Tor: 80 percent of ??? percent of 1-2 percent abusive.

by nickm | December 30, 2014

Hi, Nick here.

Roger's at 31c3, so I'll post his statement about that article you might have seen:

Tor hidden service traffic, which Dr. Gareth Owen discussed in his talk this afternooon, is only 1.5% of all Tor traffic. Tor gets about 2 million users per day total.
The researcher ran a set of Tor relays for a six month period, and recorded how many times somebody attempted to look up a hidden service (this lookup is one of the steps in visiting a hidden service). Then at the end of that period, he scanned the hidden services he'd learned about, to find out what sort of content was on them.

Dr. Owen's data shows that there's a lot of churn in hidden services, so nearly all of the sites were gone by the time he did these scans. His graphs only show data about the sites that were still up many months later: so his data could either show a lot of people visiting abuse-related hidden services, or it could simply show that abuse-related hidden services are more long-lived than others. We can't tell from the data.

Without knowing how many sites disappeared before he got around to looking at them, it's impossible to know what percentage of fetches went to abuse sites.

There are important uses for hidden services, such as when human rights activists use them to access Facebook or to blog anonymously. These uses for hidden services are new and have great potential.

PS: Law enforcement agencies use Tor to stay anonymous while they catch bad guys. Law enforcement agencies use and run hidden services, too.

More info to follow.

Comments

Please note that the comment area below has been archived.

FWIW, the cited percentages refer to the number of look-ups, not to the number of sites. These are two different things: It's possible for a small number of sites to be looked up frequently, or for a large number of sites to be looked up infrequently. Also, there isn't necessarily a one to one correspondence between look-ups and requests.

The total counts in Dr. Owen's presentation were about all hidden services, not just web sites. His two slides with categorizations of hidden web sites (in existence, of which abuse sites were a small percentage, and lookups for them, of which they were the majority) only listed percentages and not the actual total. It would be good to know the total number of web sites that his percentages are about.

Other researchers have estimated that the number of long-lived child abuse sites is very low, certainly a two digit number.

I don't believe long-lived hidden services are currently safe against a powerful nation state adversary, so it seems quite likely to me and others I've talked to that child protection agencies could have deanonymized these services if they wanted to but instead they've found that their existence makes it easier to find and prosecute the producers and consumers of the content.

It seems unknowable what portion of these lookups are child abusers vs how many are crawlers, but it is certainly known that there are many law enforcement agencies that regularly crawl these sites.

>It seems unknowable what portion of these lookups are child abusers vs how many are crawlers
Are there really that many child abusers there? From what I know, the majority only share pictures that they found elsewhere and the child abusers (producers) tend to not share on Tor and only share with friends.

I'm really disappointed with the tor project about this blog post. I watched the talk and the doctor was completely straight on what the figures meant and if the media misrepresent it that's not his fault. you criticise for crawling at the end of the study, but if he began crawling at the beginniing he would have had 90% of hidden services which weren't up concurrently and then 10% which were up the whole time so the numbers would be completely meaningless. crawling at the end he has tried to take a snapshot which is much more meaningful as presumably he felt this was best given the high churn. shame tor project... especially after the stuff about harassing andrea... for the tor project to turn around and do this to a researcher who was perfectly clear is hypocritical.

Well, I'm not happy with the situation either. I also saw Gareth's talk and I liked it.

The underlying problem is that there were some journalists who basically wrote their article before he gave his talk -- and they asked us for a quote before he gave his talk too, and without showing us the article or the context. It's tough to get useful facts out in that situation.

That said, I don't think the quote in this blog post is something to be ashamed of or hypocritical. I think it really is the case that there's a lot more work remaining to interpret these numbers and results correctly. That's why I had that long discussion with Gareth earlier in the Congress to make sure he didn't misrepresent things. It's a shame that some of the journalists were not so interested in that discussion.

But even *that* said, some of the journalists explained the situation just fine. What bugs me is that these sorts of things get translated into "80% of Tor traffic is child porn", which is a nonsense conclusion and flat-out wrong, but that indeed was one of the discussions in the Persian Tor community yesterday. So we weren't (and aren't) trying to attack Gareth here, but we are trying to help other listeners avoid wildly wrong conclusions.

I can see why you would want that. I think Nick's original plan here was to give you a response if you were coming to the blog looking for one, but otherwise not bother you with an article that you didn't need to learn about. A tricky balance to be sure.

