages
* study the packages offered by synaptic and install software defined radio or steganography utilities or document production packages and other software as needed; Debian has everything you could need (if it's available at all), including state of the art packages used extensively (irony!) by some NSA employees in their nasty work.

That might sound complicated, but I think the hardest step is actually obtaining the iso image over Tor. The process only adds a few steps to what users have done for years to install Debian the easy way. In the future, one hopes, it will become even easier for people who are not necessarily comfortable with computers to obtain and maintain Debian over Tor; indeed, this should be the default option.

Hope I haven't forgotten anything or gotten anything wrong; corrections welcome!

It would also be useful to contact reporters at tech news outlets to explain how Debian over Tor works, how people can obtain it, and why they probably should consider doing so.

A possibly controversial point here which you might consider noting: among those who could benefit immensely from using Debian over Tor are people who work for the directors of FBI, NSA, USCG, EPA, and other USG agencies, not to mention federally funded climate researchers and medical researchers at great risk for attacks from foreign intelligence agencies, business competitors, etc. Multiple instances of sophisticated hacking attacks against climate scientists, professors of computer science, etc., have been confirmed by expert forensic analysts in the past several years. I believe that system administrators for academic departments in US and EU universities would be wise to consider moving to Debian over Tor, to protect their students and faculty from a long established plague of cyberespionage attacks which in recent years has become far more sophisticated and dangerous. (Ironically, in recent months, NSA lobbyists have issued similar warnings, which only a few years ago were often derided by the Feds as "paranoia", because NSA wanted to keep EU/EMEA cybersecurity weak in order to facilitate their own spying, even at the expense of exposing Americans to hazards from, say, Chinese or Russian cyberespionage.)

If Tor can make this case to enough high level USG officials and industry executives, it is possible that this could garner additional support for the universal and strident opposition, among technically knowledgeable internet users, to FBI Director Comey's dangerous and unworkable demands (grounded in an astounding misunderstanding of how the modern world works) for legally mandated backdoors into all operating systems (Debian, etc), cryptographic packages (GPG, openssl, etc.), and Tor.

Tor leaders have repeatedly declared that Tor has never permitted backdoors and never will. But the leadership and most of the coders are based in the USA. If Comey succeeds in establishing legally mandate backdoors in every computer in the world, what is our plan? Can the project move overseas and ensure that Tor users inside the USA will continue to be able to obtain non-backdoored Tor, openssl, GPG, Debian?

September 02, 2015

Permalink

Every time i run TOR browser and it connects automatically, my circuit goes ALWAYS in first place through Ukraine, then usually Russia. Connection is slow as it can be. After 40 tries to relaunch browser situation does not change. Again UA>RU>GR>US. I figured out that only if i decide to connect "manually", check that i do not have a proxy ect and click connect, my circuit goes way more randomly and almost never goes through UA/RU. Is it intentional or some kind of bug? I'm logging to tor from Warsaw, Poland.

The "first place" on circuit (called "guard node" or "entry node") is NOT intended to change often.

Changing it often makes it much more likely your Tor will accidentally use one of the malicious entry nodes.

September 02, 2015

Permalink

> Down the road a couple years,

So did someone compromise the Tor blog site, or did a Tor Project staffer goof?

September 02, 2015

Permalink

I downloaded Tor Browser bundle 5.0.2 from torproject.org.

Verifying the detached signature gave:

gpg: Signature made Thu 27 Aug 2015 07:47:22 PM UTC
gpg: using RSA key 0x2E1AC68ED40814E0
gpg: Good signature from "Tor Browser Developers (signing key) " [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
Subkey fingerprint: BA1E E421 BBB4 5263 180E 1FC7 2E1A C68E D408 14E0

Checking the signatures, I saw:

sub 4096R/0x2E1AC68ED40814E0 created: 2014-12-15 expires: 2017-08-25 usage:
S

This key was revoked on 2015-08-26 by RSA key 0x4E2C6E8793298290
Tor Browser Developers (signing key)

Is there a problem?

September 02, 2015

Permalink

> Someone goofed and approved a spam comment. Fixed now.

Glad to know this. Sorry you have to deal with chain-spam and such, but not surprised.

Is there a problem with the TBB signing key? It seems one subkey may have been revoked?

No. That subkey got never used so far and was visible for a short time (a couple of minutes) on my people.torproject.org directory by accident. Thus, we revoked it to be on the safe side.

September 03, 2015

Permalink

About Cryptographers. Someone in the direction of Schneier? I mean you know he probably is one of the more calm persons which might be good?

September 04, 2015

Permalink

> No. That subkey got never used so far and was visible for a short time (a couple of minutes) on my people.torproject.org directory by accident.

Ow.

> Thus, we revoked it to be on the safe side.

Good to know, thanks much!

Well known cryptographers have been warning for years that because big companies and nasty governments control the funding and are focused on short term gains, society is neglecting to develop alternatives like ECC and NTRU in case RSA is cracked tomorrow. I fear he is right and I would like to urge the next Executive Director of Tor Project to make this point whenever s/he has the ear of anyone in a position to get some money to develop working/deployed implementations of ECC, NTRU, etc. Waiting passively for an unexpected breakthrough in factoring seems like a very bad idea.

I can't understand why NIST isn't doing something serious to get well ahead of the factorization curve, given that they appear to have recognized that they never should have trusted their NSA advisors further than they could spit.

Huh?

Tor uses ECC already for most things, and as of 0.2.7.x, the only place where RSA is required would be for interoperability with old versions and Hidden Services (Because no one wants to fund the Prop. 224 work to migrate HSes to Ed25519).

The likely large-key RSA break would be a sufficiently large Quantum computer, which would be capable of breaking all of the ECC based crypto used in Tor currently as well (A modified variant of Shor's Algorithm can solve the Elliptic Curve Discrete Logarithm problem quite quickly).

