Tor: 80 percent of ??? percent of 1-2 percent abusive.

Hi, Nick here.

Roger's at 31c3, so I'll post his statement about that article you might have seen:

Tor hidden service traffic, which Dr. Gareth Owen discussed in his talk this afternooon, is only 1.5% of all Tor traffic. Tor gets about 2 million users per day total.
The researcher ran a set of Tor relays for a six month period, and recorded how many times somebody attempted to look up a hidden service (this lookup is one of the steps in visiting a hidden service). Then at the end of that period, he scanned the hidden services he'd learned about, to find out what sort of content was on them.

Dr. Owen's data shows that there's a lot of churn in hidden services, so nearly all of the sites were gone by the time he did these scans. His graphs only show data about the sites that were still up many months later: so his data could either show a lot of people visiting abuse-related hidden services, or it could simply show that abuse-related hidden services are more long-lived than others. We can't tell from the data.

Without knowing how many sites disappeared before he got around to looking at them, it's impossible to know what percentage of fetches went to abuse sites.

There are important uses for hidden services, such as when human rights activists use them to access Facebook or to blog anonymously. These uses for hidden services are new and have great potential.

PS: Law enforcement agencies use Tor to stay anonymous while they catch bad guys. Law enforcement agencies use and run hidden services, too.

More info to follow.

the discussion that should result from this research is "why does such huge number of people want to access these websites, given consequence free opportunity?"
however this discussion is certainly not going to get started, least of all by tor.

Not true, actually. That discussion did occur on this website in https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-…. Just beyond halfway down, search for "jailbait".

I fear to imply you mean "what if paedophilia is ... natural?!", because it's such a 'dangerous' question these days. Let's just say that I originated the question, for your safety! Paedophiles are believed by most to be a small minority, yet many complain that, these days, they seem to be everywhere. What if many people are actually secret paedophiles? What if they make up more than 51% of the population? What if we're actually supposed* to be like the bonobos,** who practice adult-infant sex naturally?

I think the easiest way to bypass the exhaustingness of this debate is to consider the harm - the pain, the hurt, the deception, the violence, it's that which is abuse - rather than questions about e.g. age of consent or nature of jailbait. As far as I know, bonobos do not practice adult-infant sex violently.

The main problem for law enforcement is that this conflation overloads the law enforcement agencies. Their time is wasted pursuing enquiries about e.g. some teenager being inappropriately photographed rather than focussing on the manufacturers of the really serious abuse.

For all of this, the problem is not really with tor, it is somewhere else.

-- Straggler

* No, I do not know if this is the case.

** I'm not going to explain what a bonobo is here, I'm just going to wait for someone to demand why all bonobos haven't been arrested and put in jail already.

Jason

December 31, 2014

Permalink

It is the inevitable bias of mainstream media and traditional government against Tor, that most things will be spun into the most negative way.

Another graph from this study seems to say those ~80% of visits were to only ~2% of .onion web sites in the sample. If it really turns out to be accurate, the most positive response I can think of is to regularly use and promote the most desirable (news, chat, mail, wiki, blog) sites from the other 98%, until usage patterns are measurably consistent with the regular Web*.

But acheiving and confirming that in a follow-up study, would not make for sensational news or useful propaganda, so probably not result in Tor being exhonorated in mainstream media.

* I wonder what might be the percentage of content falling into undesirable categories on Facebook, for example. Probably more than they would want to admit.

-- s

It's not that inevitable, I hope! Mainstream media usually goes for a sensationalist aspect. Governments start from a position of ignorance and incompetence*. It's not usually spin, really, just attitude. As that's the case, this is bias that can be eroded by plugging away with good publicity. As an example, I like this: www.theoatmeal.com/blog/net_neutrality.

I use tor now for everything that I used to do in the clearnet. That doesn't involve hidden services, but I think in the future I'd like to see HSs form a peer-to-peer network which will replace using e-mail for one-to-one/many correspondence.

Part of the UK Govt recently 'slammed' Facebook for being a 'safe haven for terrorists'. That seems spin-like to me. Facebook (and other social networks) suffer from a lot of trolling. So yes, other things apart from tor also have troubles.

Yet, tor is sometimes used in these things, and it'll get preferential blame, but are those things really tor's fault?

-- Straggler

* Everyone does, by the way!

Jason

January 01, 2015

Permalink

The fact that people uses TOR to mostly surf the clearnet is in fact a bit worrisome too since per Snowden talks and papers the NSA can as well correlate browsing habits. Besides, there is not a clear boundary between reader and publisher in TOR, since one can be both in the same TOR session, for instance when one publish opinions or information on a hidden forum board.

On the other hand, there is a distinctive lack of diversity and/or critical mass in hidden services. CP is used as an excuse by democratic goverments to target other far less questionable but yet ilegal activities happening in the TOR network, like some forms of polical activism, crytonanarquism, drugs use, hacktivism, etc. In fact I tend to believe that democratic goverments are afraid not that people use TOR for ilegal matters but that people use TOR just to escape social control.