December 30, 2014

Permalink

1.5% of *all* Tor traffic, sure. But the study points exclusively to *hidden service* traffic. Conflating hidden service traffic with all Tor traffic isn't a solid explanation. The study still largely holds if we look only at hidden service traffic, albeit some edge cases.

December 30, 2014

Permalink

I see that this site uses 256 bit encryption.
That's not secure enough.
4096 bit encryption is a lot more secure.
This website should use 4096 bit encryption, not the easily breakable 256 bit encryption.
The NSA can't break 4096 bit encryption at the moment.

I think you are deeply confused. 4096 bit is asymmetric encryption, whereas 256 bit is symmetric encryption. They are different beasts. Maybe Wikipedia should be your next stop. :)

Please don't discuss things you don't understand.

The symmetric encryption is 128-bits which is unbreakable. De asymmetric encryption is 2048-bits, which is also strong enough.

You're confusing RSA (asymmetric encryption) with symmetric cryptography, which have different uses. RSA keys are much larger (like the 4096-bit keys) than symmetric keys because there are more effective ways to search for possible private RSA keys than there are for AES keys. So a 256-bit RSA key is very weak, while, in order to obtain an AES-256 key, you have 2^256 possible keys to search through, something all the computing power in the world couldn't come remotely close to doing by the time all stars in the universe die out.

December 30, 2014

Permalink

The statistics provided does not take into account how child protection agencies works. They do continuous crawling in websites on the internet (where there are hundreds of "abuse sites") and also in the Tor darket (where i counted less than 13 sites). They do that to collect child images, archive it in databases, process it and share with law enforcement. Assuming that in every western country (let's say 25 countries) there is one child protection agencies doing this crawling job with automated software 24 hours a day, that's *much likely* what generated the statistical spike in the graph made in the research being commented in this post.

This is what trigger the many requests for the TorHS descriptors, that's triggering all of those speculations with associated media hype.

Due to that anomaly, the claim that 80% of TorHs traffic goes to CP sites is just wrong.

Hope that help people reflect before jumping on a possibly unverified claim.

Fabio Pietrosanti (naif)

The statistics provided does not take into account how child protection agencies works. They do continuous crawling in websites on the internet (where there are hundreds of "abuse sites") and also in the Tor darket (where i counted less than 13 sites).

Do you have any reliable references that state that law enforcement agencies regularly crawl child abuse sites, or are you just speculating? (It's certainly plausible.)

Would regular crawling generate lots of directory look-ups? (wouldn't Tor cache the result between crawls?)

Those are not speculations, read the Italian CNCPO (Italian Police Department on Online Child Exploitation Protection) Slides teaching how do they does monitoring, blacklisting and sharing with other Law Enforcements:
http://www.scuolamagistratura.it/component/phocadownload/category/241-f…

That's something done by every Child Protection Agency and i'm VERY CONFIDENT that this is the reason behind the spike of traffic saw by that researcher on the "CP sites"

Fabio Pietrosanti (naif)

Thanks for your reply, this was the kind of answer I was looking for. (I'm sorry, I wrote my question before I saw the video of the talk, which contains part of the answer).

However, in order to attribute the high percentage of abuse sites to law enforcement crawling, wouldn't you also have to assume that law enforcement don't perform that kind of crawling with respect to other illegal material (sites selling drugs etc.), at least not in the same volume?

naif is one of the people running tor2web.org, which complies with all legal censorship orders, and thus he is in communication with these agencies. dude knows what he's talking about.

if running a tor exit isn't exciting enough for you, try running a tor2web node :)

(thanks for doing it, naif!)

December 31, 2014

Permalink

Why not scrap hidden services? 1.5% percent isn't many users. That 1% brings negative attention.

We do think about that option periodically.

There was somebody on this blog earlier who pointed out that anonymous interaction with websites is great for the world, whereas anonymous publishing is horrible for the world. I can see his perspective, but I also worry that he's being short-sighted.

The main reason I still want to give hidden services a fair shot is that they are very early in their development. A preliminary study from September showed that hidden service traffic is something like 1% of overall Tor traffic, meaning the vast majority of Tor use is by people who use it to get privacy while reaching normal websites or other services. There are some really compelling use cases for onion services, like Facebook's onion site that provides a more secure way to reach Facebook, or peer-to-peer chat systems where every user is their own onion site so there's no central point to track the users, or activist blogs that are beyond the reach of traditional denial of service attacks. But we need to keep improving performance, consistency, and ease-of-use if we want to get beyond the very early adopters and see these use cases take off.

