Explore Tor, New York City! A New Meetup Starting Dec 7


The Tor community is vast and deep yet remains a virtual entity outside periodic physical events. In New York City on December 7, we are going to start to change that.

Current and future Tor relay operators will assemble on the 20th floor of 150 Broadway, in the LMHQ shared meeting space, at 6:45 PM. This face-to-face gathering is an opportunity to meet others who run Tor relays in NYC, and for those investigating the possibility of running a relay or a bridge. 

The meeting will open with a short introduction, then move into a discussion with relay operators. 

If you run a Tor relay or bridge, or wonder what's involved in running one, this meeting is a great opportunity to  get input from others. NYC apartments and offices are filled with high-bandwidth connections, and there is plenty to spare to help users around the world facing censorship and surveillance.

We are looking to hold meetings every two months in NYC about other related topics going forward. Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

Other topics under consideration for Explore Tor, NYC! meetups include:

  • hands-on workshop on installation of Tor Browser for desktop and mobile
  • trainers meet-up to exchange teaching materials and network with fellow trainers
  • why .onion sites should be an infrastructure component for plain old web sites 

RSVPs are unnecessary, and all are welcome. Join us on December 7 and let's start making the Tor Project a living, breathing part of New York City's tech culture.

Another idea for a future Tor meetup:

o Training session on everything you need to know to set up and maintain your own onionsite (ideally including creating an onionsite right there, but mind the possibility of a shoulder-surfing fed)

> However, the hosting company's (LMHQ) website is not able to be viewed via Tor itself.


> It seems somewhat out of touch, to support Tor on one hand via hosting such an event but on the other hand literally not support users who are running tor and trying to access your website.

Yes, we in the Tor community need to keep working to make it easier for website operators and website users to use onion sites without much trouble.

I regularly encounter this problem. If it's important, I sometimes reduce the security slider to "Medium" and that usually fixes the problem. So if you have it set to "High", try "Medium".


December 07, 2017


It's great that so many people (person?) submitted possible meeting topics.

However, some of the recommendations are out of the focus of these meetups. There is no question that a general theme of privacy and anonymity will permeate the events, we intend to focus on various aspects of the Tor Project's activities.

It can't be all things to all people. Maintaining a focus that's both relevant and grounded in the TPO is feat that is can be accomplished and hopefully have some longevity.

if you want focus or feat_deal with Tor meetups-meting topics ; you Must lock Tor in NYC.
Educate people etc. is one of their missions available in the usa for usa only registered in the usa under the usa juridiction following the recommendation & sponsors from usa running on the lines of the law of the usa. Nothing illegal, nothing revolutionary, nothing exportable (501), just a local/small association where the phantasm & the provocation help to be be on the self victim side : hypocrite.

> why .onion sites should be an infrastructure component for plain old web sites

I also would like to see creative suggestions focusing on a technical opportunity for Tor to Do Something Great. But I don't think political iniatives should be discounted.

Two recent news stories suggest why TP should reach out to NYC government departments, political staffers, local hospitals and other medical facilities, and the Board of Ed.


Local governments grapple with ransomware threat
Morgan Chalfant
8 Dec 2017

> Computers hackers are increasingly targeting local governments with cyberattacks for financial gain. Hackers this week successfully infected government servers with malware in North Carolina, locking Mecklenburg County officials out of their systems and slowing its operations to a crawl. Hackers demanded $23,000 in exchange for unlocking the stolen files. Officials are refusing to pay—meaning they will need to rebuild their systems from scratch.

Many of these ransomware attacks appear to originate with a phishing campaign. Operators of websites need to ensure that their own customers/employees are not maliciously redirected to a phishing site, perhaps in a dragnet attack using an illicitly obtained "root" certificate. This problem is about to get much much worse because so many government services (in the US and around the world) are starting to require people to apply or communicate online, in order to save money by closing physical offices staffed by humans. So when someone goes to a "government site" and enters sensitive personal information, when the "government site" is actually a phishinng site that's going to create serious problems for the victims, and eventually for the government.


The feds have lately been struggling to work up the courage to suggest "DMARC for all". Trouble with that is: DMARC has been broken; see

‘Mailsploit’ Lets Hackers Forge Perfect Email Spoofs
Andy Greenberg
5 Dec 2017

> Pretending to be someone you're not in an email has never been quite hard enough—hence phishing, that eternal scourge of internet security. But now one researcher has dug up a new collection of bugs in email programs that in many cases strip away even the existing, imperfect protections against email impersonation, allowing anyone to undetectably spoof a message with no hint at all to the recipient.

Onion sites could help.

TP needs to explain to government officials and business persons why they should regard Tor part of the solution, not part of the problem.

> However, some of the recommendations are out of the focus of these meetups.

Looking to the future, I think there is a huge need for the good guys (TP and friends) to get young people (e.g. NYC high school students) thinking about working toward a career as a defender (think Citizen Lab, EFF, ACLU, TP, independent journalism) rather than as a cog in the Surveillance Military Industrial Complex or as a Google/Amazon/Facebook operative or as a Wall Street "quant". Many of the OT suggestions seem to speak to that need.

