Is Tor still safe to use?
(blog.torproject.org)746 points by Sami_Lehtinen a day ago
746 points by Sami_Lehtinen a day ago
>This could cost less than $5000 for a month
I ran a bunch of nodes for a couple years and that's optimistic by perhaps an order of magnitude. No $5 a month VPS provides enough bandwidth to sustain the monthly traffic of a Tor node, and nodes need to be continuously online and serving traffic for about 2-3 months[1] before they will be promoted to guard relays. Throttling traffic to stay in your bandwidth allocation will just get you marked as a slow node and limit the number of connections you get. Sustaining just 1 Mbps will blow your monthly transfer allocation on the cheap tiers of both Digital Ocean or Linode.
Now to add additional problems. 1000 tor nodes on a single platform would be very noticeable and geographically limited. Platforms also have different weight attached to them in the consensus, which adds further time requirements before a node is promoted. The developers do not want a single platform provider to be able to observe a large portion of all the traffic, so there are counter measures.
The attacker could try to create a handful of accounts on hundreds of platforms in as many countries as possible, assuming one verify that the platforms accepts tor and do not share underlying providers and data centers. The cost would then be the average price of said providers, which is going to be a fair bit more than the cheapest providers out there. Managing and spreading them out is also going to cost a lot of man hours. Also the secops need to be fairly on the point and need to be maintained quite strictly across all the providers.
Considering multiple world governments have already shown in leaked documents that this is exactly what they do, I personally wouldn't trust my secrets with tor.
I started a tor relay on a spare vps about a month ago and it got guard status around 2-3 weeks in, so that info seems to be out of date.
Pardon my ignorance, but I thought it fruitful to ask: Are there any issues that can arise by doing this on a VPS?
I ask because I know of stories of law enforcement sending inquiries to owners of, say, exit nodes requiring certain information about given traffic. I don't know if this happens for middle-nodes (or whatever they're called).
Moreover, are there any issues with associating a node to, you know, your name and billing information?
I don't know much about this, and although I could look it up, I think that my questions - and your respective answers or those of others - might do some public service of information sharing here.
Still easily within the budget of the US, Russia, China, Israel, etc. I wouldn't be surprised if a majority of nodes are ran by intelligence agencies.
The interesting thing is, the more agencies that run relays, the more they interfere with each other. So having something like US, Russia, and China a each running 25% of the network reduces the chances of any one getting all three relays.
Before 2020 when /r/privacy stimulated conversation that was worthy of good discussion you learned Tor the software made less available nodes accessible with newer deployments, that’s why it got faster. Regardless of how many nodes existed. The routing shifted. Now it’s way faster and there's specifically designated guard nodes seemingly pinged repeatedly out to the same allied nations.
In fact, you should assume they are. This doesn't imply the network doesn't have utility for a given actor.
Not only would you need the node to expose IPs with a wide enough distribution to allow the right path selection, you'd also need to have enough bandwidth available to look like distinct hosts, and ensure any losses in connectivity aren't correlated enough to draw attention (people monitor metrics.torproject.org pretty diligently, and would notice if there was a chunk of bandwidth coming and going in lockstep). At that point, the difference in cost to just actually running legitimately separate hosts is negligible. All empirical evidence points towards the status quo that has existed for most all of Tor's existence: if you want to identify Tor users, there are cheaper ways to do it than dominating the network (and those ways are expensive enough to be outside most people's threat models).
That said, any bandwidth anyone wants to contribute to mitigate such attacks is always appreciated, even if it's more useful for performance reasons in practice. ;)
This is what providers such as https://www.vultr.com/ are for:
If it’s that expensive to run Tor nodes, who is actually paying for them? I’ve heard individuals getting doors kicked in for participating in the network, so it’s not individuals. Corporates too wouldn’t want this type of burden… so is it really just spy-vs-spy
Many individuals contribute to running relays. And there are non-profit organizations collecting donations to operates Tor exit nodes:
This is probably strictly true but it smacks to me of 'many people say'. I wonder what % of TOR nodes are run by people with an ideological allegiance for the network vs how many are run by nation-state actors.
only exit nodes get there door kicked in and they are the minority and not needed for the tor network to function
These costs explain why most of the nodes are probably run by the FBI.