December 31, 2014

In reply to arma

Permalink

You took that idiotic comment seriously? You really disappoint me, Roger.

And I've now taken yours seriously too -- I'm afraid that my sense of humor has been beaten out of me by hearing earnest people asking the same questions over and over. :)

December 31, 2014

In reply to arma

Permalink

The idea that anonymous publishing is horrible is ridiculous. Some of the greatest works of literature were published anonymously. All the work now credited to Johnathon Swift was published anonymously. All the Federalists papers now credited to James Madison were published under a pseudonym. People who claim that anonymous publishing is horrible are simply ignorant of history and I don't think such people should be given any credence with weak responses like "I can see his perceptive." His perspective is based on either ignorance or lies.

Philosophically I support hidden services. One reason is because whatever the use case is now its not possible to predict when a use case will arise later on. It's worth remembering that The Boston Tea Party, the original one, took place at night by British subversives disguised in American Indian costumes. They did everything they could do to disguise their identity from the British authorities. It irks me that all these conversations around privacy and anonymity and stuff which is hidden or secret assumes subconsciously that it's all NEW. It's not new. Anonymous publishing has been around as long as the printing press and the not only has the world not fallen apart because of it much of the world we know today wouldn't exist without it.

Yes.

Briefly, tor is an anonimity tool that can work as an anti-censorship tool. If publisher A wants to communicate with audience B, censorship happens if at least one of the following can occur: A is rounded up; B is rounded up; A and B have their communications medium blocked. The medium may be hard to block, and there may be many anonymous Bs, but a censor gains with least effort by rounding up A if A publishes nonymously.

QED?

-- Straggler

January 01, 2015

In reply to arma

Permalink

I'm rather shocked to read that anyone is considering scrapping hidden services.

To me, hidden services mean just so much more than just having a couple of websites available that aren't on the main web. The idea of addressing other participants by a public key hash is the very countermodel to the feudalistic world of registered, centralized IP addresses and DNS. There are now people who rely on hidden services for everything from hidden VPNs to decentral peer to peer communication, as well as more or less anonymous publication. If this component were to be removed, if it were only good for connecting to some public IP addresses, tor would simply lose much of its relevance.

When you take away vital infrastructure from *everyone* just because some (admittedly hellish, but infinitely much more of them are also found outside the hidden service system ...) jerks routinely misuse it, social problems do not disappear, you just create new social problems. You should know this best of all.

January 01, 2015

In reply to arma

Permalink

We do think about that option periodically.

Maybe what you should mean (for public relations) is that you have to think about that option periodically because of lack of resources. You did say tor needs further and more independent help and funding, and the struggle to improve hidden services is a reason you can cite.

Yet the lack of HS popularity/appropriateness implied might make people think HSs should be abandoned. That is the wrong conclusion. In the relatively free states, it may be the case now that HSs have perhaps few niche cases apart from the more unsavoury ones, compared to those states where the need is more obvious.

Despite recent events, we still have (relatively good) free speech. If push comes to shove though, there will come to be a strong need to have HSs for anonymous publishing.

If that happens, we'll need HSs to be extremely reliable in security, and that only really happens after a long period of wide-ranging development and testing, in the field. We'd better have that done sooner rather than later, because waiting until we need it may be too late.

In the meantime, such a 'perfected' HS technology would serve as a deterrent to state oppression (I would hope).

-- Straggler

January 04, 2015

In reply to arma

Permalink

There was somebody on this blog earlier who pointed out that anonymous interaction with websites is great for the world, whereas anonymous publishing is horrible for the world. I can see his perspective...

Not exactly the sort of thing I want to be reading from a lead Tor dev...

...but I also worry that he's being short-sighted.

Oh thank goodness! I fully agree with arma about giving hidden services the chance they deserve. The functionality is already useful (despite being early stage) but more importantly, looking forwards, I can envisage a not-too-distant future where it will be absolutely indispensable.

No doubt, hidden services have been a thorn in Tor's side at times - especially when disingenuous politicians try to seize upon them as the reason why none of us can be trusted with anonymity and we all need to be protected from the big bad internet. Off-topic, but these are generally the same politicians who remember the Great War and think an "internet" is some kind of shared domicile for arachnids.

