The Next Chapter in Anti-Censorship

by arma | December 4, 2019

The video from my DEF CON 2019 talk ("The Tor Censorship Arms Race: The Next Chapter") is now up:

This talk gets you up to speed on all the ways governments have tried to block Tor, walks through our upcoming steps to stay ahead of the arms race, and gives you some new—easier—ways that let you help censored users reach the internet safely. Full talk blurb here.

I'll be happy to answer questions about the talk, or about the anti-censorship team in general, over the next few days in the comments below. Try to keep it on topic, though. :)

(And sorry about the sunglasses. Find me in person sometime and I'll rant to you about corneas.)

Comments

Please note that the comment area below has been archived.

December 04, 2019

Permalink

Wonderful talk, kudos to everyone working on the Tor project and supporting the network with relay capacity.

December 04, 2019

Permalink

I don't know why you missed talking about uae which has one of the oldest if not the eldest censorship programs in the world which has steadily stepped up the game against tor and actually has operating rooms specifically targeting tor not to mention its tor nationwide ban.

Yep. I think it's fair to say we don't know what the heck is going on in UAE.

Here are some good tickets to look at:
https://bugs.torproject.org/28898
https://bugs.torproject.org/29800

Over the past two years there was a huge spike in users from UAE, and then they disappeared again:
https://metrics.torproject.org/userstats-relay-country.html?start=2016-…

At the time, we thought it might be something automated -- somebody integrated Tor into their other app or the like. But I am increasingly thinking that another avenue to explore is whether we're miscounting users. Specifically, we might be counting a user as having received the consensus when actually they requested the consensus but didn't receive all of it:
https://bugs.torproject.org/21345
We saw something similar in Turkey, where there was a huge spike in users but actually we got reports that Tor wasn't working well at the time:
https://metrics.torproject.org/userstats-relay-country.html?start=2016-…

Another avenue to examine is the OONI data. It shows that Tor could bootstrap from several ASes in UAE over the past years. E.g.
https://explorer.ooni.org/measurement/20190724T041453Z_AS15802_mK7rzocS…

So: if anybody has specifics about the UAE censorship apparatus, or in particular what they're doing about Tor, we'd love to learn.

December 05, 2019

In reply to arma

Permalink

December 05, 2019

In reply to arma

Permalink

They are likewise interested in the level of knowledge you have on them or lack thereof and would come to no suprise targeting or infiltrating Tor staff and users as part of much wider ongoing operations against Tor

I concur that attempts to harrass TP employees and supporters inside the US are a possibility which must be taken seriously. We know CIA has tried to infiltrate TP and it is also possible that former US spies might try again, this time working for UAE.

One way of thinking about encryption and Tor is that such tools can make a human rights researcher a hard target for cyberespionage, forcing agents of oppressive governments to fall back upon physical intrusions into our homes/offices. Ironically, one of the best arguments that overall our side is winning cyberdefense victories is that over the past year human rights supporters inside the US and EU are reporting indications that we are now confronting this new and more dangerous stage of the "arms race" between defenders and offenders.

UAE and its close ally Saudi Arabia have created an extensive network inside the USA in particular, not just of (rather effective) lobbyists but of intelligence agents, many of whom are Americans--- including former NSA/TAO "hackers"--- who work for UAE contractors such as DarkMatter. I fear that as US power continues to decline, these governments will feel increasingly free to carry out more drastic physical actions targeting perceived opponents inside the USA.

Somehow we all need to be cautious about both cyberespionage and physical intrusions without becoming too fearful or paranoid to continue doing what we do. See the US State Department's brief guide for defensive driving which was just published at publicintelligence.net for a quite impression of what human rights work inside the USA and EU may soon require.

> UAE

The UAE has just grabbed the security news headlines again:

theguardian.com
Popular chat app ToTok is actually a spying tool of UAE government – report
Government reportedly uses ToTok to track conversations, locations and other data of those who install the app
Associated Press
23 Dec 2019

> A chat app that quickly became popular in the United Arab Emirates for communicating with friends and family is actually a spying tool used by the government to track its users, according to a New York Times report. The government uses ToTok to track conversations, locations, images and other data of those who install the app on their phones, the Times reported, citing US officials familiar with a classified intelligence assessment and the newspaper’s own investigation.

Those of us with long (if imperfect) memories have not forgotten that some years ago, UAE introduced an easily spotted backdoor into the app which is effectively needed to make a cell phone call inside the UAE (which has a state-sponsored telco). Then they made the telco push out the spyware under disguise of a "security update".

We also have noticed the possibility that UAE played some role in arranging the murder of Saudi dissident Jamal Kashoggi.

Nice people, those UAE spooks.

But maybe the spooks who are not quite so clumsy as to get caught so often doing so many crimes are even more dangerous.

Roger might not have found time to mention UAE, but fear not, using Tor you can reach The Intercept, where you read quite a bit about what the UAE government's close ties to MSM and their huge contract with DarkMatter, a USA cyberwar-as-a-service (CAAS) company which has been hiring former NSA cyberwarriors to attack dissidents, journalists, and human rights workers--- and their supporters inside the USA and other countries; some of the NSA mercernaries quit Dark Matter after learning that their activities targeting US citizens might be illegal under US law. Read all about it:

theintercept.com
How Former Treasury Officials and the UAE Are Manipulating American Journalists
Glenn Greenwald
25 Sep 2014

> The United Arab Emirates have retained an American consulting firm, Camstoll Group, staffed by several former United States Treasury Department officials.