NTRU on it's own is not sufficient to replace RSA (or the to-be-broken ECC for that matter) due to the only time tested operation being Encryption (NTRUSign is catastrophically broken, NTRU-KE is too new to be deployed). As a matter of principle, I'd be fairly sad to see NTRU included in Tor before sometime in 2017 (2020 for the newer parameter sets) since those are the years when the patents expire, though there is a FOSS Patent Grant available.

This paper: https://eprint.iacr.org/2015/676.pdf from Cisco shows that the NTRU library has some serioius issues - not the NTRU primitive itself, but the key generation and padding scheme have problems. The key generation can be attacked with fewer NTRU multiplications than expected - 104 bits of work for the 112-bit target level, 112 for 128-bit, 137 for 192-bit, 197 for 256-bit. Still pretty big, but a lot less than the target level. Plaintext recovery attack works because there's a quantum attack on the hash output - either 80 or 128 (quantum) bits for 160 or 256 bit hash. The paper recommends new parameter sets that are properly designed to be Quantum Resistant.
-- lukep

yawning

September 16, 2015

In reply to by Anonymous (not verified)

Permalink

Yeah I read the paper.

The key generation problem is easily fixed, and most real implementations will not use a `Hash_DRBG`construct for key generation[0]. It's worth noting that 2^104 (and beyond) are still in the realm of computationally infeasible, if we were to implement the handshake, I would probably push to use EES1171EP1 (EES743EP1 would be better, but it's encumbered till 2020) for a 2^197 security level unless performance/bandwidth constraints mandate otherwise.

This all is still a bit in the future so who knows, maybe by the time this is set to be implemented, a usable Ring-LWE or SIDH codebase will appear and we can skip using NTRU all together.

[0]: libntru does not IIRC, and neither does mine.

September 06, 2015

Permalink

@yawning: thanks for the corrections. The relevant Wikipedia articles were not very helpful, but I found an authoritative source of recent information on the current situation (not specific to Tor but including some information about how Tor is affected):

http://nist.gov/itl/csd/ct/post-quantum-crypto-workshop-2015.cfm

"The advent of practical quantum computing will break all commonly used public key cryptographic algorithms. In response, NIST is researching cryptographic algorithms for public key-based key agreement and digital signatures that are not susceptible to cryptanalysis by quantum algorithms. NIST is holding this workshop to engage academic, industry, and government stakeholders."

The slideset by Bart Preneel (very bottom of the page) gives an efficient and informative overview.

The problem:

* we need to worry about data privacy, data integrity, and authentication
* so Three Needs: quantum-resistant algos for asymmetric encryption, signatures, key-exchange

There are also concerns about the slowness of development of new symmetric encryption schemes in case AES is broken (which would break LUKS disk encryption and USB stick encryption), but AFAIK AES is not obviously immediately broken by the advent of large quantum computers.

The bad news is:

* RSA depends on the hardness of factoring big integers, so vulnerable
* DH key exchange and DSA (and El Gamal encryption used in GPG for key exchange) depends upon discrete log, and are vulnerable
* ECC depends upon the hardness of a similar discrete log problem, and is vulnerable
* OpenSSL supports various stream ciphers other than AES (good!) but requires RSA, DSA, or ECC for key exchange, so vulnerable
* GnuTLS uses RSA and ECDSA for key exchange, so vulnerable
* LibreSSL supports ChaCha stream cipher (good) but uses ECC for key exchange, so vulnerable

So unless I am still confused, pretty much everything needed for Tor, https, and GPG would be immediately broken by a big quantum computer--- disastrous!

The good news is:

* this is thought to be a medium term risk, not something likely to happen tomorrow (some support in the Snowden leaks for this view)
* there are a number of schemes addressing the Three Needs which rely upon the hardness of problems which are not known to be vulnerable to a big quantum computer
* NTRU depends on hardness of shortest vector problem, and ultimately upon hardness of factoring polynomials in certain rings
* There is a GPL licensed implementation of NTRU, not by the three inventors
* McEliece's scheme is particularly attractive IMHO but requires much larger public and private keys than current "strong crypto"
* several talks clearly express recognition that NSA, as the Universal Enemy, is the appropriate "benchmark" for security research,
* some slide sets even include leaked images such as an NSA/TAO operative inserting malware into a server which had been diverted during shipment to their secret site, so these guys really "get it", and that is really good to know
* EU governments such as Belgium and Norway are paying close attention to the revelations in the Snowden leaks about what their "friend" NSA is doing to them, and preparing appropriate countermeasures

A nice task which someone might take up: prepare a blog post explaining how recent and near future TBB and Tails uses various basic cryptographic algorithms relying for security upon the presumed hardness of various computational problems

It is important to bear in mind that, as one slide puts it, "physics trumps math" (one revelation from the Snowden leaks is that some NSA malware can abuse the memory bus in an ordinary PC to function as a low power WiFi transmitter for short range exfiltration to hidden receivers located in vehicles which drive by your location--- a scheme they apparently tested on unwitting US university students--- or to inconspicuous microdrones. One might be tempted to assume that such schemes are unsuitable for dragnet surveillance, but they are sufficiently cheap to be widely deployed against large numbers of specific targets such as telecom engineers, academic scientists, "interesting" non-US company executives, etc. And the leaks show that NSA used drones to attempt to deliver malware to essentially every WiFi-enabled device in certain countries. So we need to address hardware issues too.

Some entrepreneur should start making indoor tents, incorporating a mesh of suitable conductive material, in which you can enclose your desk to construct a makeshift Faraday cage! But pay attention to where the power cords and data cables enter the cage--- quite a bit about how hard it is to make a good Faraday cage in the Snowden leaks.

September 10, 2015

Permalink

Even as the Dark Government screeches that it "needs" [sic] backdoors into all civilian crypto and rants against "the Dark Net", IANA has approved a Tor friendly special use-domain:

http://www.theregister.co.uk/2015/09/10/tors_onion_domain_gets_privacyc…
TOR's .onion domain gets privacy-conscious users off the DNS
Metadata gets a little harder to find
Richard Chirgwin
10 Sep 2015

"IANA has okayed the .onion special-use domain for The Onion Router (TOR) community.
The proposal is designed to get rid of on way TOR users could be snooped by spooks - the footprints they leave in the Domain Name System (DNS) if they're trying to locate a server through DNS requests."