That said, I hope technically creative people will chime in with more suggestions. I don't think it is possible to have too many suggestions.

A good explainer which gives background on why FOSTA/SESTA (promoted in US Congress as anti-human-trafficking laws) are likely to be abused to harm peaceful political protest groups such as environmental groups and local protest groups (e.g. against a major development or airport expansion):

Online abuse must be curbed. But who decides where the line is drawn?
Owen Jones
12 Dec 2017

> Few would deny the importance of tackling online hatred or child abuse content. The internet, after all, has become a key weapon for those who disseminate and incite hatred and violence against minorities, and for those who pose a horrifying threat to children. It is difficult, though, not to feel discomfort about three rightwing newspapers – the Sun, the Daily Mail and the Times – all leading on the perils of social media.

I too would like to see more suggested topics which focus on technical opportunities for Tor.

However, I don't think there can be too many suggestions for possible topics, since the most essential desideratum is that some suggested topic "catches fire" with some critical mass of potential attendees at future Tor workshops in the NYC area.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o reach out to some of the excellent math/CS departments in NYC universities, seeking interest in a workshop on how novel cryptographic techniques could help/harm Tor in the future (e.g. quantum computing, but so much more).

o reach out to same, seeking to establish interest in a workshop exploring how to scale the Tor network in the event that a large fraction of the world's citizens wake up to the fact that Tor is their friend, despite whatever bad things their government might say.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Reach out to history teachers in NYC high schools to develop a course to

+ teach how privacy violations (e.g quartering troops in homes) by the colonial government were one of the root causes of the American Revolution,
+ teach how anonymous essays played a critical role in fostering revolution,
+ explore how modern NSA social-network/phone tracking methods and FBI "sting operations" might have played out if they had been used by the Crown to suppress the Revolution (for example, one paper shows that modern social network graphing techniques immediately identify Mr. Paul Revere and Dr. Edward Bancroft as key players in Boston whose removal would have crippled the Committee of Correspondence; could the revolutionaries have used modern tools to detect the fact that Bancroft was actually a closet Loyalist spying on the revolutionaries?),
+ Ben Franklin was an enthusiastic proponent of a professional and ethical federal mail service (now the US Mail) which not even the government could spy on; what would he think about the NSA dragnet?
+ explore how freedmen, slaves, Tories, trade unions, spies for and against the revolutionaries, all played critical roles in NYC just before and during the Revolution
+ get a copy of a NYC slave pass from local museums, compare with modern ID cards,
+ teach about the Whisky Rebellion, during which Pres. Washington and his confidante, Gen. Hamilton, led an American army into a wilderness region (now the heavily urbanized Pittsburgh area) to put down a tax revolt, and inquire into whether the hagiography of Alexander Hamilton is historically accurate (Washington pardoned several people Hamilton wanted to execute in the field).

o Arrange for Tor community people to teach guest workshops on the historical background for Signal, Tor, etc.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Contact ACLU and suggest to arrange with Edward Snowden a "snowbot" visit to NYC area high school classrooms, perhaps with other former whistleblowers living in the NYC area and/or with ACLU researcher and former FBI behavioral studies agent Mike German also present for extra perspective, interest, and drama (don't forget to publicize in local papers, but be prepared for a hysterical backlash from certain quarters--- if properly handled, a ferocious backlash can in itself help our cause),

o Get together refugees from countries where recent revolutions failed who are living in NYC area, plus NYC academics and representatives from groups such as Black Lives Matter, discuss what has gone wrong in recent revolutions, and brainstorm about how to make a successful bloodless revolution (emphasis on *bloodless*),

o Brainstorm how to try to persaude NYC politicians and public officials to train their own staff not to say "privacy is dead" or "if you have nothing to hide you have nothing to fear".

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Reach out to Bronx Science, Brooklyn Tech, Stuyvesant High Schools to organize hackathons bringing professional info-techies/coders and high school student to Code for the People,

Why would you recommend a focus on the only public high schools considered acceptable to the NYC 1%?

That has to be said.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Reach out to NYC high school music teachers and history teachers to arrange guest workshop with NYC musicians discussing the historical background for political backlash against Musicians with an Attitude, e.g.
+ former NYC resident John Lennon was threatened by Alabamians furious by his innocent expression of bewilderment that the Beatles "are bigger than Jesus" (in the mind of contemporary teenagers); compare the remark of a U.S. Navy SEAL (to NYT reporters) which appears to suggest that some SEALs believe they are "bigger than God"; discuss the reasons for the lack of a similar backlash against the SEALs from the Religious Right,
+ FBI's decades long surveillance of Pete Seeger (NYC connection is sloop Clearwater) and Joan Baez in retaliation for their anti-Vietnam-war activity anti-prison camp (Seeger first got into trouble with FBI for objecting to FDR's unconstitutional internment of Japanese-Americans during WWII),
+ FBI's decades long surveillance of Woody Guthrie; c.f. Alice's Restaurant in modern combinatorics and its cryptographic implications,
+ FBI's surveillance of jazz musicians in Harlem during the 1920s and 1930s
+ FBI's surveillance of hip-hop musicians in the present day

Reference for the SEAL comment:

‘Top Secret America’: A look at the military’s Joint Special Operations Command
Dana Priest and William M. Arkin
2 Sep 2011

> “We’re the dark matter. We’re the force that orders the universe but can’t be seen,” a strapping Navy SEAL, speaking on the condition of anonymity, said in describing his unit.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Reach out to current graduate students (in Math and related fields) attending NYC universities to attend guest workshops in NYC high schools which teach about cryptographic methods old and new

o Reach out to same plus NYC school history teachers to draw upon David Kahn's classic book The Codebreakers to explore such themes as

+ NSA and US military use intensive communications intercepts to combat narcotics trafficking in the Carribbean (often with intended destination at JFK); compare and contrast the fact that USCG used cryptography to combat rum runners during Prohibition, including in Long Island area,

+ USCG hired NSA legend William F. Friedman and his wife, Elizebeth Friedman, to cryptanalyse (often in real time) messages sent by the rumrunners; WFF later headed the cryptanalysis of the Japanese diplomatic cipher which became known as MAGIC; after the war he became a dissident who opposed NSA spying on Americans, and was kicked out of the agency; the main auditorium at NSA headquarters is named for WFF; NSA tried to classify some very important pre-WWI papers by WWF and raided his home to recover his own copies, but the raiders failed to discover that WFF--- who had been tipped the raid was coming--- had given his copies of his own papers to his neighbor, a precocious boy interested in becoming a reporter and who much later authored a wonderful book on cryptography; this book is today in some respects not entirely politically correct; discuss!

+ Compare and contrast the leaks by the former leader of "the American black chamber" to the Snowden leaks (motivation, effect, backlash); note that Snowden leaked documents show the NSA remains deeply commited to using cryptanalysis and communications intercepts to help USG gain an unfair advantage in treaty negotiations.

+Wikipedia is the encyclopedia where anyone can write anything, yet it is often the most reliable source of information about many controversial topics; how can this be?



Following up on this suggestion:

> teach [high school students] about probabilistic and statistical reasoning

Both are essential to understanding Tor's virtues and potential flaws. Similarly for other privacy-enhancing tools.

And to understanding the enormous threat posed to current US high school students from abuse of machine learning techniques and the algorithmically enabled "New Jim Crow", both in its corporate and governmental aspects.

So why not urge NYC grad students to help NYC high school teachers develop a statistical self-defense course? Using R of course because that is

o the biggest and the best statistical software environment

o open source

o free as in free... pizza (since we are discussing this in a high school context).


How to Lie with Statistics, Darrell Huff, Norton, 1954. Classic nontechnical book, should be readable by high schoolers.

Stuck by Lightning, Jeffrey S. Rosenthal, Harper, 2005. Very readable, by an expert in Markov chain theory. Discusses the mysterious "murder hump", too briefly.

History of Statistics, Stephen Stigler, Dover, 1986. Readable, undergraduate level, great background on the long history of how statisticians have influenced the "justice system" [sic].

Understanding Probability, Henk Tijms. Cambridge University Press, 2012. Very readable.

Introduction to Probability Models, Sheldon Ross, Academic Press, 2007. More advanced but very readable.

Digital Dice. Paul Nahin. Princeton U Press, 2008. Chapter 13 suggests some good evasion problems.

Will You Be Alive 10 Years from Now? Paul Nahin. Princeton U Press, 2014. Chapter 12 has a nice dragnet application.

There are also relevant materials in the math underground (onion sites).

Most recent probability textbooks discuss what Roger D calls the "base rate paradox" (also known as the "juror's paradox" and by many other names), probably the most important fact from probability which every educated citizen needs to know. Some discuss the "prosecutor's paradox" (the mistake of treating all events as independent, a favorite Creatonist tactic also used by dishonest DNA "experts"). Some discuss "Simpson's paradox"; a classic justice-system-reform topic example arises from the statistics of death penalty verdicts in the Deep South.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o organize a boycott by US based technical people of USG agencies such as NSA (the world's largest single employer of mathematicians) and cyberespionage-as-a-service companies.

Indeed, I think that all Tor workshops should have the primary or secondary goal of building a boycott movement in which computer scientists, mathematicians, engineers, physicists, statisticians, psychologists, anthropologists, data scientists, etc., pledge not to work for government agencies such as NSA or for companies such as Gamma, Hacking Team, NSO Group, or Cyberbit.

Some years ago, a boycott movement apparently failed. So why do I think it might succeed in 2017?

Two reasons, at least:

1. Drumpkim has pushed many smart people into a state of mortal fear, not without reason. We can harness that fear by suggesting something very positive smart tech trained people can do, or rather not do: they can refuse to use their knowledge and skills to support the surveillance-military industrial complex. And without our knowledge and skills, this industry must die. We are literally the only thing which can remove from the world one of the most deadly existential threats to our own and future generations.

2. Everywhere in the tech world, coders and engineers are now turning against the inhumane applications of the technology they have created. Even in places where many Americans might not expect to see a pro-human rights backlash.