Anyway, a lot of the other comments sum it up very well but consider it this way - paraphrasing the quote above:

anonymous interaction with websites is great for the world, whereas anonymous publishing is horrible for the world

I think I see what the original poster was getting at, sort of. Anonymous website interaction certainly is great for the world, it has granted new freedoms (especially freedom of speech) to a huge number of people who have never been afforded such luxuries. It has finally given them the chance to be heard - often via blog sites, Facebook, Twitter and other such platforms. However, that is only because those platforms already exist and are not in (direct) collusion with the oppressive regimes that are so desperate to stifle their citizens' free speech.

What if those services didn't exist? I know it's a big "what if" because they're deeply entrenched in modern society, but you have to think bigger picture. These are third-party services over which we have no control, no real oversight, no idea of what sort deals they've struck with various governments, the list goes on. And most of them didn't even exist 10 years ago; tech travels fast, who knows where they may be in another 10 years?

Being able to use third-party websites anonymously is all well and good but it's blatantly obvious where the weak link is. Companies like Twitter and Facebook were not born of altruism and don't exist to ease the plight of the persecuted - they exist to make money. And as Snowden has shown, many of these companies have proven links to the security services of their home countries who in turn work in close unison with the security services of their allies. I think it's fair to say there are some trust issues here.

I'm sure some would argue that this is conspiracist hyperbole and, well, maybe it is! But the fact remains that any sort of reliance on unaccountable, third-party, for-profit companies with their own agendas is a clear weak-point in the concept of "allow anonymous website use but prevent anonymous publishing". Hidden services remove that reliance entirely and provide the backbone for anonymous publishing without third-party interference of any sort.

Hidden services need a chance, now more than ever. Governments the world over are demonstrating a renewed vigor to tighten their stranglehold on the internet - more legislation, more surveillance, more collusion (i.e. private enterprise being compelled under threat of law asked politely to cooperate etc) - in other words, things are not getting better. This is no time to be ditching a powerful anonymised publishing mechanism due to a small proportion of people who deliberately misuse it to facilitate activities that are illegal in their jurisdiction.

It doesn't need to be said but what the hell: misuse is an unavoidable fact of life. Every single thing in this world can (and probably will) be misused by a small minority - a rock is a murder weapon if you want it to be, no modification required, it doesn't even take any training to use it. It's easier to use than a gun when you look at it that way. And despite the relative ease of acquiring a gun in the States, it pales in comparison to finding a rock. Quite literally, you can pick up rocks (primed and murder-ready) straight off the goddamn ground!!! Hundreds of the things, thousands, all over the place, just ready and waiting to engage in some brutal blood-letting... won't someone think of the children?!

In all seriousness, I quite understand that hidden services can be a major headache (and a frustrating distraction) for the Tor project but, in my personal opinion, it's a headache that will ultimately be worth bearing out. My guess is that within 5 years or so we'll start to see a very significant rise in entirely legitimate hidden services along with sensible usage, i.e. more "real" use and less curiosity bounces. And (as much as I hate to think about it) I don't believe it will be that long before this sort of mechanism is the only way to safely publish anything outside of the watchful eye of your government. I suppose that's not a problem if you implicitly trust your government and the ever-fallible human beings that run it. For everyone else, I suggest you donate to Tor and pray to any Gods you may have.

Damn, I only just realised how long this comment turned out. I expect most folk will skip right over it so if you've got this far, well done! Thanks very much for reading and have a great day!

--Anonymous

You do understand that cryptographic Free Software such as Tor is - thankfully - incompatible with your world view, and that of the person who did this so-called research and his ilk? If you're scared of negative attention, Tor is not for you. It is and has always been expected that some idiots will dislike our software and what it - by design - does. I can't stress this strongly enough: We Don't Care. And we will not be pushed into pretending to care.

It's not a question of quantity, tor would be qualitatively the worse if it hadn't them. I think they are a step in the right direction, our of whole populations being owned by an overbearing state power at every step they take electronically.

These days, you can use hidden services instead of a static IP or a phone number or someone else's server so people can reach you.

On the other hand, some idiots misuse them in criminal ways. The crime itself happens offline, and no one denies detectives the option to conducting covert investigations against these criminals either, unmasking them and bringing them to justice.

It is imperative at this junction in history not to let a bunch of bastards ruin the promise of an uncensored internet. We mustn't fall for that! This would be a lame excuse indeed for allowing the descent into the global electronic police state run its course.