The Russian secret police probably don't have as many technology problems as the epic deficiencies of the American phoebes, but it is notable that their malware contractors seem not to have better luck than NSA malware contractors did in directly attacking Tor:

https://lists.torproject.org/pipermail/tor-talk/2015-September/038944.h…

"A company hired by the Russian Interior Ministry to identify users of
the Tor network, an anonymous Internet browser, has announced its plans to terminate its state contract without finishing the task."

I urge US readers to call their Senators to ask them not to support legal mandates for encryption backdoors, or outlawing Tor. Also, to ask them to oppose DOJ's demands to access private message/email content held in Microsoft/Amazon/Facebook servers overseas. If the DOJ wins in US court, this would establish a precedent threatening vital US-based services used by (for example) Spanish citizens opposed to the Vomit Law, or Greek citizens organizing against harsh austerity programs which are literally starving retirees and other vulnerable persons.

I ask the Project to urgently prepare plans to continue to provide unbackdoored Tor to vulnerable users (bloggers, journalists, human rights workers, expatriates, political dissidents) around the world, in the event that the US Congress passes legislation outlawing Tor or mandating backdoors. Increasing numbers of people are utterly dependent upon Tor and GPG for what little safety is still to be had on our troubled planet.

September 12, 2015

Permalink

DHS is trying to end the library program and again we're left uninformed?! A lot of us see this site as the hub for Tor related information. Keeping the community informed is critical to winning otherwise losing battles. This is insane. How difficult would it be to set up a similar forum? https://forum.safenetwork.io/ Public relations is key to the success of all but a few projects. I hope for the sake of everyone directly or indirectly involved that communication is improved soon. If not, sit back kick your feet up and watch the demolition occur.

The Tor community is vast, but it does almost nothing to prevent itself from being marginalized. The leadership has taken great strides to that effect in recent months, but it is too late. I believe that the majority of people who know about Tor see it as a tool to enable criminality. I've worked hard, burning some bridges in the process, to show others the importance of anonymity for some people. In my experience, people are generally fine with most of the world not even having enough food, let alone political freedom. There is probably nothing the Tor community can do now to prevent the network from being made illegal outright, or relay operators from being made criminally liable for what traverses the network.

Tor has always responded to anti-privacy forces with the point that societal security can still be maintained in the presence of widespread Tor usage by traditional law enforcement and intelligence methods.

Tor will lose public support if it is seen as administratively helping empower hostile groups who also work to undermine the traditional methods of investigation.

Tor cannot control who uses it on an individual basis, but a Tor executive director must be cognizant that if and when Tor is seen as organizationally facilitating those groups who _also_ work against traditional and necessary focused investigative methods, the Tor suppressors/haters will gain the support to win their battle. Public sympathy will be lost and sadly (perhaps disastrously) also the righteous use of Tor.

While I have no specific knowledge about the writer's allegation regarding the library program, if the program is allowed to organizationally attract hostile elements in bulk, this cannot be overlooked. Efforts to grow Tor usage will need firm guidance from an executive director capable and willing to make possibly tough decisions with board support if it is not to ultimately destroy all of Tor for everyone.

> Tor will lose public support if it is seen as administratively helping empower hostile groups who also work to undermine the traditional methods of investigation.

> Tor is seen as organizationally facilitating those groups who _also_ work against traditional and necessary focused investigative methods,

What hostile groups work to undermine the traditional methods of investigation? The ACLU? The EFF?

September 13, 2015

Permalink

Good executive staff cost plenty and tor's no exception to being compelled to hire only those whom they can afford. No doubt tor's sponsors will also find it unnecessary to fund benefit enhancements. In this class, competent executive come in bundles of ten for a dollar. All this hype is just encouraging applicants to overvalue their own skills.

In passing, I'd like to point out that my FF browser settings, except for Adblock, an antivirus app and enabled bookmarks/favourites, is set at tor/NoScript specs.

From where I sit FF would be close to being redundant - were it not for their very important developmental programs. Thank you, Mozilla

September 14, 2015

Permalink

> DHS is trying to end the library program and again we're left uninformed?

Give them a chance, events appear to be moving very quickly and I assume they are busy trying to respond to even more dangerous enemy action. DHS threats against libraries thinking of working with Tor are just one aspect of a concerted attack on all aspects of how the Project does its work and communicates with its userbase.

More generally, various nasties in the USG are ramping up their attacks on human rights organizations:

https://theintercept.com/2015/09/13/two-short-paragraphs-summarize-us-a…
Two Short Paragraphs That Summarize the U.S. Approach to Human Rights Advocacy
Glenn Greenwald
2015-09-13

> A lot of us see this site as the hub for Tor related information.

Agreed, but they have said no-one has time to improve it right now. In the context of simultaneous enemy assaults on many fronts, I have to agree project members need to focus their energies on addressing the most urgent dangers.

@Tor: powerful agencies in the US federal government are pushing hard to have Tor and strong civilian cryptography outlawed outright. Most of the key Tor people are based in the USA or client countries. Same holds true for the infrastructure. If USG outlaws Tor or strong civilian cryptography, do you have a plan for reconstituting the project on an emergency basis in some safe haven? Will key Tor people be willing and able to relocate? Will US residents still be able to obtain un-back-doored Tor client software?

September 16, 2015

Permalink

> Good executive staff cost plenty and tor's no exception to being compelled to hire only those whom they can afford. No doubt tor's sponsors will also find it unnecessary to fund benefit enhancements.

I hope, and optimistically believe in the absence of evidence to the contrary, that you are underestimating the fact that talented people want to do good. The opportunity to help prevent the extinction of freedom of movement, expression, religion, and liberty is surely the biggest reason why people want to work for Tor, in either a paid or voluntary capability.