theintercept.com
Spies for Hire
Jenna McLaughlin
24 Oct 2016

> the idea of a UAE-based company recruiting an army of cyberwarriors from abroad to conduct mass surveillance aimed at the country’s own citizens may sound like something out of a bad Bond movie, but based on several months of interviews and research conducted by The Intercept, it appears DarkMatter has been doing precisely that.

theintercept.com
Gulf Government Gave Secret $20 Million Gift To D.C. Think Tank
Ryan Grim
10 Aug 2017

> The UAE has used its outsized role to bend U.S. policy in a more militant direction toward the country’s foes: Iran, Qatar, the Houthis in Yemen, and a coalition government in Libya that has gotten backing from Qatar. Otaiba has been the foremost booster in Washington of Saudi Arabia’s Mohammed bin Salman since late 2015, playing a key role in shepherding the Saudi monarch around town as bin Salman was maneuvering to seize control the Saudi government.

theintercept.com
Top Samantha Power Aide is Now Lobbying to Undermine Opponents of Yemen War
Alex Emmons
22 Nov 2017

> Starving children with haunting eyes and emaciated bodies. Bombed-out hospitals and homes. A cholera epidemic that is the largest and fastest-spreading in modern history. These scenes have sparked outrage and a flurry of denunciations of the U.S.-backed war in Yemen, which is led by Saudi Arabia and the United Arab Emirates. But that’s not to say the war has no defenders in the United States. In fact, a public relations consultant and former U.S. diplomat enlisted by the UAE has worked to discredit U.S.-based groups raising awareness of atrocities in Yemen.

theintercept.com
The Second Drone Age
How Turkey Defied the U.S. and Became a Killer Drone Power
Umar Farooq
14 May 2019

> The U.K., Israel, Pakistan, Saudi Arabia, the UAE, Egypt, Nigeria, and Turkey have all used armed UAVs to kill targets since 2015.

theintercept.com
UAE Enlisted Businessman to Spy On Trump White House
Alex Emmons, Matthew Cole
10 Jun 2019

theintercept.com
Team of American Hackers and Emirati Spies Discussed Attacking The Intercept
Sam Biddle, Matthew Cole
12 Jun 2019

> Operatives at a controversial cybersecurity firm working for the United Arab Emirates government discussed targeting The Intercept and breaching the computers of its employees, according to two sources, including a member of the hacking team who said they were present at a meeting to plan for such an attack.
> ...
> Initiatives to target journalists were just one of the many ways in which Americans were hacked or surveilled by Project Raven, Cole and the source on the hacking team said. Wired magazine, Amnesty International, and Human Rights Watch were likely targeted by Project Raven hackers at the behest of Emirati clientele such as the NESA, they told The Intercept, but could not recall details.

I hope everyone will join me in donating to The Intercept as well as Tor Project! (I have no affiliation with either except as a grass-roots donor.)

December 04, 2019

Permalink

No worries on sunglasses; you were at DEFCON. What matters is if we can hear your words and see the props and images you talk about. Besides, medical masks are a part of everyday life in Asia. Adults grow facial hair. People wear makeup and style hair. Muslim women cover faces in all kinds of ways. Catholic nuns cover the head and forehead with a white coif. I'm positive there are more everyday examples.

https://www.theatlantic.com/technology/archive/2014/07/makeup/374929/
https://cvdazzle.com/

December 04, 2019

Permalink

Whoa. Provocative image to lead with.

Will your post and video be translated and subtitled? Farsi, Turkish, Arabic, Chinese, Russian,... Ideally, one .mkv or .mp4 with selectable subtitles (softsubs). Start with the languages of the countries in the 3 Top-10 tabs here: https://metrics.torproject.org/userstats-censorship-events.html

Subtitle software: https://en.wikipedia.org/wiki/SubStation_Alpha#Software_support

I think we have no plans to do the accessibility steps you describe.

But it would be great if somebody does. Maybe you can reach out to groups you know and see if they are interested?

I guess step zero would be to create the subtitles file, and then translation becomes possible.

December 04, 2019

In reply to arma

Permalink

The whole set could be done quick and dirty by writing it all in English and then just running it through translate.google.com or alternative and hope it's correct.

apertium, which you can get via Tor from the Debian onion mirrors, is an open-source tool which can do passable translation from English to Esperanto or Spanish and from Spanish to Portuguese, Italian and French. A crude check on the translations: translate in reverse order and use a dictionary to try to find better words when the retranslation makes no sense. Unfortunately, Russian not yet included in the translation portion.

December 06, 2019

In reply to arma

Permalink

Youtube has english subtitles. It can be automatically translated and just have someone correcting it.

You will be glad to know that Tails Project has set an ambitious translation goal:

https://tails.boum.org/news/call-for-translations/index.en.html

> Tails is an out-of-the-box tool that aims at helping people to preserve their privacy and anonymity online. It comes with a website & documentation that is currently translated into 6 languages besides English: Farsi, French, German, Italian, Portuguese and Spanish. To help more users at risk around the world to understand and use Tails, updating and translating the documentation into more languages is welcome and needed. This is why we have put enormous effort into setting up an easier way to translate the documentation: welcome our new translation platform. After creating an account you can start suggesting translations right away! For more details on how to get started, make sure to read our documentation for translators. We are specifically looking for translations to a set of languages that we consider valuable to our user base: Arabic, Farsi, French, German, Hindi, Indonesian, Italian, Portuguese, Russian, Simplified Chinese, Spanish, and Turkish.

The Tails documentation is excellent and I'd love to see Tor documentation remodeled to follow their organization. The Tor website is unfortunately still a bit of a mess.

And it's not just obnoxious captchas -- wikipedia doesn't let you edit, akamai gives their customers a choice to just block Tor connections entirely (off by default, thankfully), yelp blocks reading because they're scared competitors will scrape their site, etc.