>Surely eventually I'm going to get a hit where all three nodes in the circuit are my nodes that are logging everything?
The word "eventually" is doing a lot of heavy lifting here. Let's say you actually manage to add 1000 servers to the tor network somehow without getting detected. The network currently sits at just under 8000 nodes. For simplicity, lets also ignore that there are different types of nodes and geographical considerations and instead just ask what is the probability that someone randomly chooses three nodes that you own. The answer is less than 0.14%. If that someone decided to use 4 nodes to be extra-safe, that number goes down to 0.015%. And it decreases exponentially for every additional relay he adds. Combine this with the fact that tor nodes are actively monitored and regularly vetted for malicious behaviour[1], and these attacks become increasingly difficult. Could someone like the NSA with limitless resources do it? Quite probably, sure. But could you or any other random guy do it? Almost certainly not.
[1] https://gitlab.torproject.org/tpo/network-health/team/-/wiki...
Edit: For all the cynics and doomsayers here, consider this: Tor has been around for a long time, but there has never been an uptick in arrests that could be correlated to cracking the core anonymity service. If you look closely at the actual high profile cases where people got busted despite using tor, these people always made other mistakes that led authorities to them.
75% [0] of all Tor nodes are hosted within 14 Eyes [1] countries, so it would actually be quite trivial for the NSA to de-anonymize a Tor user.
It baffles me that Tor Browser doesn't provide an easy way to blacklist relays in those countries.
[0] Here, you can do the math yourself: https://metrics.torproject.org/rs.html#aggregate/all
[1] https://en.wikipedia.org/wiki/Five_Eyes#Fourteen_Eyes
> Edit: For all the cynics and doomsayers here, consider this: Tor has been around for a long time, but there has never been an uptick in arrests that could be correlated to cracking the core anonymity service. If you look closely at the actual high profile cases where people got busted despite using tor, these people always made other mistakes that led authorities to them.
Maybe someone, somewhere, has decided that allowing petty criminals to get away with their crimes is worth maintaining the illusion that Tor is truly private.
It's also worth noting that it's significantly easier to find the mistakes someone has made that could lead to their identity if you already know their identity.
> Maybe someone, somewhere, has decided that allowing petty criminals to get away with their crimes is worth maintaining the illusion that Tor is truly private.
This is what I believe. If they do have a way to track people, it wouldn't be worth blowing their cover for small stuff that wasn't a ridiculously huge national security threat that they could afford to throw away 20+ years of work for.
In fact there have been court cases that were thrown out because the government refused to reveal how their information was obtained... I think that usually means they're hiding it on purpose for a bigger cause. I also wouldn't be surprised if multiple SSL CAs are secretly compromised for the same reason.
The original purpose of TOR was to provide agents and handlers with a means of secure communication, allowing them to organize subversive or espionage activities. It was created by the Department of Defense to propagate their interests and spread democracy around the world using these secure capabilities. Given this context, it's not unreasonable to assume that TOR is still being used in a similar manner today.
Because of its origins, access to the identities of users on the TOR network—even if they could be de-anonymized—would likely be extremely restricted, compartmentalized, and classified. This would make it much more difficult for such information to be used in law enforcement proceedings. Perhaps that, rather than a technical limitation, is the reason most high-profile arrests related to TOR involve criminals making some other mistake, rather than the security of the network itself being compromised.