September 16, 2015

Permalink

> Tor will lose public support if it is seen as administratively helping empower hostile groups who also work to undermine the traditional methods of investigation.

Could you clarify what you mean by these terms?

1. "administratively empower"

2. "hostile groups" (what are they?)

3. "undermine traditional methods" (how?)

> Tor will lose public support

In the USA? I have the impression that currently, the "educated public" in the US is divided into two groups:

1. people who know almost nothing about Tor but vaguely recall hearing it has something to do with scary hackers on the "dark net"

2. people involved in human rights, relief efforts, activism, journalism, or technology issues, who use Tor and value what it can do to help protect liberty, access to information, and freedom of expression, association, orientation, and religion everywhere.

I further have the impression that the first group is currently overwhelmingly larger than the second. Changing that (making Tor use mainstream and as ubiquitous as Facebook use) should be a priority of the next Executive Director. The way to change perception is by getting the word out, by helping current users to organize local community outreach programs reaching out to local journalists, librarians, teachers, parents, and politicians, in order to explain how Tor can help ordinary citizens stay a bit safer in an increasingly hazardous on-line world.

Many libraries offer public space for public meetings. US Tor users who want to help advance the goals of the project might consider encourage local librarians to join the library project, and also using community meetings to help ordinary people learn how Tor can help them in their daily life. The Project can help by providing advice on how to approach librarians and how to "pitch" Tor to ordinary people.

>> Tor will lose public support if it is seen as administratively helping empower hostile groups who also work to undermine the traditional methods of investigation.

>Could you clarify what you mean by these terms?

Yes, an example of traditional methods is the interview as generally practiced in democracies by law enforcement.

With reference to your phrase about Tor, "value what it can do to help protect liberty": Protect liberty, you say? We know that the Tor Project cannot prevent Tor's use by religious or political groups of an authoritarian nature, whose core theology for example espouses domination of (sometimes specifically named) other groups everywhere they may exist in the world.

What Tor's leadership can and must do is be careful not to engage in reach-out to hostile groups under whatever umbrella, directly or indirectly. Or risk losing public support. This requires judgment and knowledge that is not necessarily a part of every generic activist.

September 16, 2015

Permalink

Great news from the Library Project!

https://lists.torproject.org/pipermail/tor-talk/2015-September/038994.h…
Tempest tempest at bitmessage.ch
Wed 16 Sep 2015

"i just want to share the news that all of the hard work that has gone
into the library freedom project paid off today at kilton library.
despite pressure from the us federal government, which pulled out every card to sell fear that they had in their hat, the local community refused to accept it and thought on a global level to support the library's choice to offer a tor relay to the public."

Many thanks to Allison, the Library Project, and everyone all over the world who has unflinchingly confronted the evil face of authoritarian dark governance.

Government officials insist upon maintaining complete "visibility" into our entire public and private lives, but refuse to grant the public any insight into their own activities. The result is entirely predicable: endemic corruption, overbearing political oppression, and ultimately state-sponsored genocide of the kind occurring in Syria.

It is all of us against all of them, and the stakes in this struggle are enormous. We must not, through passivity or inaction, let the bad guys win.

September 18, 2015

Permalink

hello guys.......how can i use tor..i am 1 hour and 23 minute inside tor and i dont know very much ..i am very new here..thank you

September 20, 2015

Permalink

I downloaded Tor Browser bundle 5.0.2 from torproject.org.

Verifying the signature gave:

gpg: Signature made Thu 27 Aug 2015 12:47:22 PM PDT using RSA key ID D40814E0
gpg: Can't check signature: public key not found

On this page https://www.torproject.org/docs/verifying-signatures.html.en says it should say:

The output should say "Good signature":

gpg: Signature made Tue 24 Jan 2015 09:29:09 AM CET using RSA key ID D40814E0
gpg: Good signature from "Tor Browser Developers (signing key) "
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290

is this tor bundle good or should I delete it? the finger print was good though.

September 24, 2015

Permalink

We (The People) Make Excellent suggestions, then (Tor community) Want let the people know what is going on. We should have a say! Tor Please let the people know what is going on Via this Blog. At Least why some of the choices are good or bad ideals. That way the people are at least included in the process, and we might have even more ideals. Why would we, alot on more ideals when there is no offical feedback from rep s of TOR. Please keep up the good programing work,just keep us (the People) Informed VIA THIS BLOG!!!

Thanks
NO StackExchange Pls..Or Sux Exchange

September 28, 2015

Permalink

> .how can i use tor..i am 1 hour and 23 minute inside tor and i dont know very much

I assume you want to use Tor Browser Bundle (TBB) to browse the internet using Tor.

You need to put two things on your computer:

* GPG
* the Tor Browser Bundle software

To put TBB on your computer, you need to download three files:
* the tar file containing the software
* the detached signature used to verify the tar file
* the public key used to make the signature

You download the first two by pointing your browser to

https://www.torproject.org/download/download-easy.html.en

Make sure you download the correct version for your computer (e.g. 64 bit or 32 bit? Windows or Linux?).

You obtain the public key by typing (in a console or "shell")

gpg --recv-keys 0x93298290

Or if you found it in a web page and downloaded it using a browser, put it in your key storage by typing

gpg --import

Make sure your GPG has the key you need by typing

gpg --list-keys

Verify the tar file like this:

gpg --verify

Notice the signature file is listed first, then the tar file.

GPG should give you a message saying the signature is good.

> gpg: Can't check signature: public key not found

GPG could not find the key used to sign the detached signature on your system. Try again to obtain the key and make sure you imported it into your GPG key store.

Once you have verified the tar file, unpack it using commands like this (may be a bit different on your computer):

unxz name.tar.xz
tar -xvf name.tar

Then navigate into the unpacked directories (folders) looking for a script which starts a Tor-friendly version of the Firefox webbrowser, which works the same way as Firefox. Just execute that script whenever you want to start using Tor to browse the internet.