For the original post on this topic, check out
https://blog.torproject.org/call-arms-helping-internet-services-accept-…

And then for more recent papers, check out
https://www.freehaven.net/anonbib/#differential-ndss2016
https://www.freehaven.net/anonbib/#exit-blocking2017

December 06, 2019

In reply to arma

Permalink

> akamai gives their customers a choice to just block Tor connections entirely (off by default, thankfully)

I feel that I do not understand how content delivery works these days, and in particular how this affects Tor users. (I use Tor for almost everything I do online.) EFF just published a wonderful whitepaper which doubles as a terrific explanation of why all those people who insist "I don't need privacy or Tor" actually do in fact need both privacy and Tor:

eff.org
Behind the One-Way Mirror: A Deep Dive Into the Technology of Corporate Surveillance
Bennett Cyphers
2 Dec 2019

I would love to see Tor Project (perhaps in collaboration with ACLU's Jay Stanley and EFF's Bennett Cyphers) publish more explainers like this.

I would love to see some care and feeding of the Debian onion mirrors, plus similar mirrors for CRAN and Raspbian. A version of Tor Browser for the Raspbian desktop might be easier than I thought, if you can collaborate with them.

Why are websites making us train corporate and government A.I.? Website operators and internet users should demand 1. Those groups such as Google and government contractors release the complete AI data sets for free without registration to the public that trained them. 2. Those groups cease and desist relying on the public to train AI, particularly if the data sets can be used to violate the UN International Bill of Human Rights. 3. Website operators and those groups change to alternative captchas that are not easy to repackage into violating human rights.

Finally, read, distribute, and expand this guide:
https://2019.www.torproject.org/docs/faq-abuse.html.en#Bans

December 05, 2019

Permalink

I'm Chinese. A big thank-you to the Tor community! It's you who help us fight censorship and surveillance. And please remove the word 'Xinjiang' below 'East Turkestan'. Xinjiang (新疆) means 'new border' literally, so the name suggests that the region is a part of our country.

> And please remove the word 'Xinjiang' below 'East Turkestan'.

The problem there is that while many Americans now recognize the term "Xinjiang Province", few would recognize "East Turkestan".

> Xinjiang (新疆) means 'new border' literally, so the name suggests that the region is a part of our country.

One could literally write a book on the uses and abuses of language for political purposes, regarding place names alone. Are those windswept islands "the Malvinas" or "the Falklands"? And so on and so forth.

You might be interested to know that the US Census Bureau, which prepares official USG maps, has for decades censored politically incorrect names of geographical features which appear on older maps. And they literally removed some superfund sites such as Love Canal from their maps, apparently at the behest of worried businessmen.

A "word cloud" I'd love to adopt: the term "suspicious person" written in about a hundred different languages. I want to fly that as my personal war flag.

> And please remove the word 'Xinjiang' below 'East Turkestan'.

I never heard the name 'East Turkestan' until seeing that map. I would not have known what it was if 'Xinjiang' was not in parentheses under it. (Until I searched for what 'East Turkestan' is.) I'd like if news told us whichever name the interviewed people are talking about is the same place. I guess professional English-language reporters that tell us the name 'Xinjiang' only are not very good reporters or cowards for Chinese government money.

I guess someone should just say it:

"Xinjiang Province" is the name preferred by the Chinese government. CN never claimed that territory until about 1860, and never occupied it until the Red Army invaded about 1950. Prior to that, the region was autonomous for a millenium.

"East Turkestan" is the name preferred by many Uyghurs, most of whom apparently did not support seperatist movements until the Chinese government began to mistreat them so badly.

Americans who survived Jim Crow might be interested to know that Uyghurs are often subjected to extensive racial/ethnic/religiously based harrassment. Just as MENA immigrants in some EU nations are harrassed by accusations that they all "rapists" [sic], so to that charge is leveled by many Han Chinese against Uyghurs who flee from the oppressive conditions in East Turkestan ("Xinjiang" [sic]) to other provinces.

It is worth bearing in mind that one component of GFC is the Great BitCannon, which it seems Beijing is currently aiming at Hong Kong pro-democracy protesters:

theregister.co.uk
China fires up 'Great Cannon' denial-of-service blaster, points it toward Hong Kong
Protest organizers come under fire from network traffic barrage
Shaun Nichols in San Francisco
6 Dec 2019

> China is reportedly using the 'cannon' capabilities of its massive domestic internet to try and take down anti-government websites in Hong Kong. The team at AT&T Cybersecurity reports that LIHKG, a forums and social news site being used to organize protests on the island, has been the target of an ongoing distributed denial of service (DDoS) attack from the mainland. It is believed that the sustained flood of traffic is the result of the offensive capabilities built into the "Great Firewall," China's massive network infrastructure designed to filter, censor, and monitor traffic within the country's borders. Thus far, it appears that LIHKG's anti-DDOS service is holding up to the barrage and the site remains accessible.

Another recent story:

theregister.co.uk
Just take a look at the carnage on Notepad++'s GitHub: 'Free Uyghur' release sparks spam tsunami by pro-Chinese
How to make friends and influence people, 2019 Edition
Thomas Claburn in San Francisco
31 Oct 2019

> On Tuesday, Don HO, the developer of Notepad++, a free GPL source code editor and notepad application for Microsoft Windows, released version 7.8.1, prompting a social media firestorm and a distributed denial of service attack. Notepad++ v7.8.1 was designated "the Free Uyghur edition," in reference to the predominantly Muslim ethnic group in western China that faces ongoing human rights violations and persecution at the hands of Beijing. "The site notepad-plus-plus.org has suffered DDoS attack from 1230 to 1330 Paris time," HO said in an email to The Register. "I saw the [reduced] amount of visitors via Google analytics then the support of my host confirmed the attack. The DDoS attack has been stopped by an anti-DDoS service provided by our host [Cloudflare]."