And the interpretation of the figures is doubtful: please also look at some of the other responses for alternative plausible explanations. And then, even if the figures could be taken at face value, it is unreasonable to expect the relative prevalence of truly criminal websites not to plummet rapidly once the potential of hidden services is realized by many normal people for everyday purposes (as well as subversive), using easy-to-use software.

And remember: the evil guys will be able to do what they are doing, long after everyone else is deprived of all the tools that "benefit only X", X = bogeymen-du-jour.

December 31, 2014

Permalink

I will not claim to be an expert on hidden services... but if you are accessing FB through a hidden service, is that not an oxymoron?
If you have the need to be "hidden" from anything, perhaps you should reconsider using the internet at all?!

December 31, 2014

Permalink

There is a much more thorough post by Nick now :
https://blog.torproject.org/blog/some-thoughts-hidden-services

There are numerous law enforcement agencies that scan abuse related hidden services regularly, which inflates the number of requests since their scanning software wouldn't cache lookups. In the real world, criminals are caught through their opsec failures, one category of which law enforcement detects by frequent scanning.

this is a good point. statistics that look obvious can be hard to interpret correctly ... would be really nice if someone could put together a research paper exonerating hidden services. whatever the true answer is, the problem is obviously with nasty people, not an inherently bad technology.

these nasty people should be in the crosshairs of law enforcement (and they are), not our infrastructure.

December 31, 2014

Permalink

PS. Pedophiles also use TOR. Don't forget that, maybe if you guys would have made a post against child abusers and pedophiles, along with the one against online harassment maybe people will see TOR in a better light. Let the personal attacks against this poster start. PS. Please none of that shit that I'm using TOR too, I'm not giving money to them.

December 31, 2014

Permalink

Hidden Services have the potential to empower normal users.
They are the other side of the coin, one side anonymous browsing, the other side anonymous publishing. You can write about your thoughts, problems and experiences without the risk of being marked for general derision and degration in your community for the rest of your life. I see this value close to the recently given right to have ones harmful search results removed from search engines.

If generation facebook 2.0 wise up they might have their personal stuff on personal web servers on onion addresses.

December 31, 2014

Permalink

People seem to be assuming that lots of directory look-ups for a given hidden service = lots of visits.

Is it possible/plausible that the directory look-ups might be generated by modified tor clients as part of some kind of attack?

December 31, 2014

Permalink

Is there a link to Dr. Gareth Owen's research (or the CCC video) somewhere?

December 31, 2014

Permalink

while I agree with having a anonymous under ground. I would like to ask each of the folks who administer it. If you have children or know someone who has? If so then do you feel it is ok for these people (I use that word loosely) to have the right to use these sites. As admins then I feel it is your job to police these folks. I know that is not what freedom is all about, but I feel we have to draw the line somewhere. I have not some of these sick folks who, in my opinion were not worth the time of day. I made sure they knew how I felt. As I said it is my opinion and we all have one. Sorry to put this on the admins and I know you have better things to do with your lives, but if we are to keep these site anonymous then we need some policing..
thanks

The classic police work and investigation has had lots of success with the drug markets, Law Enforcement should apply the same techniques to all criminals online. Including those that are abusing children.

Admins are not in a position to censor the data that flows in the network. This is the difference between privacy by design, vs. privacy by policy. People make mistakes, and that's how they get caught!

That shouldn't be possible. The developers want to deliberately design tor to operate out of their control. No back doors, no turnkey, no direction of purpose apart from that stated. They are not 'admins' in the sense I suspect you think.

There are other ways to counter these sites (if I'm right in thinking that's what you want) that don't involve tinkering with the design of tor, though can use tor operationally. If I may suggest a couple:

The first is (should be!) the obvious one. These people need access to children directly to make this kind of pornography in the first place. That will always be the weak point for them. That is where awareness, local knowledge and tip offs would work. None of that means redesigning tor, yet anonymous tip offs via tor can help your local LEA!

The second is more of a 'vote with your feet' or 'free market forces' kind. Let's suppose that it is right that the vast majority of people oppose these CP hidden sites and wish for them to not exist. Why not let them use tor to access these sites and ... oh, I don't know, post millions of letters of disgust, pictures of fluffy kittens, cookie recipes, or otherwise somehow DDoS them, whatever. Is that democracy or censorship? I don't know, but at least it's not centralised and it doesn't involve tor admins or redesigns.

Unfortunately, it is generally illegal for some years now to access such as site, so we're not allowed to do that.

-- Straggler

while I agree with having a anonymous under ground. I would like to ask each of the folks who administer it. If you have children or know someone who has?