Jason

January 01, 2015

Permalink

So 80% of traffic from 2% of sites? Looks like the tor project is engaging in silly minimisation of the message here and it makes the project look really bad. Why not come out in solidarity against child abuse data rather than trying to find tiny holes in the research - the criticism doesn't seem to stand up!

Sometimes I really do despair, you had the opportunity to deal with the media in a way that you do not support this content but instead you look like "well, it's actually slightly less paedophiles than the media claimed so we don't have to worry"

I despair that people immediately think it's a bad thing that people are finding a way to release sick desires by sharing premade images online. I would far rather some sicko get his kicks with pictures on the internet than with my own two kids.

Jason

January 01, 2015

Permalink

Anonymous publishing exists anyway! Technically we don't require HS in Tor for that, and anon publishing is a very good thing..

However I think hidden services are really interesting and definitely please keep working on them. At worst it could be split off as a separate project, but I do think it's a very valuable asset.

While some of the content on these hs's are marketplaces, dodgy pornography and so on, there is a potential for something really cool there.

What I have seen of hs's reminds me a lot of the early days of the internet. It's full of possibilities.

So far though HSs seem to be the least robust aspect of Tor, and there are stories we read of determined adversaries being able to do some damage to deanonymize users or publishers. But I imagine because of the potential nature of the bandwidth used HS are never going to enjoy perfect security... unless Tor traffic itself can be successfully anonymized and all made to look identical which I would imagine is not easy without enormous overhead and large changes to the protocol.

Jason

January 01, 2015

Permalink

Do we want a society where the government agents have total surveillance capabilities? Such totalitarian control of any social institution or society is opposed to the very concept of freedom that western societies espouse. As it is, the government has way more surveillance capabilities over the internet than it does in every day life. As someone else pointed out, window shades allow for criminal activity to occur. People plan nefarious activities behind closed doors. People carry materials that can harm a population inside of containers that cannot be seen through. People have been using the shadows to hide for eons.

Yet who wants to get rid of window shades, or closed doors, containers, or shadows? Or any other structures where people can participate in questionable activities. All of these things also provide beneficial uses for society. Window shades provide privacy, closed doors provide security, containers provide convenience, shadows can provide a way to evade danger.

Perhaps one child or 100 children might be saved by putting cameras in every room of everyone's house, but is that the world we want to live in? I'm concerned about whether the people watching those cameras might not themselves use them for their own nefarious purposes. Think the watchers are saints? History says otherwise. The world is not just divided into good guys and bad guys, but rather many people with many agendas that can potentially have many varying effects.

That kind of totalitarian control allows the government way more absolute power to be used in an absolutely corrupt manner. History tells us this over and over, yet people continue to cede freedom to governments in the name of feeling safe, not considering how it might all go very wrong, usually until it is too late.

So yes, I favor improving hidden services because they represent an effort at being a bastion of freedom. One of the few efforts I have seen up to this point online.

Jason

January 01, 2015

Permalink

It is now legal for the US law enforcement folks to seize an illegal site and keep it up as a honeypot -- a sting site for entrapment purposes -- for an arbitrary amount of time. I can totally see some of these sites being sting operations from US or other authorities. That would also explain the stability. Distasteful -- I hope they pull a decent yield from their entrapment efforts, if so.

Note that the research doesn't show that there are a large number of abuse sites, but rather that there are a large number of requests (directory lookups) for a small number of sites.

Jason

January 02, 2015

Permalink

Please I have a question. What's the difference between accessing Facebook over Tor and accessing Facebook's hidden service? From what I get, hidden services tend to protect publishing; protection of privacy and anti-censorship of the viewer are reasonably guaranteed by appropriate use of Tor. And given the 'announcement' and subsequent 'appraisal', I want to understand it well.

Also, I admire arma and respect him/her so much. But in the post on https://blog.torproject.org/blog/facebook-hidden-services-and-https-cer…, where the writer cites the birthday paradox/attack, does not that tell us that the hash is insecure? And can be cracked? While I understand that it is the hash if a PUBLIC key, doesn't that mean it would not be long before someone figures out two public keys with same hash and then we would have some humor in the Tor community, if you get me?
Please I just want to learn. Thank you

Jason

January 03, 2015

Permalink

Here's a conspiracy theory for you:

A four-letter agency is opposed to the Tor Project's aims of enabling ordinary people to communicate securely and anonymously. Said agency performs blanket internet surveillance, and targeted surveillance of academics working in the security/privacy community.

Through these means, the agency learns that a researcher in Portsmouth plans to measure the amount of traffic various hidden services by counting the number of directory requests for these services.

Knowing that child abuse is an emotive subject, they use modified Tor client software to flood the Tor network with directory requests for a handful of known hidden services serving child abuse content in the time frame in which the researcher is conducting his measurements.

As expected, the researcher's measurements show that in the time frame in which he conducted his research, over 80% of the directory requests were for child abuse content.

The researcher publishes his results, and the resulting media coverage strengthens the perception among politicians and the general public that Tor is used primarily by criminals and paedophiles, thereby preparing the ground for political measures targeting Tor.

Mission accomplished.