Don't forget that you will need to download the current version of TBB as each new version becomes available. You follow the same procedure each time. It gets easier with practice!

October 01, 2015

Permalink

Two bombshell stories in The Intercept should help encourage Tor Project developers to keep up their good work, and may help Project leaders to fend of current political attacks by people like FBI Director James Comey.

One key argument used by privacy advocates and cybersecurity experts in CryptoWars II is that putting in encryption backdoors for use by the US invites other actors to exploit "lawful access" capabilities.

Now James Bamford (author of three books on NSA) reveals

* as was long suspected, NSA was responsible for the notorious cyberespionage operation in which the phones of leading Greek politicians, bankers, reporters and other "persons of interest" was tapped undetected for years; the secret surveillance was accidentally discovered in 2005
* as was immediately suspected, USIC may have been involved in the mysterious suicide of a Greek telco engineer who may apparently had knowledge of the antecedent secret NSA surveillance program, in which NSA got itself *invited* by the Greek government to snoop "temporarily" [sic] during the Athens Olympics
* NSA had told the Greek government it would pack up and go home after the Athens games, but of course it was lying
* In fact, NSA continued and expanded their spying on Vodaphone Greece customers by exploiting the fact that Greek telecoms were using commercial systems with a "lawful intercept" capability which had not been used by the Greek government: NSA intruders simply quietly turned on this capability and used it to target leading Greek politicians
* Targeted phone calls were cc'd to secret NSA burner phones and then secretly conveyed back to NSAW
* Supporting documents from the Snowden trove show that NSA and GCHQ attempt to exploit lawful access protocols mandated by CALEA (US), ETSI (EU and UK), SORM (Russia) to secretly spy on their own targets in countries which use "lawful access" systems sold by E
* To exploit "lawful access" systems, NSA intercepts satellite, microwave, and fiber optic data links; in addition SSO (Special Source Operations) provides access to cables, performs "black job" burglaries, and TAO (Tailored Access Operations) performs cyberintrusions into police agency networks
* CIA has implemented its own dragnet surveillance of GSM calls in the EU, and shares the stolen information with NSA

The principle lesson for governmental and corporate "partners" of USIC: you can't trust spooks! NSA told Google, "if you give us what we want voluntarily [PRISM], we won't break into your private networks", but that was a lie. They told Greece, "let us help you ensure nothing untoward happens during the Athens games by letting us into your telco networks, and we'll shut it down as soon as the games are over", but that was a lie. There are dozens of other equally stark examples in the Snowden leaks. Spooks lie. Constantly. It's an essential element of their evil ethos. It's simply in their nature to lie. So don't trust 'em. Ever.

See

https://theintercept.com/2015/09/28/death-athens-rogue-nsa-operation/
Did a Rogue NSA Operation Cause the Death of a Greek Telecom Employee?
James Bamford
29 Sep 2015

Once again, the Snowden leaks have confirmed in detail "paranoid" suspicions expressed by well-informed observers years earlier:

http://p10.hostingprod.com/@spyblog.org.uk/blog/2006/02/vodafone_greece…
> ...
> The list of 44 surveillance targets (some of whom had more than one Vodafone phone) also includes some Arabic businessmen , as well as the Government politicians, opposition politicians and military personnel. The Sunday Times also reports the suspicious timing of the suicide of a key Vodafone employee: "As part of the government’s investigation into the scandal, the suicide of Kostas Tsalikidis, 39, Vodafone Greece’s head of network design, is being re-examined by police. Tsalikidis was found hanged in his Athens flat on the morning of March 9, 2005, two days after the ghost program had been discovered and shut down by George Koronias, the Vodafone general manager, and a day before the prime minister’s office was informed."

The lesson for American politicians is of course that anything NSA can do to Russia, China can do to the USA. NSA exploits of SORM show that Chinese cyberspies can potentially exploit any mandatory encryption backdoor system, or mandatory real-name registry, or mandatory "suspicious activity reporting" to harm US citizens, if such systems are implemented in the US.

In a second bombshell story, Ryan Gallagher confirms what privacy advocates (and sometimes spooks!) have been warning about for years: everyone is a target, everyone is an eternal suspect of past, present or future activity possibly deleterious to the interests of the ruling elite. No child is too innocent, no grandmother's emails too boring, no electronic device is too isolated to escape the interest of the modern spook. Your education, employment records, travel records, medical records, your fingerprints, voiceprint, iris scans, vein patterns, your family history, all are stolen and mined for clues. Your tweets, instant messages, emails, private messages, search logs, websurfing logs, geolocation beacons, all are being continuously monitored by agencies such as GCHQ.

The accompanying documents show that

* By May 2011 GCHQ used 1600 10 Gps bearers (taps of fiber optic cables), more than half NOT landing in the UK, each costing about 20,000 pounds and collecting on average 200 million events per day
* BLACK HOLE is a "flat storage" buffer which holds onto unanalyzed stolen data on the assumption some of it might later be useful; about 10 billion events are added every day,
* "events" include someone logging on to an ISP, sending a text message, uploading a draft email, making a call on a smart phone, getting a webpage (about 40% of the data is BLACK HOLE is of this type), etc.,
* this adds up to a lot of data; GCHQ recorded about 10^12 events from Aug 2007 to Mar 2009; BLACK HOLE sucked up about 200 GB/day in 2011
* GCHQ relies on Apache HADOOP clusters using GoogleMaps to do initial analysis and classification
* the QFDs are Oracle databases running under RedHat Enterprise Linux
* To provide data to their army of analysts, GCHQ favors QFDs (Query Focused Databases), which are huge but simply constructed databases designed to answer a very specific question ("was Ryan Gallagher on-line at 0900 GMT on 1 April 2009?"), and to use "convergence" databases to pull data from multiple databases to provide a detailed picture of a target's "pattern of life", for example presenting not only POTS calls from an old-fashioned handset but VOIP calls made using a smart phone,
* KARMA POLICE attempts to log the websurfing of everyone using the internet
* INFINITE MONKEYS attempts to maintain a database of everyone in the world who joins any webforum in the world using VBulletin, and to track their posting history; in 2007 this database was rated as one of GCHQ's best sources of intelligence
* SOCIAL ANTHROPOID (which painfully replaced several earlier systems) attempts to track all social media activity of everyone who uses Facebook or other such sites,
* SAMUEL PEPYS attempts to provide a real time diary of what everyone on the internet is doing as they do it (the example in a secret GCHQ presentation shows someone using a computer in Sweden browsing to a cryptome.org page collecting pictures of GCHQ physical infrastructure)
* MUTANT BROTH collects TDIs (target definition identifiers), e.g. internet "e-litter" by which people such as telco engineers, journalists, national and local politicians, CEOs, police officers, and environmentalists can be identified and targeted for cyberespionage,
* GCHQ logs everyone in the UK, US and other countries who listens to internet radio
* GCHQ knows how to decode Yahoo-Y-cookies (which use ROT-13 to disguise the username; insert sarcastic smiley here), but also exploits Microsoft MSUID, Facebook, and Google SID cookies to spy on everyone who encounters Yahoo, Microsoft, Facebook, or Google on line (i.e, everyone)
* TRIBAL CARNEM feasts upon Radius servers to alert analysts by email that their "target" is on-line
* MARBLED GECKO spies on everyone using Google mapping/geolocation services