For example, just look what happened at a recent conference inside Israel when one presenter seemed to have no ethical qualms about his work on making drone killings even deadlier:

This Israeli Presentation on How to Make Drone Strikes More “Efficient” Disturbed Its Audience
Sam Biddle
5 Dec 2017

> Research backed by the U.S. and Israeli military scandalized a conference near Tel Aviv earlier this year after a presentation showed how the findings would help drone operators more easily locate people — including targets — fleeing their strikes and better navigate areas rendered unrecognizable by prior destruction. The doctoral student who presented the research demonstrated how pioneering data visualization techniques could show a drone operator, using lines and arrows of varying thickness, which direction fast-moving people and vehicles were most likely to travel, for example, at an intersection or while fleeing a building. The presentation clearly angered at least some of the crowd, including the moderator, prompting hostile questions.

One other thing: Citizen Lab director Ron Deibert (author of Black Code) has just drawn renewed attention to four of the largest cyberespionage-as-a-service companies:

o Gamma International/Finfisher (UK and Germany)
o Hacking Team (Italy)
o NSO Group (Israel)
o Cyberbit (Israel) (formed from two Israeli companies, Elbit Systems and NICE Ltd)


Evidence That Ethiopia Is Spying on Journalists Shows Commercial Spyware Is Out of Control
Ron Deibert
6 Dec 2017

Because the mere mention of Israel is likely to prove inflammatory in coming weeks, I would like to stress that Israeli citizens (a group which includes Muslims as well as Jews and agnostics) cannot be held responsible for what some disreputable Israeli companies do, anymore than US citizens can be held responsible for what shady US companies do. Further, many Israeli citizens want to see the peace process continue, and are just as concerned as Deibert is about companies like NSO Group and Cyberbit.

I for one would like to hear a report from Roger D about his experiences attending this conference:

> Cyber Challenges to International Human Rights – Jerusalem & Haifa
> December 11-12, 2017.

FWIW, my take on the question of why so many cyberuglies are founded in Israel is that authoritarian minded people (even some anti-semites) are often enthusiastic about the image IDF has in some quarters of being tough no-nonsense strong-armed type people. The cyberuglies have always been quick to capitalize on this impression by including in their video presentations footage of their nastier products in action against Palestinians. That's disgusting and horrifying, but no-one should blame Israeli citizens generally for the misdeeds of a few people who happen to live in Israel.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Liase with EFF, Epic, and like-minded organizations, and update LetsEncrypt to OnionItAll (take on Keith Alexander's CollectItAll).

Picking up on this bullet item:

> why .onion sites should be an infrastructure component for plain old web sites

Very glad to see this, because I think this is one of the most urgently needed solutions which Tor can offer to society's current cyberinsecurity mess.

Here is a relevant news article from Wired:

Phishing Schemes Are Using Encrypted Sites to Seem Legit
Lily Hay Newman
5 Dec 2017

> A massive effort to encrypt web traffic over the last few years has made green padlocks and "https" addresses increasingly common; more than half the web now uses internet encryption protocols to keep data protected from prying eyes as it travels back and forth between sites and browsers. But as with any sweeping reform, the progress also comes with some new opportunities for fraud. And phishers are loving HTTPS.
> On Tuesday, the phishing research and defense firm PhishLabs published new analysis showing that phishers have been adopting HTTPS more and more often on their sites. When you get a phishing email or text, the sites they lead to—that try to trick you into entering credentials, personal information, and so on—implement web encryption about 24 percent of the time now, PhishLabs found. That's up from less than three percent at this time last year, and less than one percent two years ago.

We need to make an organized effort to try to make sure that US politicians understand that https and even DMARC are not panaceas. Neither, no doubt, is making an onion site instead of a regular https site, but we need to explain that

+ this is an arms race between the white hats (us) and the black hats (Gamma, Cyberit) [and NSA/TAO and all them like that]

+ onion sites offer a significant improvement in cybersecurity, at least for the foreseeable future (maybe a year? two years? who knows?), which can buy us time

+ this is really a no brainer, just as the original LetsEncrypt movement was a nobrainer: The People need help right here right now, and Tor can offer something which can help right here right now.

check tor : http://onionbr5zulufnuj.onion/
* at the bottom : Onion Browser is provided on an “as is” basis, with no warranties or representations, and any use of it is at the user's own risk.
* and : under the MIT license ( it is not a good reference like you know)
* no https version ( lol_ pls add it ! )

is it relevant ?
*when will we have a Tor email client -thunderbird is abandoned ?

I need this link

Is maybe being just me thinking the person who be posting nsa surveillance blatherins in tor project ny meetup blog comments section is seeming to be sounding like just like shadow brokers hacker
who also is conceilment of communication to prevent identification dox, me thinking is being same person.
Tor project be doing something positive to world by firing person who had website made of for slandering them after it being revealed they were predator scum bag.
could be making better in about:config settings if shit like geo clipboard sensor face telemetry report privacy spdy media.peerconnect webgl cisco were all set to false and blocked, maybe next revision version of Tor will make better?

Shadow brokers are seeming awesome persons of internet and wish could be drink beer at meeting place one day with them but is understanding cannot be meeting because of identity so we be admiring from far away place in internet land.