Yep, two girls, 8 and 10.

If so then do you feel it is ok for these people (I use that word loosely) to have the right to use these sites.

Not sure what you mean. Nobody has the "right" to view child pornography if it's illegal in their jurisdiction. In fact, the exact opposite is true - they're committing a crime and can be punished accordingly. You seem to be implying that because it's technically possible for Tor's hidden services to facilitate certain crimes, then all Tor users somehow have the "right" to commit those crimes. That's not how the law works anywhere that I'm aware of - a crime is a crime, it doesn't matter what tools you use. But do please let me know if you're aware of any legal system where having the mere ability to commit a crime grants you the right to commit it - that would be a very interesting place!

That was probably just a language thing but I wanted to be clear that Tor does not grant or revoke any "rights" to any person - if it's illegal then it's illegal. If it's illegal but you happen to be doing it through Tor then it's still illegal.

I think what you're really asking is "do you feel it is ok for these people to have the ability to use these sites". Well, as the father of two pre-teen girls I can categorically say YES. Here's just a few reasons why:

1. It's not possible to effectively control who can and cannot access Tor - that's the point! If Pedo Pete can be barred then so can Dissident Dave and Refugee Ralph. Tor was designed precisely so that no one person, organisation, government or anything else can impose targeted restrictions. That includes the Tor Project developers themselves. For Tor to do its job, that's just how it has to be. And Tor has a very important job to do, far too important to imperil it due to a tiny proportion of perverts.

2. I don't believe my girls are at any greater risk of abuse due to the existence of Tor. The knowledge that a small minority of people use Tor to view child porn doesn't change that. Find me one shred of evidence to suggest that access to Tor increases one's propensity to rape children and I'll reconsider my position.

3. To be frank, I don't care what they access via Tor in the privacy of their own homes, at all. Whilst I may abhor what they're looking at or doing, I would much prefer them to be doing it in their basement rather than the local playground.

As admins then I feel it is your job to police these folks

It just isn't possible to "police these folks" with Tor because that's the point! The infrastructure is very carefully and deliberately designed so that no one person/org/gov can unilaterally impose control over it. And that's how Tor needs to be otherwise it wouldn't be able to do its job.

You say "As admins then I feel it is your job..." but there's no such thing as Tor "admins". No one person has greater control than another - because that's the point. Even the Tor Project and its developers are not "admins" over the Tor network, they have exactly the same amount of control as any other user in Tor land - because that's the point. So no, it isn't possible to "police these folks" because there are no police, only equals - and that's the point.

As for folks like me who run relays (the servers through which Tor data passes on its journey between the sender and recipient), we couldn't police it even if we wanted to. Of course, if we did want to police it then we probably wouldn't be contributing bandwidth and hardware to an anti-censorship anonymity tool in the first place. But even if we wanted to, it's not possible - because that's the point. We just shove encrypted packets of data around; we don't know where it's come from, we don't know where it's going and we don't know what's in it - because that's the point.

I understand your concerns but the simple fact of the matter is that you can't impose control on a system that has been designed from the ground up to be resistant to imposition of control. But, I'll say it again, that's just how it has to be for Tor to do its job. And its job is so important that if it means a few pervs get slightly easier access to some nasty porn, so be it. It's an unpalatable situation but it's also an unavoidable one and, to be frank, utterly trivial in light of all the good that Tor does.

>while I agree with having a anonymous under ground. I would like to ask each of the folks who administer it. If you have children or know someone who has?
I administer a hidden service and a tor relay if that counts. I have two children, a boy and girl (9 and 7 respectively). As others have said, I would rather pedophiles (both dangerous and harmless ones) have access to a free and open internet. I see no evidence that they are paying for kidnapping and rape or whatever else the stereotypes are. The way I see it, they're a bunch of people who's sexuality is incompatible with modern ethics if acted out. Having access to reshared images 1) spread evidence around, and 2) act as a catharsis. To be honest, I feel much more worried about my children knowing that there are hundreds of thousands of people who have no way to express their sexuality without breaking the law, and knowing that them attacking my children will gain them less time in prison than having a few gigabytes of bulk-downloaded porn.

December 31, 2014

Permalink

the discussion that should result from this research is "why does such huge number of people want to access these websites, given consequence free opportunity?"

however this discussion is certainly not going to get started, least of all by tor. so tor will instead have to answer questions about why it enabling these websites (as if it is a technical problem), children and adults will still have their lives wrecked for no reason, and human society will keep to its backwards march.

the discussion that should result from this research is "why does such huge number of people want to access these websites, given consequence free opportunity?"
however this discussion is certainly not going to get started, least of all by tor.