And then there is this story:

theregister.co.uk
US games company Blizzard kowtows to Beijing by banning gamer who dared to bring up Hong Kong
'Every voice matters' unless there's renminbi to be had
Kieren McCarthy in San Francisco
8 Oct 2019

> US games company Blizzard has caused a storm of protest for suspending a professional gamer after he made comments in support of pro-democracy protesters in Hong Kong. Chung Ng Wai is one of the best players of Blizzard’s Hearthstone game, going by the name “Blitzchung,” and was interviewed having just won a match of the game at an official in-person tournament on Sunday. At the end of the interview, Chung repeated a protest slogan “Liberate Hong Kong, revolution of our time,” from his hometown of Hong Kong where protesters are clashing with the authorities over attempts by mainland China to exert greater control over the semi-autonomous’ city.

Welcome to the 21st Century! In which evidently absolutely everyone needs tor for absolutely everything right this d-n minute.

And in which Americans are discovering the hard way, through bullying by the Chinese government, why non-Americans so disliked being bullied by the American government. Sigh... some lessons always seemed to be learned too late.

December 05, 2019

Permalink

Tor NOTICE: Closed 1 streams for service [scrubbed].onion for reason resolve failed. Fetch status: No more HSDir available to query. 2
WTF?

December 06, 2019

Permalink

@ arma:

Thank you for this informative briefing on the State of the Art in defeating national censorship regimes. I am always happy for any signs that people in countries like Iran and China can still use Tor. (And Russia?) In the graphs (ggplot2 yes?), the y-axis is the number of connections per day, right? I'd like to see these numbers increase by at least three orders of magnitude!

I am encouraged to see that some Venezuelans are using Tor but what about Chilenos? Any figures for Chile or Bolivia? It seems that Latin America is one area where more Tor nodes (and more outreach) are badly needed. I think TP already works with Derechos Digitales in Santiago but I hope you can create closer ties.

How about Central African Republic? South Africa?

With the new government in Ethiopia, perhaps the climate for doing some Tor outreach to MENA from there might be favorable?

I would love to see a post like "everything a Tor lover needs to know about Snowflake". Don't forget to specify the minimal bandwidth which is useful.

Corneas: last year our local DHS monster-copter (an EC-635 I think) developed a nasty habit of firing its target-designator laser in my eyes whenever they spot me (every few weeks). (The laser is mounted in the surveillance camera turret and is used to point out a target to agents on the ground, who use a kind of monocle to see the invisible laser beam.) And now I have cataracts.

One of the things the Drump admin learned from Putin is that a smarter way of crushing dissent than simply beating up human rights workers is to bankrupt human rights orgs with massive fines. Crushing dissidents with enormous medical bills from covertly inflicted injuries works too.

December 22, 2019

In reply to arma

Permalink

https://metrics.torproject.org/userstats-censorship-events.html?start=2…
https://research.torproject.org/techreports/detector-2011-09-09.pdf

Suggest you bring this to the attention of Rep. Jayapal, who represents the House district where Tor Project has its mail drop (so as close at it comes to being your representative in the US Congress, as it were). and who just happens to be a member of the Human Rights Caucus.

It looks like the graphs may require that Tor Browser users use the low security setting which could turn away some of your warier users.

December 06, 2019

Permalink

@ Tor Project:

Suggestion for another blog for the 2019 end-of-year funding drive: what about a blog describing some useful things technically skilled ordinary citizens can do using Tor? Example:

theatlantic.com
The Self-Appointed Spies Who Use Google Earth to Sniff Out Nukes
Nuclear intelligence isn’t just for government agencies anymore. A motley crew of outside watchdogs has found creative ways to deter proliferation.
Amy Zegart, Contributing writer at The Atlantic
6 Dec 2019

In another comment in this blog, a few months ago, I mentioned the ominous facts that

o the TP maildrop is physically located 25 miles southeast of the largest concentration of operational nuclear weapons (assembled and ready to use) in the entire world,

o most USN warships carry some nuclear weapons

o sailors with daily access to them not infrequently experience severe personal problems leading to psychological breakdowns or even workplace shootings.

Unfortunately, the last has just been reconfirmed by two separate workplace shootings which occurred within days of each other: the first in the Pearl Harbor navy yard, the second in the Pensacola Navy Base. Of all the service arms, USN is most secretive about its many nukes, so I don't know whether these particular shooters had access to operational nukes, but it is possible. In connection with the "SEAL pardon" scandal, it is further notable that both bases are involved in things related to special forces "training" operations. Further, SOCCOM has rather surprisingly endorsed warnings from peace activists about "moral injury" and has even sponsored a symposium on this issue:

the intercept.com
Donald Trump Keeps Navy SEALs Above the Law
Matthew Cole
5 Dec 2019

Further, as I noted in another comment, NSAW (the huge complex located on the grounds of Fort Meade in Maryland) apparently has been suffering for years from a series of unsolved on-base rapes and sexual assaults, which DOD is apparently not doing enough to stop.

More signs, I suppose, that the collapse of the USA is drawing near. @ Rest of World: it would be wise to prepare now for the metaphorical economic, geopolitical fallout--- and also for possible all too literal fallout--- resulting from this predicted major event.