512sum verify 34t4jio489rjiop2490r532584242j3f24j5u4292t
maybe is key or maybe is hitting face on keyboard or maybe is coupon code
to be getting discount on

> Is maybe being just me thinking the person who be posting nsa surveillance blatherins in tor project ny meetup blog comments section is seeming to be sounding like just like shadow brokers hacker

I think it's just you, but you might be interested in this:


recaptcha on carousell.com doesn't load now

Wonderful news: Tor Project just got some good press!

Wired.com has been running a timely series of brief guides to cybersecurity (for ordinary citizens with extra steps for endangered people). One of these is a good if brief sketch of what Tor has to offer to everyone:

The Grand Tor: How to Go Anonymous Online
Andy Greenberg
9 Dec 2017

> Fifteen years have passed since a couple of MIT grads and a Navy-funded researcher first built The Onion Router, or Tor, a wild experiment in granting anonymity to anyone online. Today, Tor has millions of users. The original project has been endlessly hacked on, broken, and fixed again. While imperfect, it remains the closest thing to a cloak of anonymity for internet users with a high sensitivity to surveillance, without needing serious technical chops. And it’s stronger and more versatile than ever before.

Hear! Hear!

The piece clarifies that Tor Browser is not the only thing Tor offers; Greenberg also mentions Onion Share, Tor Messenger, and allied projects such as Tails.

Now all we need is media attention to the virtues of making every website (or at least, every news site or civil liberties site) an onion site, citing the breakage not just of PKI generally (https certs) but DMARC, which the USG is currently pushing as a cure-all for society's DNS woes.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Brainstorm how Tor can possibly enable crowd-sourced projects which aim to build useful counter-surveillance gear which would be particularly well suited to a city such as NYC where so many parties are using state-of-the-art spy gear, such as affordable spectrum analyzers (currently these run to many thousands of dollars, but can surely be built using COTs elements for much less, and NYC techies should probably make some for local news organizations and endangered NGOs such as ACLU and TP itself).

o The Snowden leaks show that NSA routinely uses--- in NYC and other locales-- retroreflectors and such in the kind of attack which can apparently only be defended against by Tempest (i.e. Faraday cages). Brainstorm possible defenses which could be used by ordinary Tor users if provided by developers, as well as by local government officials, UNHCR and other poorly-funded low budget agencies, medium sized businesses, etc.

o Reach out to medium-sized businesses in NYC, pointing out that many of them already know from experience how damaging cyberbreaches can be, asking for reasonable contributions to Tor research in NYC area focused on improving cybersecurity for all, for example by developing an "Onions Everywhere" movement similar to EFF's highly successful "HTTPS Everywhere" movememnt.

o Organize a workshop on how state-of-the-art entropy generating techniques can be incorporated into
+ Tails needs a good source of entropy soon after being booted, or it would generate weak SSL keys or even worse, poor "one use only" GPG keys; Tails is already working on this, but it's a very hard problem and I'm sure they'd be very happy to get some good ideas from the smart people who would attend a NYC workshop aiming to address this problem,
+ (possibly) TP products; e.g. a goal should be to make Tor clients and onion servers use strong entropy even if the operating system by default uses weak entropy to generate SSL keys and such, or even worse has been covertly modified to use an awful entropy source.
+ Part of the workshop could explain how to use dieharder (see the Debian repos) and other tools to identify and diagnose problems with pseudorandom number generators. Very possibly it would be a good idea to accept major added CPU load by having onion sites automatically check the quality of their PRNG from time to time, e.g. during low bandwidth times of day. Such a check could potentially be abused by an attacker who gains access to the reports, of course, so participants could discuss whether there's a smarter way than running checks on the affected server itself.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

> many people (person?)

Tor can help keep anonymous posters anonymous, but we know that DARPA and other potential foes of Tor users are hard at work on developing "stylometry" into an effective deanonymization tool.

I think Roger D is familiar with at least one attempt to develop countermeasures to stylometric attacks, which could perhaps be further developed and put into Tor Browser. Ideally this would a utility which behaves like gedit's "spell check", but which identifies low entropy (distinctive) words, grammatical constructions, etc. and suggests high entropy alternatives. Needless to say, this would seem to be very language-specific, but such a tool for English could be helpful to many Tor users.

It could also help these fellows


But we can't let that stop us from working to help ordinary citizens stay anonymous in the face of increasingly sophisticated state-sponsored de-anonymization attacks, often using Big Data repositories.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Workshop to study potential future threats to Tor which mess with the clocks used by clients (on personal devices of Tor users) and/or Tor nodes to disrupt Tor traffic, especially to onion sites, and to identify and start developing practical ways to resist such attacks.

o Workshop to study sophisticated "all but global attacker" deanonymization attacks (of the kind studied by Nick and academics, and also unfortunately by NSA) and to brainstorm countermeasures; there have been other such workshops, but you can never have too many of this kind, and NYC, with its wealth of crypto-sophisticated coders, is an ideal venue for this kind of state-of-the-art techniques workshop.

o Workshop to provide onion mirrors for important software depositories in addition to Debian repository, e.g. github.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Workshop to identify potential threats to Tor Browser users in which the attacker attempts to abuse the clipboard, and fix any vulnerabilities found.