Additionally, it’s interesting to speculate that some of the secure private defense and intelligence networks—parallel or classified world internets—could themselves be implemented as possibly enhanced forms of TOR. It would make sense that nation-states, through shell companies and other disguises, might run and control many seemingly innocuous machines acting as secure relays in these parallel networks. While I have no data to back this up, it seems logical, given that TOR was originally created by the DoD and then open-sourced.
Why wouldn’t they keep something that works, build on it, and enhance it as a means to secure their own global communications?
Its important to realize that TOR is primarily funded and controlled by the US Navy. The US benefits from the TOR being private.
It provides a channel for operatives to exfiltrate data out of non-NATO countries very easily.
TOR as it exists now is a honeypot simple as. Same as that documentary called "Benedict Cumberbniamnatch's Great Work" where they cracked the radio signals of the Frenchmen but they had to let the submarine sink so that they knew that the other guy doesn't know that they knew. NSA uses ROT which is TOR-inspired but takes the techniques and incognito aspects 7 or 8 steps ahead.
This entirely ignores the fact that traffic to and from onion sites never leaves the Tor network, never utilizes an exit node. It doesn’t matter if a bad actor has control of every exit node if your communications are within the network unless the underlying encryption protocols have been compromised.
> petty criminals to get away with their crimes
Like human rights activists, journalists and dissidents in totalitarian countries.
> what is the probability that someone randomly chooses three nodes that you own. The answer is less than 0.14%.
You calculated the probability that a specific person randomly chooses three nodes of the 1,000.
But that's not the scenario you're responding to.
>> I can't target a specific person, but eventually I can find someone who has all three bounces through tor nodes I control
Tor estimates that 2.5 million people use the network per day.
Let's assume that in a month, 10 million people use it.
Let's also assume that 80% of monthly users are not committing crimes, while the 20% who are criminals make an average of four Tor connections per month.
With those assumptions we could expect a malicious operator who controls 1,000 nodes could capture the sessions of 10,940 criminals in a given month.
Spending less than fifty cents per suspect is less than trivial.
> could capture the sessions of 10,940 criminals in a given month
Let’s say to do that, and now you have found 10k people accessing pirate bay in countries where it is blocked.
Also you captured someone who lives in Siberia and watches illegal porn, now what?
Many of these will not be actionable, like not criminals you would have interest in.
> could capture the sessions of 10,940 criminals
What does that mean? The way I understand it you would be getting traffic correlations -- which means an IP that requested traffic from another IP and got that traffic back in a certain time period. What does that tell you, exactly, about the criminal? If you aren't looking for a specific person, how would you even know they are doing crimes?
Activists fighting an autocratic regime use a large social media site to recruit, coordinate and publish so they can reach the broadest number of people possible.
The billionaire owner of the site supports the strongman leader and provides IP addresses for those who post wrongthink on his platform.
Now the regime can link social media activity of anonymous activists to their real IP addresses, devices and locations.
> Edit: For all the cynics and doomsayers here, consider this: Tor has been around for a long time, but there has never been an uptick in arrests that could be correlated to cracking the core anonymity service. If you look closely at the actual high profile cases where people got busted despite using tor, these people always made other mistakes that led authorities to them.
During WW2, the British cracked the German codes. They would create pretexts for "discovering" where German ships would be, so that the Germans wouldn't suspect that they cracked their codes.
It's impossible for us to know if the US government have cracked Tor, because the world would look identical to us whether they had or hadn't. If the only evidence they have is via Tor, and the individual is a small fry, they will prefer they get away with it rather than let people know that Tor has been cracked.
I just assume the NSA are spending their budgets on something, although maybe it is stuff like side channel attacks.
These pretexts for "discovering" are a "bedrock principle" in law enforcement called parallel construction.
The NSA sharing data with the DEA becomes a "routine traffic stop" that finds the drugs. The court would not allow the NSA evidence or anything found as a result, but through parallel construction, the officer lies in court that it was a "routine stop", and judicial review never occurs.
> these people always made other mistakes that led authorities to them.
