arab spring

Using Tor hidden services for good

Getting good stories for Tor successes is tricky, because if Tor is doing its job, nobody notices. I know a lot of people who have really interesting Tor success stories and have no interest in telling the world who they are and how they managed (until that moment when everybody is reading about them, that is) to stay safe.

Still, there are a bunch of other stories out there that haven't been documented as well. For example, I really like Nasser's story about his experiences in Mauritania:
http://www.technologyreview.com/computing/22427/page4/

Hidden services have gotten less broad attention from the Tor user base, since most people who install Tor have a website in mind like twitter or indymedia that they want to visit safely. Some good use cases that we've seen for hidden services in particular include:

- I know people (for example, in countries that have been undergoing revolutions lately) who run popular blogs but their blogs kept getting knocked offline by state-sponsored jerks. The common blogging software they used (like Wordpress) couldn't stand up to the ddos attacks and breakins. The solution was to split the blog into a public side, which is static html and has no logins, and a private side for posting, which is only reachable over a Tor hidden service. Now their blog works again and they're reaching their audiences. And as a bonus, the nice fellow hosting the private side for them doesn't need to let people know where it is, and even if somebody figures it out, the nice fellow hosting it doesn't have any IP addresses to hand over or lose.

- Whistleblowing websites want to provide documents from a platform that is hard for upset corporations or governments to censor. See e.g. http://globaleaks.org/

- Google for 'indymedia fbi seize'. When Indymedia offers a hidden service version of their website, censoring organizations don't know which data centers to bully into handing over the hardware.

- Data retention laws in Europe (and soon in the US too at this rate) threaten to make centralized chat networks vulnerable to social network analysis (step one, collect all the data; step two, get broken into by corporations, criminals, external governments, you name it; step three comes identity theft, stalking, targeted scam jobs, etc etc). What if you had a chat network where all the users were on hidden services by default? Now there's no easy central point to learn who's talking to who and when. Building one and making it usable turns out to be hard. But good thing we have this versatile tool here as a building block.

That's a start. It is certainly the case that we (Tor) spend most of our time making the technology better, and not so much of our time figuring out how to market it and change the world's perception on whether being safe online is worthwhile. Please help. :)

You might also like
https://torproject.org/about/torusers.html.en
https://blog.torproject.org/blog/we-need-your-good-tor-stories

This blog post was adapted from an email to tor-talk by Roger. See the original email at https://lists.torproject.org/pipermail/tor-talk/2011-November/021997.htm...

Trip report, Arab Bloggers Meeting, Oct 3-7

Jake, Arturo, and I went to Tunisia Oct 3-7 to teach a bunch of bloggers from Arab countries about Tor and more generally about Internet security and privacy. The previous meetings were in Lebanon; it's amazing to reflect that the world has changed enough that Sami can hold it in his home country now.

The conference was one day of keynotes with lots of press attention, and then three days of unconference-style workshops.

On the keynote day, Jake and Arturo did a talk on mobile privacy, pointing out the wide variety of ways that the telephone network is "the best surveillance tool ever invented". The highlight for the day was when Moez Chakchouk, the head of the Tunisian Internet Agency (ATI), did a talk explicitly stating that Tunisia had been using Smartfilter since 2002, that Smartfilter had been giving Tunisia discounts in exchange for beta-testing their products for other countries in the region like Saudi Arabia, and that it was time for Tunisia to stop wasting money on expensive filters that aren't good for the country anyway.

We did a four-hour Tor training on the first workshop day. We covered what to look for in a circumvention or privacy tool (open source good, open design good, open analysis of security properties good, centralization bad). All the attendees left with a working Tor Browser Bundle install (well, all the attendees except the fellow with the ipad). We got many of them to install Pidgin and OTR as well, but ran into some demo bugs around the Jabber connect server config that derailed some users. I look forward to having the Tor IM Browser Bundle back in action now that we've fixed some Pidgin security bugs.