o Workshop to trawl for state-sponsored malware targeting Tor users, in a carefully coordinated attempt to capture it, reverse engineer it, attribute it, and publish it (with bugfixes).

o Brainstorm how Tor can play a role in allowing selective authentication by Tor users--- prima facie, assisting banking customers to use Tor to log into their bank's website seems absurd, but if we look deeper, maybe onion sites could make it very hard for ordinary criminals to do cross-site scripting type redirections of legitimate bank customers to phishing sites.

o Brainstorm a campaign for high profile NYC citizens, explaining how onions and using multiple modes such as Tor Messenger, Signal, etc., can make them very resistant to "whaling"; why can't someone like Michael Bloomberg become a spokesperson for Tor, eh?

o Workshop to improve Tails documentation (already good but more needs to be explained for ordinary users), including translations (NYC speaks many languages)

> why can't someone like Michael Bloomberg become a spokesperson for Tor, eh?

bloomberg.com was one of the few major media organizations which troubled to report in depth upon the phenomenom of cyberwar-as-a-service companies some years ago (along with The Guardian, WL, and more recently The Intercept). So this suggestion might not be as strange as it may first appear.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

I have a suggestion which requires a bit of background.

Back in Jul 2015 a vast amount of internal documents from Hacking Team SRL, the Italian cyberespionage-as-a-service company, including customer lists, pricing lists, marketing presentations, emails, and plans for future malwares, were leaked and published at WL. Along with the similar leak from HBGary Federal (now defunct), the HT documents provide much insight into how these cyberspies operate. For us the most relevant documents described "Project-X", Hacking Team's code name for a plan to attack Tor users worldwide. Arma had this to say

Preliminary analysis of Hacking Team's slides
7 Jul 2015

> A few weeks ago, Hacking Team was bragging publicly about a Tor Browser exploit. We've learned some details of their proposed attack from a leaked powerpoint presentation that was part of the Hacking Team dump.
> The good news is that they don't appear to have any exploit on Tor or on Tor Bro wser. The other good news is that their proposed attack doesn't scale well. They need to put malicious hardware on the local network of their target user, which requires choosing their target, locating her, and then arranging for the hardware to arrive in the right place. So it's not really practical to launch the attack on many Tor users at once.

See also

Leaked Emails: How Hacking Team And US Government Want To Break Web Encryption T
6 Jul 2015

Here are links to a few HT emails discussing attacks on Tor:


Motherboard had a good writeup which said in part:

Hacking Team's 'Project X' Wants To Spy on Tor Users
Joseph Cox
13 Jul 2015

> Called “Project X,” Hacking Team’s method proposes to re-route a target's internet traffic before it enters the Tor network, so it could be monitored by the company’s clients. This is described in two PowerPoint presentations included in the 400 GB Hacking Team breach... The idea is that the malware will modify the target's installation of the Tor Browser. The Tor Browser, which is based on Firefox, is possibly the most popular way that people access the Tor network, it gives users all sorts of other security benefits, and routes their traffic through the Tor network....This modification is done so the Tor Browser, unbeknown to the target, does not join the network directly. Instead, the traffic is first re-routed to a node con trolled by Hacking Team's customer.
> ...
> “We have not yet worked our way through all 400 gigabytes of data in the Hacking Team data leak,” The Tor Project said in an emailed statement.

So here are my proposals:

o hold a NYC area workshop to
+ look for any evidence for malicious redirection of the type plotted by HT,
+ trawl through the 400 GB (have Italian translators handy) in order to extract useful insights into HT's methods,
+ devise promising countermeasures TP can implement now or in the future
+ (possibly) review the Snowden leaked NSA and GCHQ internal presentations on their (failed) attacks on Tor, to see whether anything they mention appears relevant to current Tor

o hold a NYC area workshop to
+ liase with WL to set up onion mirrors for the HT and Spy Bazaar material
+ liase with ACLU to set up onion mirrors for the Cellspy material
+ liase with The Intercept to set up onion mirrors for published Snowden leaks
+ (controversial) devise honeypot onion sites which attempt to lure sophisticated cyberspies, with a view toward capturing, reverse engineering, attributing, and publishing state-sponsored malware.

Further goals of the last item would be to throw the fear of G-d into DV and pals, and to provide an irrestible lure for real-life informers, the better to know who they are.

Note that HT malware has been repurposed and used in the wild by other cyberspies/crooks:

FBI Cyber Division Bulletin: Hacking Team Exploit Used in Spearphishing Campaig
n Targeting U.S. Government
July 24, 2015

> The following bulletin from the FBI Cyber Division discusses a spearphishing campaign targeting U.S. government agencies in June and July of 2015. The camp aign utilized a Adobe Flash exploit based on vulnerability CVE-2015-5119 that was discovered in the 400GB data archive from hacked Italian surveillance technology company Hacking Team that was released publicly earlier this month. The exploit was being sold as a product of Hacking Team and was listed in their product knowledge base. The bulletin notes that the Flash exploit was being used in phishing emails in June 2015 despite the fact that the Hacking Team data was only made public on July 5, 2015.