December 06, 2019

Permalink

01:25
To relate to a larger audience in 2019, update your talk to note where most time is spent: cellular carriers Airtel, Vodafone, Telefonica, Verizon, AT&T, or content delivery networks (CDNs), Akamai, Limelight, Amazon CloudFront.
https://en.wikipedia.org/wiki/List_of_mobile_network_operators

01:41 - Slide: "Anonymity isn't encryption"

That needs to be emphasized so much more to news media and the general public. It's good you said it. When someone is idolizing end-to-end encryption from sales pitches or product reviews, I find that they almost always have little understanding of metadata and don't understand that end-to-end encryption doesn't remove metadata tracking.

02:21 - "Everybody knows creepy NSA dude."

Name him. Sear it into popular memory. He is Michael Hayden, former Director of the NSA and CIA and former Principal Deputy Director of National Intelligence.

02:40 - "I only use the word 'anonymity' when I'm talking to other researchers." Abridged: To [private citizens], a 'privacy system'. But to companies, 'communications security' or 'network security' because I hear 'privacy is dead'; I hear 'anonymity is scary'. To governments, 'traffic-analysis resistance communication networks'. To human rights activists, 'reachability' (anti-censorship). An anonymity system for a single group is an oxymoron. You need this wide variety of people to blend together.

Stop telling different words to different people for the same thing. Stop reinforcing their misconceptions, biases, misguided behavior, and idiotic mistreatment of one another. Do the reverse. Familiarize each and every one of them with what the other perspectives and buzzwords are. Show them that they are often sold a narrative that is incomplete and that the different words are all related. Tor Project has this odd problem streak of educating people disjointedly or neglecting to do so in major software revisions.

07:24 - "We choose to be transparent because it helps us build a better..."

At its heart, transparency simply builds awareness of consistency and motivations. Many who gain power spread a narrative implying transparency alone builds positive trust. It doesn't. Transparency must be coupled with open, accessible, candid, unretaliatory participation and receptivity for changes in accordance with feedback.

08:00
You ask about pluggable transports, notice "far fewer hands than before" have heard of them, but then imperceptibly switch the topic from bridges to relays and a complicated "simple version" of the background. First, make it clear when you switch topics. Second, introduce new people to a topic by giving example situations of when it's used or would be needed, as would lead someone into your FAQs or like those in the user research personas collected by your community and UX teams. Then, graduate to complicated things.

08:36
Point to each part of your diagram as you explain them. For instance, explain what "R1-3" are. Does it represent a relay or someone sending to Alice? You say "directory authorities", but the diagram says "trusted directory". The diagram talks about "consensus" and "descriptors", but you don't. That slide is on screen for only 24 seconds to figure out, and you barely reference it anyway. Pointless.

09:00 to end
Good. The anecdotes about various nations are excellent.

12:52 - "It looks at what /16 of the internet you're coming from and gives you a different answer based on where you are and what day it is."

Does bridgeDB also limit giving results to known proxies? If someone asks for bridges from an exit relay, is rotation of results throttled so they can't quickly open another proxy to get new bridges?

13:54 - UX feature routes bridge requests through AzureCloud

Are you approaching the idea of using AzureCloud as if they are one of the bad guys? Would domain fronting help anonymity if you ran it on a theoretical AlibabaCloud or TencentCloud that didn't block requests? If it won't, then it isn't anonymous by design. But neither would https or email. They all have metadata. Bootstrapping bridges is a hard problem as you say: "How do you give out these bridges in a way that the good guys are gonna get some, and the bad guys aren't gonna get all of them?" And how to prevent being surveiled as a result of requesting bridges.

30:38 - "If we can't solve the fact that Australia wants to censor, how on Earth are we gonna solve the fact that Saudi Arabia wants to censor?"

That's a great question that needs to be repeated in news media and asked to the general public.

32:27 - Snowflake
Tor users have learned to distrust WebRTC and JavaScript. The tallest hurdle for Snowflake in my opinion is to prove to Tor users that WebRTC and unaudited, unverifiable JavaScript in these extensions are any different from other extensions. Extension add-ons for normal browsers are not verified by PGP signatures, and normal browsers are not patched for WebRTC and JavaScript anonymity in the way Tor Browser is. Remember, you still have a tough time convincing Tor Browser users that automatic NoScript updates are safe.

35:42 - "apt install tor-servers"
That would make it easier to install, but it couldn't and shouldn't automatically forward ports and reconfigure firewalls. UPnP wouldn't instill safety either.

35:57 - "BridgeDB needs a feedback cycle"
Interesting! That would help users a lot.

38:15 - FTE
It sounds incredibly hard to describe HTTP as a regexp. FTE doesn't sound practical unless you discover the regexp that the censor is using, and the censor doesn't change it. In decoy routing, how can the ISP think they're talking to the decoy destination when the traffic is being rerouted internally by the thing at the ISP as you say? The ISP is in on it.

40:40
Funders don't want to fund fixing bugs? Why do they think their shiny new feature will be worth their money and your time if the software is riddled with holes? Diversionary tactic?

> "Everybody knows creepy NSA dude."
>> Name him. Sear it into popular memory. He is Michael Hayden, former Director of the NSA and CIA and former Principal Deputy Director of National Intelligence.

Michael Hayden is infamous for saying "we kill people using metadata", apparently implying that he thinks that is just fine.

Another former DIRNSA, Keith Alexander, is infamous for his slogan "Collect It All", and the dictionaries he kept to remember what some of the most important NSA cover phrases meant, which have been so helpful to those analyzing the Snowden leaks.

But I suspect arma may have meant a generic "creepy NSA dude", such as the fictional minor characters in the series "The Good Wife". (The writers, who were very well informed, obviously had studied the Snowden leaks sufficiently well to understand some subtle distinctions between NSA and CSE.)