It is impossible to overemphasize a key point about the latest leaked documents: these repeatedly boast about providing "population scale" access to "unselected" "content" in various types of data which an ordinary person would naturally regard as "private", such as private messages sent between users of VBulletin forums. Translation: the content of every item of data is collected and made available, regardless of whether the source or destination IP has been specifically targeted or satisfies some "selection" criterion. Everyone is a target. Everyone is continually under suspicion of possibly in future "doing something". Everyone. Your grandma, your son, teachers, academic research scientists, US federal judges. Everyone.

If the spooks get their way, in the near future your heartrate, and other personal physiological data will also be monitored in real time. Eventually, if DARPA can figure out how to remotely scan brain functioning, not even your innermost thoughts will be free from scrutiny. It is no secret that American researchers are working very hard to achieve these goals. No doubt Chinese and Russian researchers are working just as hard.

All this may seem daunting but there are reasons for optimism:

* 97% of the stolen data GCHQ passes from their buffer to long term storage is never viewed).
* Tor can help, by making the bad guys snooping more expensive, unreliable, and uncertain.
* Encryption works. (As long as you are using something substantially better than ROT13.)
* A high level GCHQ memo explains that their real fear about encryption (Google etc) is that they won't be able to spy on absolutely everyone anymore but will have to pick their targets. Reason: they can usually evade https or decrypt GSM (using stolen keys) but this is too expensive to do to absolutely everyone in the world. Currently.
* GCHQ badness follows a strict daily rhythm: analysts work during the day and batch processing is run overnight; this can be exploited.
* Another GCHQ memo states that an increasingly important goal is improving the dismal public perception of GCHQ. So they're worried.

Glenn Greenwald writes that his first shock, when he met Snowden, was how young he looked. His second was when Greenwald mentioned GCHQ and Snowden replied "Oh, they're even worse than NSA!". The GCHQ documents starkly illustrate the dangers of not having a written Constitution. In his book The Gulag Archipelago, Solzhenitsyn remarks that the USSR had a very fine Constitution; the problem was that its courts were too timorous to try to enforce it. That is why, he says, so many human rights abuses occurred in the USSR. The recent history of the USA, as revealed in NSA leaks from the Snowden trove, clearly show that the USA enjoys no magical immunity from similar abuses, for the same reason.

See

https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-use…
From Radio to Porn, British Spies Track Web Users’ Online Identities
Ryan Gallagher
25 Sep 2015

October 02, 2015

Permalink

Is Tor Project a "non-profit organization" or a "company"?

http://www.businesswire.com
Norse Appoints Andrew Lewman as First VP of Data Development
Technology Executive to Lead New Live Threat Intelligence Initiative
3 Aug 2015

"Most recently, Lewman was executive director and CEO at the Tor Project, a non-profit technology organization that provides online anonymity software tools used by over 2 million Internet users daily in more than 200 countries. In this position, he grew Tor from a three-person non-profit to a 50+ person company in eight countries with a pool of over 5000 volunteers in 89 countries."

There are a few other statements in the quoted press release which may possibly raise a few quizzical eyebrows.

October 07, 2015

Permalink

Maybe this is an old Deadhead memory cracking through here, but how about considering John Perry Barlow?

October 10, 2015

Permalink

Just Another Thought ! What I think Tor,TOR.Tor should Not worry with keeping up with the latest tec.Bio photos, Newest I-Junk, F^ Bitwatches Etc Etc, But should Just continue to keep All of OUR Inter net Safe And Private/ Secure For All Peoples. Thank You Again.

October 19, 2015

Permalink

Why has Tor Project remained silent on the most important computer security story of the year?

Tor users who have heard about Logjam probably know the problem affects their web browsing with TBB or Tails, but they need to know about a security trade off, until server admins delete the weak DHE (Diffie-Hellman key exchange) from their public key cipher suites, which are used to create and exchange session keys for symmetric ciphers which then protect the data stream between server and client.

Basically, it seems that NSA has placed Tor Browser users in a jam: either we can manually remove the weak DHE from our Tor browser cipher suite, which risks breaking perfect forward secrecy, or we can allow NSA to decrypt our traffic on the fly. Once all the world's sysadmins have fixed the cipher suites offered by their servers, we should be fine, but until then it seems Tor users may face a tough choice.

Note that this issue involves a state-sponsored global attack on "data in motion", not "data at rest". But there may also exist an exploitable and easily fixed problem with common implementations of LUKS encryption using AES (see the end of this post).