Not true, actually. That discussion did occur on this website in https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-…. Just beyond halfway down, search for "jailbait".

I fear to imply you mean "what if paedophilia is ... natural?!", because it's such a 'dangerous' question these days. Let's just say that I originated the question, for your safety! Paedophiles are believed by most to be a small minority, yet many complain that, these days, they seem to be everywhere. What if many people are actually secret paedophiles? What if they make up more than 51% of the population? What if we're actually supposed* to be like the bonobos,** who practice adult-infant sex naturally?

I think the easiest way to bypass the exhaustingness of this debate is to consider the harm - the pain, the hurt, the deception, the violence, it's that which is abuse - rather than questions about e.g. age of consent or nature of jailbait. As far as I know, bonobos do not practice adult-infant sex violently.

The main problem for law enforcement is that this conflation overloads the law enforcement agencies. Their time is wasted pursuing enquiries about e.g. some teenager being inappropriately photographed rather than focussing on the manufacturers of the really serious abuse.

For all of this, the problem is not really with tor, it is somewhere else.

-- Straggler

* No, I do not know if this is the case.

** I'm not going to explain what a bonobo is here, I'm just going to wait for someone to demand why all bonobos haven't been arrested and put in jail already.

December 31, 2014

Permalink

It is the inevitable bias of mainstream media and traditional government against Tor, that most things will be spun into the most negative way.

Another graph from this study seems to say those ~80% of visits were to only ~2% of .onion web sites in the sample. If it really turns out to be accurate, the most positive response I can think of is to regularly use and promote the most desirable (news, chat, mail, wiki, blog) sites from the other 98%, until usage patterns are measurably consistent with the regular Web*.

But acheiving and confirming that in a follow-up study, would not make for sensational news or useful propaganda, so probably not result in Tor being exhonorated in mainstream media.

* I wonder what might be the percentage of content falling into undesirable categories on Facebook, for example. Probably more than they would want to admit.

-- s

It's not that inevitable, I hope! Mainstream media usually goes for a sensationalist aspect. Governments start from a position of ignorance and incompetence*. It's not usually spin, really, just attitude. As that's the case, this is bias that can be eroded by plugging away with good publicity. As an example, I like this: www.theoatmeal.com/blog/net_neutrality.

I use tor now for everything that I used to do in the clearnet. That doesn't involve hidden services, but I think in the future I'd like to see HSs form a peer-to-peer network which will replace using e-mail for one-to-one/many correspondence.

Part of the UK Govt recently 'slammed' Facebook for being a 'safe haven for terrorists'. That seems spin-like to me. Facebook (and other social networks) suffer from a lot of trolling. So yes, other things apart from tor also have troubles.

Yet, tor is sometimes used in these things, and it'll get preferential blame, but are those things really tor's fault?

-- Straggler

* Everyone does, by the way!

January 01, 2015

Permalink

The fact that people uses TOR to mostly surf the clearnet is in fact a bit worrisome too since per Snowden talks and papers the NSA can as well correlate browsing habits. Besides, there is not a clear boundary between reader and publisher in TOR, since one can be both in the same TOR session, for instance when one publish opinions or information on a hidden forum board.

On the other hand, there is a distinctive lack of diversity and/or critical mass in hidden services. CP is used as an excuse by democratic goverments to target other far less questionable but yet ilegal activities happening in the TOR network, like some forms of polical activism, crytonanarquism, drugs use, hacktivism, etc. In fact I tend to believe that democratic goverments are afraid not that people use TOR for ilegal matters but that people use TOR just to escape social control.

January 01, 2015

Permalink

So 80% of traffic from 2% of sites? Looks like the tor project is engaging in silly minimisation of the message here and it makes the project look really bad. Why not come out in solidarity against child abuse data rather than trying to find tiny holes in the research - the criticism doesn't seem to stand up!

Sometimes I really do despair, you had the opportunity to deal with the media in a way that you do not support this content but instead you look like "well, it's actually slightly less paedophiles than the media claimed so we don't have to worry"

I despair that people immediately think it's a bad thing that people are finding a way to release sick desires by sharing premade images online. I would far rather some sicko get his kicks with pictures on the internet than with my own two kids.

