phobos's blog

Stockholm Internet Forum Trip Report and Clarifications

The quick trip report

I spent the past week in Sweden for the Stockholm Internet Forum1, to meet up with our funders at Sida2, and to meet some activists looking for help and advice for their cause back in their home countries. Overall, it was a great trip. The Biståndsminister (Minister for Development)3, Gunilla Carlsson, specifically named Tor in her speech as a project she is proud to support and fund.

In the afternoon, I gave a Tor talk to support DFRI 4. The room was in a different building, way in back, with few signs to direct you to it. Hanna from dfri went out to grab people. In a short while, the room was packed, with people standing in the back and people sitting in the window seats. I would say roughly 35 people came and left during the session. I purposely did a quick 30 minute tor talk to leave time for questions. There were lots of questions, most about how to help and improve tor. The TeliaSonera5 people were interested in the intersection of Tor and the EU Data Retention Directive being implemented in Sweden on May 1. I'm not sure if TeliaSonera is for or against data retention. Frank La Rue6, Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, was in the room for most of the talk too.

Misconceptions around Tor

Many Europeans thought we were a Swedish company already and were generally surprised to hear we are from the States. The Latin Americans and Middle East people are cautiously supportive of Tor. I kept running into misconceptions about Tor, the charity, the software, and if we're humans or not. Hopefully this post will clear up these misconceptions.

  1. Tor was not started by the US Navy. The US Naval Research Labs (NRL) started a project in the 1990s called onion routing7. Tor uses the basic onion routing principles and applies them to the Internet. The volunteer Tor group started in 2001. The formal charity, The Tor Project, started in 2006. We continue to work with Dr. Paul Syverson from NRL on improving onion routing and therefore Tor.
  2. The goal of Tor is to give you control over your identity and privacy on the Internet. An equal goal is to enable research into anonymous communications on the Internet. We try very hard to make you anonymous by default. With this anonymity, it is up to you where you go, what you do, and what information about yourself you divulge. The goal is that you are in control.
  3. In 2011, Tor received a total of $1.3 million in funding from a few sources: Internews, The Broadcasting Board of Governers, Sida, SRI International, and roughly 700 individual donors. Our forthcoming audit will show the funding and how we spent it. People seem to think Tor is a massive operation with hundreds of millions in funding. We publish our audit reports and financial statements every year after our audit is complete8.
  4. Tor has a paid staff of 13 people. 10 of the 13 are developers and researchers. We have a part-time CFO, a marketing/policy person, and an Executive Director. We rely heavily on thousands of volunteers. We care a great deal about our community. Our core people9 are the most dedicated to improving Tor and have contributed greatly to the cause. We are currently looking to make this 14 people by hiring a dedicated developer10.
  5. We are human. Each of us involved is generally public about who we are and what we do for Tor. As we're only 13 people, we cannot be everywhere at once. We spend very, very little on marketing and advertising. A few of us, namely Roger, Jacob, Andrew, and Karen, do the bulk of public speaking. You can see various videos of our talks, lectures, and speeches in our media archive11.

Overall, the trip to Sweden was successful. And I hope these five points clarify who and what is Tor.

March 2012 Progress Report

Our progress report for March 2012 is now available. Highlights include lots and lots of metrics work, bridge infrastructure work, new tor alpha release, support queue stats, and some press and speaking slots.

Available as a pdf with full color graphs, https://archive.torproject.org/monthly-report-archive/2012-March-Monthly...

or as a plain text file for portability and readability, https://archive.torproject.org/monthly-report-archive/2012-March-Monthly...

Tor Browser Bundle, Mac OSX and 10.5.8

We're aware that the Tor Browser version 2.2.35-8 doesn't work on OS X 10.5.8. Ticket 4263 is open to track the issue. We just purchased a Mac Mini as the new build machine. It is in process of being setup and configured for builds. We should have more progress on solving the issue in the next week or so. Thanks for your patience.