We did a three-hour general security and privacy Q&A on the second workshop day, covering topics like whether Skype is safe, how else can they do VoIP, how can they trust various software, a demo of what sniffing the network can show, iphone vs android vs blackberry, etc. It ended with a walk-through of how *we* keep our laptops secure, so people could see how far down the rabbit hole they can go.

Syria and Israel seem to be the scariest adversaries in the area right now, in terms of oppression technology and willingness to use it. Or said another way, if you live in Syria or Palestine, you are especially screwed. We heard some really sad and disturbing stories; but those stories aren't mine to tell here.

We helped to explain the implications of the 54 gigs of Bluecoat logs that got published from inside Syria, detailing URLs and the IP addresses that fetched them. (The IP addresses were scrubbed from the published version of the logs, but the URLs, user agents, timestamps, etc still contain quite sensitive info.)
http://advocacy.globalvoicesonline.org/2011/10/10/bluecoat-us-technology...

Perhaps most interesting in the Bluecoat logs is the evidence of Bluecoat devices phoning home to get updates. So much for Bluecoat's claims that they don't provide support to Syria. If the US government chose to enforce its existing laws against American companies selling surveillance tools to Syria, it would be a great step toward making Tor users safer in Syria right now: no doubt Syria has some smart people who can configure things locally, but it's way worse when Silicon Valley engineers provide new filter rules to detect protocols like Tor for no additional charge.

The pervasiveness of video cameras and journalists at the meeting was surprising. I'm told the previous Arab blogger meeting was just a bunch of geeks sitting around their laptops talking about how to improve their countries and societies. Now that the Twitter Revolution is hot in the press, I guess all the Western media now want a piece of the action.

On the third workshop day we learned that there was a surveillance corporate expo happening in the same hotel as the blogger meeting. We crashed it and collected some brochures. We also found a pair of students from a nearby university who had set up a booth to single-handedly try to offset the evil of the expo. They were part of a security student group at their university that had made a magazine that talked among other things about Tor, Tunisian filtering, etc. We gave them a big pile of Tor stickers.

On our extra day after the workshops, we visited Moez at his Internet Agency and interviewed him for a few hours about the state of filtering in his country. He confirmed that they renewed their Smartfilter license until Sept 2012, and that they still filter "the groups that want it" (government and schools), but for technical reasons they have turned off the global filters (they broke and nobody has fixed them). We pointed out that since an external company operates their filters — including for their military — then that company not only has freedom to censor anything they want, but they also get to see every single request when deciding whether to censor it. Moez used the phrase "national sovereignty" when explaining why it isn't a great idea for Tunisia to outsource their filtering. Great point: it would be foolish to imagine that this external company isn't logging things for their own purposes, whether that's "improving their product" or something more sinister. As we keep seeing, collecting a large data set and then hoping to keep it secret never seems to work out.

One of the points Jake kept hammering on throughout the week was "if *anything* is being filtered, then you have to realize that they're surveilling *everything* in order to make those filtering decisions." The Syrian logs help to drive the point home but it seems like a lot of people haven't really internalized it yet. We still find people thinking of Tor solely as an "anti-filter" tool and not considering the surveillance angle.

After the meeting with Moez, we went to visit one of the universities. We talked to a few dozen students who were really excited to find us there — to the point that they quickly located a video camera and interviewed us on the spot. They brought us to their security class, and informed the professor that we would be speaking for the first half hour of it. We gave an impassioned plea for them to learn more about Tor and teach other people in their country how to be safe online. I think the group of students there could be really valuable for creating local technical Tor resources. As a bonus, the traditional path for a computer science graduate of this university is to go work at Tunisia Telecom, the monopoly telco that hosts the filtering boxes &mdash the more we can influence the incoming generations, the more the change will grow.

Reading links, 7 May edition

Just some quick links to what interests us over the past week.

Syndicate content Syndicate content