Roger might find it difficult to say anything too personal about Hayden because as I recall on occasion he has sat on the same stage as Hayden. Have you seen that man's "dont fuck with me" stare"? He can be a bit scary and I suspect he enjoys scaring people he has just met.

Interestingly enough, word on the street (specifically, Canine Road) is that Hayden hates Alexander much more than Dingledine, because Alexander committed the unforgivable faux pas (in Deep State land) of forming his own company, IronNet, founded upon a software he claimed he had developed for his own profit in his own spare time while DIRNSA. Investigative reporters should really look into that because its the same kind of self-dealing scandal which ruined the career of Alexander's protege, Teresa Shea, who was next in line as DIRNSA until she was demoted after the revelation that she was profiting from no-bid NSA contracts with her husband's companies. Ah, the arrogance of these Deep Staters. That's the real reason why Drump admires Putin and hates Deep State--- they are all making billions and he wants in on the tax-free looting of the national treasury.

I don't think I've ever met Michael Hayden.

But yes, my goal with not naming him was that it doesn't matter so much which human fills the spot currently. The problem is the spot itself -- that we've set up an infrastructure that steers us toward systemic abuse.

December 22, 2019

In reply to arma

Permalink

> I don't think I've ever met Michael Hayden.

Apologies, my once perfect memory be failing me again. A side effect of slow starvation, no doubt.

Totally agree that when it comes fo government abuses, there are no "good guys" or "bad guys", just state-sponsored abusers.

> Funders don't want to fund fixing bugs? Why do they think their shiny new feature will be worth their money and your time if the software is riddled with holes? Diversionary tactic?

I think too many funder brains are steeped in the attitude that "newer and flashier is better", whereas fixing bugs seems "dull and b-o-o-o-ring' [sic]. What they are buying with their money is not a better Tor for we users, but a spot of good press for their company. (Staring hard at Google.)

We ordinary users on the other hand understand that our lives are at risk, so we are very very motivated to support fixing bugs. Which is why I hope everyone will join me in contributing to the next Bug-fixing drive (I gave to the first but obviously this must become a Tor tradition).

An important point about union-busting at Google, Amazon and the other Big Uglies: the motivation is *exactly* the same as the terror which underlies all brutal oppression by authoritarian governments. The few who hold disproportionate power over the many are always terrified by anything which they fear they may not be able to control "if things get out of hand".

As for funders and funding bugfixes: the key thing to realize is that funders have their *own* funders to impress. For example, when some of our funding comes from the US State Dept, then *they* spend their time impressing Congress staffers and reassuring them that the money is going to good use. And everybody, all the way up the chain, wants to think that their money (their project) is the one that will make magic and sweeping change. Everybody is hoping that somebody else will fill in the gaps and pay for the bulk of the work, which is keeping everything going and making it more reliable, more safe, more usable, etc.

December 22, 2019

In reply to arma

Permalink

Ouff! This makes my head ache--- but thanks, because it is important for all Tor users to try to understand as well as possible the extremely complicated relationship of Tor Project with USG agencies and their allies (e.g. Radio Free Asia) which offer grants to project USG "soft power".

Here's hoping that we can persuade the private billionaires and the rich government into protecting ordinary citizens that this is actually in their own long-term interests too.

December 26, 2019

In reply to arma

Permalink

arma, your example is why it's all the more important for tor project to drop large sponsors that want things for themselves and why it's important for more small donors to contribute to offset dropped large ones.

Does bridgeDB also limit giving results to known proxies? If someone asks for bridges from an exit relay, is rotation of results throttled so they can't quickly open another proxy to get new bridges?

Yes, BridgeDB maintains a separate distribution bucket for requests from exit relays. There is however no throttling in place.

@ Philipp
I hope the "bucket for requests from exit relays" covers all kinds of open proxies: exits, open socks/http, web-based interfaces, VPN free and paid, open wifi, etc. Else, one could grab a set through one kind and instantly hop on another kind and grab a different set.

December 06, 2019

Permalink

Looking forward to watching the talk!

My question isn't exclusively a tor-project concern, but what is the state of anti-fingerprinting in the fight to protect anonymity online for web users? I used to believe I was safe through JavaScript-disabling my web browser, but recently learned of attacks such as this one which uses css-media queries that can generate targeted metadata even while turning JavaScript off.

I think CC-BY is a good choice. Let me know if you want something more concrete and I can provide that.

And also, the pdf includes a bunch of random images from the interwebs, which I claim I am using in fair use, but which my CC-BY license doesn't magically give you further permissions over. Be sure you understand how copyright works before doing something surprising.

Oh, and also also, there is secretly a .odp link too, if you are wanting something to put in a directory path named 'src'.

December 07, 2019

Permalink

@ arma:

Have you read this book?

The Great Firewall of China
James Griffiths
Zed Books, 2019

You might recognize the author's name because he wrote articles for the South China Morning Post in 2014 covering the Umbrella movement in Hong Kong. He only mentions Tor to dismiss it as compromised by NSA (no reason given) and hard to use (but he says Tor Browser is easier). Might I suggest that TP consider reaching out to him to try to convince him that Tor has a role to play?

Other than somewhat slighting Tor, I think the book is excellent and should probably be required reading for everyone working on censorship-evasion tools. One of Griffiths's most important points is that China has already exported parts of GFC to RU (SORM and its descendants are built on the Chinese model) and many Africa nations. The Confucius Institute, a CN softpower institution which he mentions, has "captured" US universities which play key roles in supplying talent to Silicon Valley (and NSA) such as University of Washington in Tor's "home town" of Seattle.