Regarding HT, please note that we have known for some time that HT had partnered with NICE Systems, the Israeli cyberespionage-as-a-service company which was allegedly hired by large US telecoms to spy on their own customers (including recording voice call content). This ought to worry USPERs because NICE suffered a hugely embarrasing data breach in which someone noticed one of their troves of recorded voice calls had been left exposed for anyone to listen to:

Spy platform zero day exposes cops' wiretapped calls
Laundry list of fail includes backdoor, remote unauth access to intercept box
security fail
Darren Pauli
29 May 2014

Just this month, CitizenLabs discussed the merger of NICE with portions of Elbit Systems (the Israeli surveillance/attack drone company) to form a company called Cyberbit, as well as HT malware used by the Ethiopian government to attack USPERs.

FBI continues to try to outdo FCC in their ferocious disinformation campaign targeting Tor and strong encryption generally:

FBI director again laments strong encryption in remarks to Congress
“The FBI also invests in alternative methods of lawful engineered access.”
“responsible encryption,” expert asks “responsible to whom?”
Cyrus Farivar
11 Dec 2017

In recent testimony before Congress, the director of the FBI has again highlighted what the government sees as the problem of easy-to-use, on-by-default, strong encryption... The FBI and its parent agency, the Department of Justice, have recently stepped up public rhetoric about the so-called dangers of "Going Dark." In recent months, both Wray and Deputy Attorney General Rod Rosenstein have given numerous public statements about this issue.

FBI Director Complains About Encryption, Offers To Sacrifice Public Safety In The Interest Of Public Safety
from the an-argument-divided-against-itself dept
Tim Cushing
11 Dec 2017

> FBI Director Christopher Wray offered ... meaningless statistics about device encryption. Through the first eleven months of the fiscal year, the FBI apparently had 6,900 locked phones in its possession. Wray claims this number represents "roughly half" of the devices in the FBI's possession. The number is meaningless, but it serves a purpose: to make it appear device encryption is resulting in thousands of unsolved crimes.

By the way, a common false anti-Tor "meme" which is constantly pushed in blog comments here and elsewhere is the claim that "if the feds want your device, they are going to be able to pwn your device". But that's not true at all. Don't believe it because I say it, believe it because FBI Director Wray just said it:

> As an organization, the FBI also invests in alternative methods of lawful engineered access. Ultimately, these efforts, while significant, have severe constraints. Non-content information, such as metadata, is often simply not sufficient to meet the rigorous constitutional burden to prove crimes beyond a reasonable doubt. Developing alternative technical methods is typically a time-consuming, expensive, and uncertain process. Even when possible, such methods are difficult to scale across investigations, and may be perishable due to a short technical lifecycle or as a consequence of disclosure through legal proceedings.

Snowden put it better: "strong end-to-end encryption works".

Some readers will probably be interested in this:

You know that thing where NSA hoards dangerous vulnerabilities in widely used software/hardware, rather than warning the manufacturers/users? That's the VEP. The VEP guidelines have just been published. The document is in many ways misleading and self-serving, but offers some clues:

Vulnerabilities Equities Policy and Process for the United States Government
December 11, 2017

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

This is probably a very bad idea and I hesitate to suggest it, but it irks me that DPRK (North Korean government) is keeping their citizens in the dark about everything happening in the wider world, so FWIW:

o (controversial) Workshop brainstorming ingenious methods for bringing some kind of covert torified internet to DPRK; can the Raspberry Pi B be modified to be useful inside DPRK by ordinary citizens (note that DPRK's existing internet is tiny and limited to "cleared" officials)
+ warning: this could align with RFA (Radio Free Asia) (probably OK) but also with CIA (very bad)
+ spot the CIA agent in attendance at the workshop
+ spot the CN government spook in attendance at the workshop
+ warning: CIA might try to recruit young people to be dropped into DPRK--- don't get involved with them, they'll get you killed or worse!
+ warning: attendees should expect cyberattacks from USG, CN government, etc.
+ (dangerous) try to capture, reverse engineer, attribute, and publish their malware

This requires

o port Tor to Raspberry Pi
+ even better (but possibly hard): port Debian to Raspberry Pi (raspbian chose to allow a name conflict which makes it hard for Raspberry Pi users to access the Debian software repository)


o provide onion mirrors and cryptographic signatures for raspbian repository

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

Following up on the comment about the urgent need to teach modern statistical methods including some Big Data and unsupervised machine learning methods to activists and journalists:

o Workshop to brainstorm better methods of estimating
+ the number of "bad Tor exit nodes" which are eavesdropping
+ the number of exit nodes operated by well-funded intelligence agencies with global ambitions (e.g. RU, CN, USA)

I think Roger knows some ways to do this, but he might not realize that there are many, many possible approaches. Buzzfeed News has assembled a crack team of data scientists led by a reporter who is a former wildlife biologist, so they would be an excellent resource to liase with in planning the workshop.

Some hints on methods which may prove useful:

+ loglinear regression (the easiest)
+ MCMC simulations (offer more robust estimates
+ model "bad nodes" as an "open population" rather than a "closed population"
+ use model diagnostics and model comparisons
+ methods tracking population over time (births, deaths of nodes)
+ non-parameteric latent class models
+ try both Bayesian and frequentist approaches

For example, in a typical loglinear analysis one uses government data on DHS captures of illegal immigrants who are "marked" by their fingerprints taken upon arrest. Given a tabulation of how many people have been captured 1,2,..k times in a given period, one can estimate the population including the number captured 0 times.