Here is some background information:

Back in 2012, James Bamford (author of three books on NSA) revealed that NSA had achieved a major breakthrough in cryptanalysis and that a key function of the enormously expensive Utah Data Center in Bluffdale, UT (plus its backup in San Antonio and additional NSA data centers now opening in other locations) is to facilitate on the fly decryption of all the world's web traffic (including banking transactions):

http://www.wired.com/2012/03/ff_nsadatacenter/all/1
The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say)
James Bamford
15 Mar 2012

> The mammoth Bluffdale center will have another important and far more secret role that until now has gone unrevealed. It is also critical, he says, for breaking codes. And code-breaking is crucial, because much of the data that the center will handle—financial information, stock transactions, business deals, foreign military and diplomatic secrets, legal documents, confidential personal communications—will be heavily encrypted. According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.”
> ..
> The breakthrough was enormous, says the former official, and soon afterward the agency pulled the shade down tight on the project, even within the intelligence community and Congress. “Only the chairman and vice chairman and the two staff directors of each intelligence committee were told about it,” he says. The reason? “They were thinking that this computing breakthrough was going to give them the ability to crack current public encryption.”

Note that as per its usual "collect it all whatever it takes" mantra, NSA did not warn those who administer the global financial system to fix their servers, they used the vulnerability of weak DHE to break (a large fraction of) all the world's encrypted data streams. These agencies have gone so far off the reservation that it seems reasonable to doubt whether the US Congress could eliminate NSA/CIA simply by defunding them, since they evidently have independent and highly lucrative sources of illicit funding.

In May 2015, a group of respected researchers including Matthew Green and Nadia Heninger revealed that NSA's breakthrough probably involves precomputing enough information about 1024 bit DHE using a small number of very widely used primes, and then exploiting software vulnerabilities to trick servers into using the weak crypto, which can then be broken to reveal the session key, after which traffic is easily decrypted "on the fly":

Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice
David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin, and Paul Zimmermann
22nd ACM Conference on Computer and Communications Security
Oct 2015

The paper was published on 13 Oct 2015 and has caused a well deserved world-wide sensation:

https://weakdh.org/
Weak Diffie-Hellman and the Logjam Attack

> Millions of HTTPS, SSH, and VPN servers all use the same prime numbers for Diffie-Hellman key exchange. Practitioners believed this was safe as long as new key exchange messages were generated for every connection. However, the first step in the number field sieve—the most efficient algorithm for breaking a Diffie-Hellman connection—is dependent only on this prime. After this first step, an attacker can quickly break individual connections.
> ...
> Breaking the single, most common 1024-bit prime used by web servers would allow passive eavesdropping on connections to 18% of the Top 1 Million HTTPS domains. A second prime would allow passive decryption of connections to 66% of VPN servers and 26% of SSH servers. A close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved such a break.

Specifically, the researchers have found that if 1024 bit Diffie-Hellman key exchange using the most commonly used primes has been broken by NSA precomputation, NSA can decrypt on the fly the following:

HTTPS — Top 1 Million Domains 17.9%
HTTPS — Browser Trusted Sites 6.6%
SSH — IPv4 Address Space 25.7%
IKEv1 (IPsec VPNs) — IPv4 Address Space 66.1%

Some of us raised the issue of rampant and needless overuse of the same small set of primes many years ago, but were ignored. It is now obvious that our fears were well founded.

So what to do? Fortunately, effective fixes are easy. The only challenge is getting every sysadmin to take a few minutes to implement the fix.

If you administer a server, this is what you need to do:

https://weakdh.org/sysadmin.html

If you use a web-browser (and since you are reading this, you probably do!) this is what you need to do:

https://www.eff.org/deeplinks/2015/10/how-to-protect-yourself-from-nsa-…
How to Protect Yourself from NSA Attacks on 1024-bit DH
Joseph Bonneau and Bill Budington
15 Oct 2015

In particular, whenever you start Tor Browser in Tails you can quickly go into about:config and toggle the weak DHE to false. If you use persistence, or use TBB running under a persistent OS, you only need do this once.

But there is a very important caveat for Tor Browser users: depending upon which servers you use, removing the weak DHE from your browser cipher suite can break perfect forward secrecy, one of the most vital elements of modern websurfing with TBB or Tails.

There is reason to hope that this time server admins will pay attention and get cracking fixing their implementations.

Everyone agrees this is a really, really important global vulnerability which affects everyone on the web:

El Reg:

http://www.theregister.co.uk/2015/10/19/nsa_crypto_breaking_theory/
Let's talk about that NSA Diffie-Hellman crack
'Logjam' crypto bug researchers expand on theory in talk
19 Oct 2015

Bruce Schneier:

https://www.schneier.com/blog/archives/2015/10/breaking_diffie.html
Breaking Diffie-Hellman with Massive Precomputation (Again)

Steve Bellovin:

https://www.cs.columbia.edu/~smb/blog//2015-10/2015-10-15.html
I'm Shocked, Shocked to Find There's Cryptanalysis Going On Here (Your plaintext, sir.)
Steve Bellovin
15 October 2015

Nicholas Weaver:

https://www.lawfareblog.com/nsa-and-weak-dh
The NSA and Weak-DH
Nicholas Weaver
15 Oct 2015

Robert Graham:

http://blog.erratasec.com/2015/10/dh-1024-in-bitcoin-terms.html#. 0
DH-1024 in Bitcoin terms
Robert Graham
16 Oct 2015

Ars:

http://arstechnica.com/security/2015/10/how-the-nsa-can-break-trillions…
How the NSA can break trillions of encrypted Web and VPN connections
Dan Goodin
15 Oct 2015

Slate:

http://www.slate.com/blogs/future_tense/2015/10/16/researchers_say_the_…
This Common Cryptography Method Is Alarmingly Vulnerable
Josephine Wolff
16 Oct 2015

Halderman and Heninger (two of the coauthors of the landmark paper):

https://freedom-to-tinker.com/blog/haldermanheninger/how-is-nsa-breakin…
How is NSA breaking so much crypto?
Alex Halderman and Nadia Heninger
14 Oct 2015

Logjam affects "data in motion". NSA, FBI, and other kleptographers also attack "data at rest", such as encrypted hard drives and USB sticks. Tails is based on Debian and thus appears to be vulnerable when you use Tails to create a LUKS encrypted partition to a problem in which someone apparently misunderstood a protocol and needlessly doubled a key, so that it appears that 512 bit LUKS encryption actually means 256 bit, i.e. 128 bits of security (see Bruce Schneier's explanation of collisions). When you create a LUKS encrypted partition on an internal hard drive during installation of Debian on a PC or laptop, you get "512 bit AES", but when you create a LUKS encrypted USB under Tails, you only get "256 bit AES", which may mean only 64 bits of security. If so, this is a problem because so many people have moved to keeping their data on USB rather than an internal hard drive. If so, when LUKS is used to encrypt terabytes of data, this could become a problem.