(The UK-based publisher, Zed Books, is worthy of note because it is not a company with a CEO or other typical corporate structure. So exactly the kind of company which would be far more welcome in Seattle than Amazon/Google/Microsoft!)

For anyone who didn't get the point about East Turkmenistan vs. "Xinjiang Province" [sic], Griffiths explains that too and gives further background for the situation there.

BTW, with Ukraine much in the US news these days, it seems worth mentioning that the words Xinjiang and Ukraine both mean, more or less, "borderland".

But the most relevant part of the book may be the bit about how UAE almost gave away the internet (with the support of RU and CN) a few years ago, at WCIT, an international conference on governing the internet. Guess which nation won a reprieve for freedom on information? Aw, c'mon, *guess*.

OK, I'll tell you. It was Egypt. That's right, Egypt. Imagine that, Egypt stopped CN and RU from converting the internet into a crudely partitioned patchwork of national censorship regimes and individual surveillance states, the model preferred by authoritarian governments.

But the reprieve was only temporary. The excuse always offered up by RU and CN for their surveillance/censorship regimes is, you guessed it, "save the children" The same as the excuse offered up by USA for their planned surveillance/censorship regime in their "Going Dark" influence operation targeting their own population. The bald-faced audacity of these governments posing as protectors of child welfare is sickening, given CN's family separation policy in East Turkmenistan aka "Xinjiang Province" [sic] and USG's family separation policy regarding families seeking amnesty from raging political violence in Latin America.

Be this as it may, I hope TP is working with EFF to push back against this:

techdirt.com
Private equity firm buys .org domain months after ICANN lifted price caps
ICANN eliminated price protections for .org domain owners earlier this year.
Timothy B. Lee
23 Nov 2019

> The Public Internet Registry, a subsidiary of a nonprofit called the Internet Society, has managed the .org domain since 2002. Earlier this year, ICANN asked for public comment on a new contract for the organization. The most significant change was the elimination of provisions limiting price increases for .org domain owners. According to one tally, more than 3,000 parties wrote in opposing the removal of price caps. Only six comments supported the change. Yet ICANN ignored this lopsided response and approved the contract in June. At the time, the PIR said that
it had "no specific plans for any price changes." But earlier this month, PIR announced that its parent organization, the Internet Society, was selling PIR to the private equity firm Ethos Capital.

So what are the implications for torproject.org? Is USG following the Putin model, wherein the government suppresses human right groups by simply passing law after law making it impossible for such organizations to find the money they need to exist, without formally declaring them outright illegal?

Another bit of bald-faced mispresentation: the Big Cable lobbying group which is preventing any meaningful progress towards breaking up the Comcast/ATT/Verizon/T-Mobile duopoly is calling itself "Privacy for America". Hopefully no consumers are actually fooled by such idiot-minded tricks.

December 10, 2019

Permalink

Very educational. Thank you very much!

Is using Gmail to receive a bridge "safe" (a good idea)? The assumption that one is supposed to have (sign up for) a Gmail account seems counter-intuitive when thinking about privacy/freedom issues: OP themself says "for those who can tolerate surveillance capitalism" on the one hand.

If you're not comfortable with using Gmail, you can request a bridge from bridges.torproject.org, or do it directly in Tor Browser. If it's "safe" depends on what you consider safe. For many people it absolutely is; for others it isn't.

December 17, 2019

Permalink

you talked about diversity of relays in your talk, how do you measure diversity ? do you keep a database of relays with their location?

Yes, exactly. I cover this in minutes 5-7 of the talk -- there are many different pieces to measuring diversity and safety of Tor, but one of them is where in the world the relays are.

You can learn much more about this topic at https://metrics.torproject.org/

For example, you might enjoy https://metrics.torproject.org/bubbles.html

And to see relay density by country, check out
https://metrics.torproject.org/rs.html#aggregate/cc

December 21, 2019

Permalink

If Cloudflare or the VPN industry controlled a large share of Tor exit servers, what would stop them from conducting DoS originating from those servers to satisfy profit motivated business interests under a press release that blames the origin of the traffic on Tor or hackers?

With my limited knowledge, theoretically, one way might be to compare their statement to the exit's read/write metrics... if the metrics are authentic and sufficiently fine-grained.

Technically, nothing would stop them.

Socially, I don't think it would be much different if they did this approach while running Tor exit relays or not running them. That is, if people want to set up a smear campaign about Tor, they can do it whether the facts agree with them or not.

Looking back to when Cloudflare was saying bad things about us, even if we all agree on the available facts, it also depends how you use those facts. For example, if 99 real people access a Cloudflare website via Tor, but 1 jerk makes 1000 connections, then is it right to say that over 90% of Tor users (1000/1099) are jerks? Or do you say that 1% of Tor users are jerks? Both statements leave out important information.

But turning the question around to a good side, this technique of running an exit relay and then making use of the inherited reputation was actually the basis for the study by the Berkeley folks:
https://www.freehaven.net/anonbib/#differential-ndss2016
https://www.freehaven.net/anonbib/#exit-blocking2017
That is, they ran an exit relay, and then they scanned the internet, not using Tor, from that exit relay's IP address, to see how the rest of the web treated them.

December 22, 2019

Permalink

> 02:21 - "Everybody knows creepy NSA dude."
>
> Name him. Sear it into popular memory. He is Michael Hayden, former Director of the NSA and CIA and former Principal Deputy Director of National Intelligence.