Says who? The intelligent community entity that busted them? If they're using a tool to discover X or Y they're not to let anyone know that.
For example, I live in the NYC area. A couple of times per year there's a drug bust on the New Jersey Turnpike of a car headed to NYC. The story is always a "random" police stop ends up in a drug bust.
Random? My arse. Of the thousands of cars on the NJTP the cops just happened to pick the one loaded with drugs? A couple times a year? I don't buy it. But what are they going to say? They have someone on the inside that tipped them off? That's not going to happen.
The intelligence community doesn't deal in truth and facts. It deals in misinformation and that the ends justify the means. What they're doing and what they say they're doing are unlikely the same.
You know what's easier than waiting around to get really lucky?
Using those same network-health dashboards as DDoS target lists, to temporarily degrade/shut down the whole network except for your own nodes.
Also, big nodes route more Tor circuits each. Costs more to run them, and they intentionally don't function as exit nodes (to avoid the "obvious" attack) — but just having a bunch of these big nodes in the network handling only middle hops, biases the rest of the network away from handling middle hops, toward handling end hops. Which means that if you then run a ton of tiny nodes...
> Could someone like the NSA with limitless resources do it? Sure
Yes, this is obviously the sort of adversary we would be discussing.
> , lets also ignore that there are different types of nodes
causing your number to be an underestimate
> The answer is less than 0.14%.
So almost certainly thousands of people
>Yes, this is obviously the sort of adversary we would be discussing.
OP explicitly asked about himself, not some government organisation.
>causing your number to be an underestimate
Not necessarily. It might even be an overestimate if the attacker fails to supply enough nodes of the right kind.
>So almost certainly thousands of people
We're talking about a targeted attack. Of course the statistics game works better when you don't target specific people and just fish randomly. But there are probably more cost effective methods as well.
If someone would do the thing-to-be-detected (e.g. accessing CSAM) every day, then that 0.14% probability of detection turns out to be 40% for a single year (0.9986^365) or 64% over two years, so even that would deanonymize the majority of such people over time.
That assumes you could run thousands of malicious tor nodes for several years without being detected. Unless you have vast resources and time, this is unlikely.
> Could someone like the NSA with limitless resources do it? Quite probably, sure.
If you're not worried about a fairly well-resourced government agency uncovering whatever network activity you believe needs to be anonymized, why would you be using Tor at all?
Because you're an enemy of the Iranian, Saudi, North Korean, etc. gov't.
Because your ex-spouse wants to murder you.
Because you just escaped Scientology, or another cult.
Because you're a criminal. The NSA doesn't handle that.
Because you're a journalist talking to sources in the industry you're investigating.
>If you’re sharing CSAM or planning terrorist attacks, it might be different.
They'll just employ parallel construction to avoid exposure.
What you say is reasonable and I agree and hold that position.
> Tor has been around for a long time, but there has never been an uptick in arrests that could be correlated to cracking the core anonymity service.
If I were an intelligence agency that had "cracked" tor -- I'd probably make sure nobody would notice I had access, so I could keep eavesdropping. Not do anything that could expose my access.
It certainly could be happening. Nothing is 100%. Nothing. Just a fact. Tor is probably pretty good at what it does.
(and keep in mind, for what we're talking about in this kind of attack, all I get access to is network contacts, not the actual messages, right?)
> If you look closely at the actual high profile cases where people got busted despite using tor, these people always made other mistakes that led authorities to them.
Assuming tor always was or became broken and is exploitable by law enforcement, authorities would try to maintain a false believe of tor's integrity so as to crack high profile cases for as long as possible.
Within this scenario, it is plausible to assume that authorities can decipher and discover information that can be used as the official pretextual charge / minor reason ("they made the mistake to use their public email address on the dark net forum") in order to not spill the beans on the actual means (here, tor being broken).
> given enough time (in theory) parallel construction is eventually exposed.