October 21, 2015

Permalink

Thank you for reminding me about the earlier post. Also relevant to our discussion:

https://lists.torproject.org/pipermail/tor-talk/2015-October/039319.html
How the NSA breaks Diffie-Hellmann
Nick Mathewson
21 Oct 2015

As I understand it so far

o current Tor was already immune from the malicious downgrade (first part of the attack as used by NSA)

o probably safe for a user to toggle off the weak DHE in about:config, since if I understand correctly this should not affect perfect forward secrecy in Tor circuits (but see note below), and this might offer some benefit in the last hop (exit to server)

o within a year developers expect Tor to be immunized from LOGJAM (weak DHE will be banished entirely)

I request arma to post an explainer of the issues tailored to users of Tor Browser (Bundle/Tails). My questions include:

1. In

client <==> entry <==> relay <==> guard <==> https server

users also gain from protecting the last connection; are there present/future-proof security/anonymity tradeoffs here for Tor users trying to decide whether to manually toggle off the weak DHE in about:config (as per EFF advice). If so, what are they?

2. To avoid future attacks based on state-sponsored precomputation projects, should we worry about standardizing choice of one curve for elliptic curve cryptography?

> Also you seem very confused about how XTS mode works.

Non-cryptographers frequently become confused about technical issues in cryptography, yet we have a critical need to use such technology wisely, so we could always use some helpful explanations/advice.

I presume you found fault with my concern about AES full disk encryption. Let me try to rephrase:

1. When you install Debian stable to a "almost-full" LUKS encrypted hard disk, cryptsetup assures you of 512 bit key. When you use the Tails/Debian-gnome provided disk utility to create a LUKS encrypted volume on USB or external hard drive, for some reason I don't understand, it seems that you only get a 256 bit key. Particularly in cases where the external hard drive is bigger than the disk drive, could this be a security risk? If so, any advice about a better method of creating an encrypted volume?

2. Is the LUKS standard method (AES-XTS) secure with reasonable future-proof when encrypting a multi-TB external hard drive which initially is mostly empty?

TIA.

October 21, 2015

Permalink

Whats up With Tor new s letter ??? I Miss it, as it kinda keep s me up to date, with Tor..... Miss the Bi- Monthly new s ... Thanks for all work to keep Freedom Free...

November 03, 2015

Permalink

@ Tor Project leaders:

Financial Crimes Enforcement Network is urging bankers filing SARs (Suspicious Activity Reports) to check whether any IPs seen are Tor nodes, and to include a DarkNet tag if so. See

https://publicintelligence.net/fincen-tor-cybercrime/

Note that FINCEN explicitly regards each Tor node (including non exit nodes) as a target.

(In the document, BSA means "Bank Secrecy Act". AML means "Anti-Money-Laundering".)

November 06, 2015

Permalink

One of the most important interview questions for candidates is: "How would you handle Gamergate type controversies"? Preceded by: "How much do you know about disruption tactics practiced by GCHQ and some of our other enemies?"

Case in point is the unfortunate claim by Eric Raymond described in this story:

http://www.theregister.co.uk/2015/11/06/linus_torvalds_targeted_by_hone…
Linus Torvalds targeted by honeytraps, claims Eric S. Raymond
Simon Sharwood
6 Nov 2015

Anyone who has been following leaks from agencies such as GCHQ will have had the same thought: if there is a "conspiracy" targeting the leaders of open source, the authors are not a "feminist cabal" but psychologist contractors working for agencies like GCHQ playing dirty tricks.

Take home lesson: open source projects such as Linux and Tor are gradually becoming recognized as threats to the interests of the financial/political elite. This is why every "social disruption" technique in the GCHQ playbook is being directed at our community.

How should we respond? Principally, stay calm. Think strategically and consider a range of scenarios about who might be behind troll campaigns and the possible unwanted consequences of each response being considered. In order to do this effectively, the leadership must stay informed about the latest published leaks indicating what our enemies are up to.

November 07, 2015

Permalink

A Tor user reports that a crime drama TV show confused the Tor Network with "dark web" (sometimes used as a synonym for "hidden services") or "deep web" (sometimes used as a synonym for non-intentionally public files exposed on internet connected servers):

https://lists.torproject.org/pipermail/tor-talk/2015-November/039434.ht…

My first thought was that it may be more important to protest abuses of the internet by the real NCIS. For example, "an NCIS agent in Georgia... was using a law-enforcement computer program called RoundUp to search for hashed images of child pornography on computers running the file-sharing network Gnutella", according to this story:

http://arstechnica.com/tech-policy/2014/09/court-blasts-us-navy-for-sca…
Court blasts US Navy for scanning civilians’ computers for child porn
Every Gnutella user in the state of Washington was checked by the NCIS
David Kravets
15 Sep 2014

This story deserves a followup because I believe CISA legitimizes such Posse-comitatus-violating presumption-of-guilt proceedings.

The tor-talk thread raises the question: should Tor Project organize letters to the editors to networks when their "news segments" or mass media entertainment fictional drama shows make serious misrepresentations of our community?

I think we should consider Ex Dir complaints to media watcher reporters in case of particularly ugly distortions.