Yes indeed, but it seems notable that his successor, Keith Alexander, was even worse. And Alexander's successor, Adm. Michael Rogers, is said to be cooperating in AG Barr's war on the FBI. Turning NSA, CIA and FBI against each other might not be an entirely bad thing, to be sure, since it is the best interests of people everywhere--- including and especially Americans--- to dismantle the American secret police agencies. One of the worst aspects of the US mass media's long collaboration with "Deep State" is that Americans are encouraged to forget such indisputable factual events as these:

o CIA hired a well known contractor with local contacts to build a terrorist training camp in Kunduz, Afghanistan. To support the jihadist resistance to the Soviet invasion. They instructed this contractor in how to build underground tunnels and bunkers which would withstand attack from (Soviet) missiles and bombs. These techniques worked just as well when, a few years later, the same man later built fortified hideouts in Tora Bora and other areas, which proved to resist American bombs just as well as Soviet bombs. The name of the contractor? Osama bin Laden.

o FBI supported, over many decades, the hate speech and terrorist activities of Meir Kahane, founder of the JDL, because he satisfied their traditional litmus test of strong anti-communist sentiment. In 1990, Kahane was assassinated while eating dinner in the Marriott Hotel in Manhattan by a man named El-Sayidd Nosair, another long-time CIA informant. After the killing of Kahane (who was an odious and dangerous figure, to be sure), despite the fact that Nosair was arrested at the scene, admitted to the killing, and was identified by dozens of witnesses, under strong pressure from CIA on the prosecutor, Nosair was acquitted in one of the most bizarrely mishandled murder prosecutions in US history. He had been accompanied by Mohammed A. Salameh, who was later involved in the first WTC bombing and other terrorist attacks. (Salameh's career ended when he was killed by a Mossad car bomb, but not before Mossad agents had killed an entirely innocent man whom they had mistaken for Salameh.) It later was revealed that bin Laden had helped pay for Nosair's defense. Later still, Nosair was convicted on further terror charges arising from his association with Omar Abdul-Rahman, the "blind Sheikh" who played a major role in many terror attacks.

o Nosair was also a close associate of Ali Mohammed, a jihadist who served as a long time CIA informant, which protected his amazing career as Al Qaeda's most important operative embedded inside the US military. Mohammed reported to Al Qaeda's co-founder Ayman Al-Zawahiri, a fact he happily shared with CIA handlers over many years.

Yes, you read that right! Bin Laden was a major CIA contractor, only a few years before he co-founded Al Qaeda! And CIA protected a terrorist who was protected by CIA as a "CIA asset", even after he murdered -another- terrorist who was protected by FBI as an "FBI asset". Imagine forgetting all that. These facts are not actually denied by USG, but have been consigned to the memory hole of the American mind by the Deep State shapers of the political opinions of American voters.

Time and again, with the reliable and staunch assistance of the American mass media, CIA and FBI have ensured that Americans have forgotten the role of "Deep State" in funding -both sides- of the "War on Terror", over the course of the last sixty years (more, in the case of FBI and its predecessor agency, whose use of terror bombers as informants dates back to the Anarchist bombing scares of the 1920s.)

Dismantling the war criminal branches of "Deep State" should be a widely shared non-partisan goal. These horrid agencies have been doing great and lasting harm but no lasting good for many decades (more than a century in the case of FBI, more than a half-century in the case of NSA and CIA). They have faced many many scandals, but have never reformed. They are irredeemably criminal serial offenders. It follows that they must be entirely eliminated.

Anyone who considers as unkind my own calls for the prosecution as war criminals of John Brennan, Keith Alexander, Michael Hayden, Eric Holder, William Barr, James Comey, etc (owing to knowingly enabling "collateral damage", especially in so-called "signature" drone strikes and US special forces raids), should really read what editorialists are saying at far right sites. They are not calling for prosecutions in properly constituted courts, but for lynchings.

December 23, 2019

Permalink

A minor correction: it turned out that the shooter in Pensacola was a member of the Saudi Arabian Air Force who was being trained in the modern version of the notorious "School of the Americas", the CIA funded school which offered counter-insurgency training to many military officers who later became notorious dictators and/or drug runners, such as Manuel Noriega.

The CIA: in the best interests of everyone everywhere--- including and especially Americans--- that agency simply has to be dismantled, the sooner the better. See the book by Tim Wiener, Legacy of Ashes, for a very readable account of CIA's astoundingly consistent record of, time and again, seeming to serve very short term USG interest, at the unacceptable expense of, time and time and time again, harming the long term interests of the USA.

A few years before the founding of Al Qaeda, CIA hired Osama bin Laden, of all people, to build a jihadist training camp in Kunduz. Their intention was to train jihadists to fight the -Soviet- occupation of Afghanistan, which was followed some years later by the American occupation. To that end, CIA agents instructed bin Laden in the art of constructing underground bomb proof bunkers. UBL found that very useful when a few years later he constructed further jihadist training camps in Tora Bora and other places.

Really, that one anecdote ought to tell the U.S. Congress all they need to hear in order to be galvanized into immediately shutting down CIA, plain and simple, finito, gone, but many more similarly sorry tales can be found in Wiener's book.

In the entire history of the world, was there ever any agency more harmful to the interests of the nation which lavishly funded it? I am not sure even the dismal history of the final stages of the Austro-Hungarian empire or the rule of Kaiser Wilhelm or his cousin Tsar Nicholas offers suitable examples of policies which should never be aped by any government, anyhow, anywhere, anywhen.

如果美国政府来你的家,逼你满足他们所有的要求,你会喜欢吗?如果你一个人不能反对,强权就是公理吗?那你考虑一下:维族人会喜欢汉族官员占领他的家吗?完全不问他同意不同意。汉族人的土地还那么多,但是他只有他自己的家。

压迫自己的邻居们只有两个结果:他们反对你,然后分裂。还是他们反对你, 然后你屠杀他们。现代有国家选择屠杀--你知道南京那座城市吗?