Naturally, DHS never says how it estimates the population of illegals inside the US, and one dirty little secret which civil liberty activists can learn from their own experience using statistical methods is that different but plausible-appearing methods for estimating a population size often give wildly different estimates. That's where MCMC simulation and model comparison can help.

In an another example of a typical loglinear analysis, cyberintruders target several major environmental groups seeking their mailing lists. That not only gives them a list of contact information for specific people they can spy on, but also allows them to estimate how many environmentally-minded persons exist who do not yet appear on their "spyworthy" roster. E.g. the bad guys have four lists, and 23 people appears on all four, 104 appear only on the first two lists, etc., which enables them to estimate how many additional environmentalists are so far unknown to them--- very useful when seeking a budget increase! In this example, people are "marked" by their contact information.

One reason FBI wants so very badly to photograph and facially identify everyone who shows up at even a peaceful protest is that FBI analysts can use the facial ids--- even if not associated with an IRL identity--- to carry out a similar analysis; if they surveilled four protests at three locales, and N(k,r) persons were spotted k times at r protests, the bad guys can estimate how many total potential protestors exist, and predict in which locale each one is likely to appear at future protests. And the surveillance-as-a-service companies (often staffed by former feds) can do the same thing.

Again, this speaks to the need for TP and allied groups to seek to discourage graduate students in statistics from joining the bad guys--- much more challenging and infinitely more just to work for The People to curb government/corporate abuses like the ones just sketched.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Workshop to organize concerted campaign which seeks to individually contact head librarians at every public library and university/college library (dozens!) in the NYC area, teaching them about Library Freedom Project and urging them to consider becoming a partner.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Workshop to
+ Use the recently leaked DailyStormer style guide to write scripts for use by blog maintainers (especially of blog.torproject.org!) to automatically flag submitted comments which exhibit stylistic indicators that the comment may come from a DS fan.
+ Generalize to other commentards, e.g. the Trolls from Olgino.
+ Use this and other sources to extract other information about trolls which will be useful to blog maintainers.


This Is The Daily Stormer's Playbook
A leaked style guide reveals they’re Nazis about grammar (and about Jews).
Ashley Feinberg
13 Dec 2017

> Back in September, Vox Day, a Gamergate holdover who has assumed the position of racist alt-right figurehead, published a handful of brief excerpts from what he described as the “Andrew Anglin” style guide. For the blissfully unaware, Anglin is a neo-Nazi, troll and propagandist who runs The Daily Stormer, one of the more prominent sites of the white supremacist web. The passages selected by Vox Day in his blog post suggested that Anglin is persnickety about detail and presentation ― except on the subject of the Jews, who are to be blamed “for everything.”
> HuffPost has acquired the 17-page document in its entirety, as well as transcripts from an IRC channel where the document was shared in an effort to recruit new writers. It’s more than a style guide for writing internet-friendly neo-Nazi prose; it’s a playbook for the alt-right.

Exactly, offers considerable insight into the goals of DS trolls and how they think about their trolling.

Are there people interested in using my pc to set up a TOR relay?

You can run a relay from your PC using your existing home(?) connection. (Note that it is not advisable to run an *exit* node from home).

Are you inquiring about donating your PC to be placed in a data center as a dedicated tor node? (Data centers offer better bandwidth, which is possibly more important than CPU power if you want to run a not-fast Tor node.)

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Workshop to plan/prioritize Tor-nation-building projects
+ NYC has many highly educated people who speak a second language
+ reach out to ordinary citizens in underserved countries (e.g. VE) in their own language
+ identify countries which already have many users but not enough fast nodes

For example, using data from yesterday on published Tor nodes:

Brazil needs some fast routers!!
BW% Nr%
0.0003 0.0054

Argentina needs some fast routers!!
BW% Nr%
0.0001 0.0031

That is to say, Brazil has 0.5% of nodes by number but carries only 0.03% of traffic, suggesting there exists an unmet demand in Brazil for some fast Tor nodes.

In some countries, e.g. RU, it might be hard to provide fast Tor nodes owing to government harrassment, but it seems clear from the number of nodes that there is great demand in both RU and UA for tor service.

West Africa, South Asia, and Central/South America would seem to be very underserved but have great need.

> Future ideas for Tor-focused gatherings are in the works, with input appreciated. Leave a comment below!

o Workshop to brainstorm something spectacular for PR
+ slogan could be "the government didn't fix the power, but we (TP) provided Tor service"
+ Google &c promised to fix comms but power still out for much of Island
+ can NYC engineers produce inexpensive hand cranked devices which can make an emergency regional internet?
+ torified of course because of the political controversy concerning credible corruption allegations swirling around PR, plus FCC now allowing telecoms to block *legal* content (e.g. criticism of the USG from PR) so ordinary people in PR need to get the word out about what is happening where they live, without censorship.

I watched the HPO show - I believe the the DPR lives in all (most) of us - the idea, the concept - we can all learn.