February 2012 Progress Report

Our progress report for February 2012 is now available. It hightlights recent work with deep packet inspection and censorship circumvention in Iran and Kazakhstan. Also progress on a new tor status site based on new protocols, and general outreach and travels.

We implemented a new format this month to better reflect everything going on within Tor.

Available as a pdf with full color graphs, https://archive.torproject.org/monthly-report-archive/2012-February-Mont...

or as a plain text file for portability and readability, https://archive.torproject.org/monthly-report-archive/2012-February-Mont...

Updates on Kazakhstan Internet Censorship

Two weeks ago we announced the use of deep packet inspection to censor the Internet in Kazakhstan. Over those two weeks we've continued working on how they are blocking native tor connections. The good news is that our obfsproxy bundle continues to work well in country. Thanks to wanoskarnet, ann, and others for their help.

We have some network-level data captures at both ends to help us assess what is occuring. It seems the Kazakhstan firewall finds something unique in the TLS "Server Hello" message as sent by the Tor relay or bridge and therefore blocks subsequent communications. IP address and TCP port are irrelevant to the censorship. Research continues. Anonymized network flows are available here:

.kz client to relay: https://media.torproject.org/misc/2012-02-28-tor-kz-client-flow.txt

and

the relay view of that same conversation: https://media.torproject.org/misc/2012-02-28-tor-kz-bridge-relay-flow.tx...

Here's a graph of what this censorship looks like nationwide. The red dots are probable censorship events.

. The full image is here, https://media.torproject.org/image/blog-images/direct-users-off-2011-12-...

UW Hackfest Thanks!

Thanks to the 30+ people that showed up across our hackfests on Wednesday and Thursday. We talked about obfsproxy, torouter, civil liberties and tor, and Andrew spent four-plus hours explaining tor, hidden services, and online privacy risks to a bunch of tor-curious people. It's clear the ice cream sundae/gourmet popcorn bar was a huge success, with people literally squealing their love for Tor (I'm sure it was tor and not the ice cream ;). Thanks to PrivateOnion for writing a song. @INTLRevolver started a twibbon campaign and shared some womens' privacy issues with us and how Tor can help.

And a final thank you to Mel and Kar at the U of Washington for their support, logistics, and general awesomeness overall.

Kazakhstan upgrades censorship to deep packet inspection

In December 2011 we were aware of Kazakhstan increasing Internet censorship in response to some unrest and protests in Zhanaozen in the west. The censorship was then deployed around the country, in many cases with the full support of the populace. The initial invesitgation showed simple IP address blocking coupled with basic dns censorship. Tor continued to work without incident until this week.

JSC KazTransCom, AS35104, has deployed or begun testing deep packet inspection (dpi) of all Internet traffic. They specifically target SSL-based protocols for blocking. This includes Tor, IPsec, and PPTP-based technologies, as well as some SSL-based VPNs. Business and private users of these technologies are equally affected.

An example of the censorship, as recorded by volunteers in country, can be found in this network flow diagram. Kazakhstan is identifying and blocking the SSL client key exchange during the setup of an SSL connection. This graph shows the effects of this deployment of censorship based on dpi.

Luckily, due to our recent experience with Iran we have an answer for people: use obfsproxy. Obfsproxy continues to work in Kazakhstan, as well as Iran. In fact, it works in any country where dpi is used to censor citizens' access to the Internet.

Thank you to the volunteers for spending their Valentine's Day collecting and analyzing data.

January 2012 Progress Report

Our progress report for January 2012 is available now. Highlights include two Tails releases, a summary of support calls for the past six months with actual user stories, a trip to Egypt for the 'Change your world' summit, updated metrics codebase, discussion of a new voting method, and lots of translation updates.

Available as a pdf with full color graphs, https://archive.torproject.org/monthly-report-archive/2012-January-Month...

or as a plain text file for portability and readability, https://archive.torproject.org/monthly-report-archive/2012-January-Month...

Syndicate content Syndicate content