January 01, 2015

Permalink

Anonymous publishing exists anyway! Technically we don't require HS in Tor for that, and anon publishing is a very good thing..

However I think hidden services are really interesting and definitely please keep working on them. At worst it could be split off as a separate project, but I do think it's a very valuable asset.

While some of the content on these hs's are marketplaces, dodgy pornography and so on, there is a potential for something really cool there.

What I have seen of hs's reminds me a lot of the early days of the internet. It's full of possibilities.

So far though HSs seem to be the least robust aspect of Tor, and there are stories we read of determined adversaries being able to do some damage to deanonymize users or publishers. But I imagine because of the potential nature of the bandwidth used HS are never going to enjoy perfect security... unless Tor traffic itself can be successfully anonymized and all made to look identical which I would imagine is not easy without enormous overhead and large changes to the protocol.

January 01, 2015

Permalink

Do we want a society where the government agents have total surveillance capabilities? Such totalitarian control of any social institution or society is opposed to the very concept of freedom that western societies espouse. As it is, the government has way more surveillance capabilities over the internet than it does in every day life. As someone else pointed out, window shades allow for criminal activity to occur. People plan nefarious activities behind closed doors. People carry materials that can harm a population inside of containers that cannot be seen through. People have been using the shadows to hide for eons.

Yet who wants to get rid of window shades, or closed doors, containers, or shadows? Or any other structures where people can participate in questionable activities. All of these things also provide beneficial uses for society. Window shades provide privacy, closed doors provide security, containers provide convenience, shadows can provide a way to evade danger.

Perhaps one child or 100 children might be saved by putting cameras in every room of everyone's house, but is that the world we want to live in? I'm concerned about whether the people watching those cameras might not themselves use them for their own nefarious purposes. Think the watchers are saints? History says otherwise. The world is not just divided into good guys and bad guys, but rather many people with many agendas that can potentially have many varying effects.

That kind of totalitarian control allows the government way more absolute power to be used in an absolutely corrupt manner. History tells us this over and over, yet people continue to cede freedom to governments in the name of feeling safe, not considering how it might all go very wrong, usually until it is too late.

So yes, I favor improving hidden services because they represent an effort at being a bastion of freedom. One of the few efforts I have seen up to this point online.

January 01, 2015

Permalink

It is now legal for the US law enforcement folks to seize an illegal site and keep it up as a honeypot -- a sting site for entrapment purposes -- for an arbitrary amount of time. I can totally see some of these sites being sting operations from US or other authorities. That would also explain the stability. Distasteful -- I hope they pull a decent yield from their entrapment efforts, if so.

Note that the research doesn't show that there are a large number of abuse sites, but rather that there are a large number of requests (directory lookups) for a small number of sites.

January 02, 2015

Permalink

Please I have a question. What's the difference between accessing Facebook over Tor and accessing Facebook's hidden service? From what I get, hidden services tend to protect publishing; protection of privacy and anti-censorship of the viewer are reasonably guaranteed by appropriate use of Tor. And given the 'announcement' and subsequent 'appraisal', I want to understand it well.

Also, I admire arma and respect him/her so much. But in the post on https://blog.torproject.org/blog/facebook-hidden-services-and-https-cer…, where the writer cites the birthday paradox/attack, does not that tell us that the hash is insecure? And can be cracked? While I understand that it is the hash if a PUBLIC key, doesn't that mean it would not be long before someone figures out two public keys with same hash and then we would have some humor in the Tor community, if you get me?
Please I just want to learn. Thank you

January 03, 2015

Permalink

Here's a conspiracy theory for you:

A four-letter agency is opposed to the Tor Project's aims of enabling ordinary people to communicate securely and anonymously. Said agency performs blanket internet surveillance, and targeted surveillance of academics working in the security/privacy community.

Through these means, the agency learns that a researcher in Portsmouth plans to measure the amount of traffic various hidden services by counting the number of directory requests for these services.

Knowing that child abuse is an emotive subject, they use modified Tor client software to flood the Tor network with directory requests for a handful of known hidden services serving child abuse content in the time frame in which the researcher is conducting his measurements.

As expected, the researcher's measurements show that in the time frame in which he conducted his research, over 80% of the directory requests were for child abuse content.

The researcher publishes his results, and the resulting media coverage strengthens the perception among politicians and the general public that Tor is used primarily by criminals and paedophiles, thereby preparing the ground for political measures targeting Tor.

Mission accomplished.