Parallel construction has existed for decades. It's even in "The Wire". It has never been tested in court, probably because it is nearly impossible to discover outside of being the agents that implement it.
1/ tor-browser by default sticks to the same circuit for one origin for the session, so that'd have to be 10,000 separate sites or 10,000 separate sessions.
You don’t need all the middle nodes. Just the entry and exit, and enough data to do packet timing analysis to correlate them. It’s in fact shockingly easy for a well provisioned actor to trace tor traffic, and this is something the TOR project openly admits.
They’re financed by the US Government after all…
Tor does have padding defenses to protect against that.
Also, according to their latest blog post on their finances, while it is true they have money from the US Government, that was only ~50% of their income (I think that was 2023). For the FUD part of that comment, see the "U.S. Government Support" section of https://blog.torproject.org/transparency-openness-and-our-20...
>Edit: For all the cynics and doomsayers here, consider this: Tor has been around for a long time, but there has never been an uptick in arrests that could be correlated to cracking the core anonymity service. If you look closely at the actual high profile cases where people got busted despite using tor, these people always made other mistakes that led authorities to them.
Yeah, the stated reason is always something else. But this just reminds me of "parallel construction" - what if they were found in on way and then (to hide the source) the claim was that they were found in another way?
> there has never been an uptick in arrests
If it was effective, would there have been a down tick in arrests at some point?
Or if the arrest rate stayed the same, would that suggest it never “worked” to begin with?
It’s like the movie trope of the detective who finds out the truth via some questionable means which isn’t admissible in court. When you know the truth you can push harder and call every bluff until you get admissible evidence.
Or you can use more... underhanded means that never result in an arrest.
>The answer is less than 0.14%.
Is this per circuit? So if someone switches circuits every X hours, the chance of being caught after a year is actually quite high?
And even catching 0.14% of pedophiles would probably be worth it to the FBI or whatever, nevermind Iran catching dissidents or whatever.
My point is that is seems very cheap to do this (I as a random staff engineer could do it myself) and catch some people. A nation state could easily catch a much higher percentage if they increased the number of logging nodes slowly and carefully and deliberately did things like use many isps and update the servers gradually etc.
The happy equilibrium is that if you have enough adversary nation-state intelligence services doing this and not sharing information, they'll cancel each other out and provide free node hosting.
You're misusing probability and ignoring critical information.
There's 1000 red marbles added to a jar with 8000 blue marbles (9000 total). Take three marbles from the jar randomly, one at a time. The odds of getting three red marbles is ~0.14%. That's all.
Tor nodes are not randomly picked marbles. The Tor network is not a jar.
they’re using probability correctly. if you have a critique state it clearly
This came out yesterday: https://www.youtube.com/watch?v=Gs0-8ZwZgwI
Apparently in germany they caught a pedo like that. Watching certain nodes and the sizes of files that are sent between them to identify the admin of a pedophile image sharing forum. Took them 1 1/2 years to identify the specific person, but they got him.
Considering this I would imagine it's pretty safe for the average user since they have to specifically target you for a long time, however it seems like with enough effort it's possible to identify someone even without Clearnet slip-ups like it was the case with Silkroad.
Once they have your address they will just storm your house and catch you on the computer, then you are done for.
You only need to control the entry and exit node - since you know the next and previous hop for all traffic you touch, and default chains are 3 long. With circuits changing every 10 mins, within a few days you would have deanonymized at least some percentage of traffic for nearly every user.
I'd call tor broken against any adversary with a little technical skill and willingness to spend $5000.
I'm 80% sure Tor is designed as a US supported project to focus those needing anonymity into a service only governments with global security apparatus (who can grab a good chunk of internet traffic) can access.
I imagine most exit nodes are likely controlled by the US government and/or its close allies. Who else wants to have their IP address banned from most of the internet and potentially get visits from their country's equivalent of the FBI?
If most Tor users ran exit nodes and most people used Tor, it would effectively make internet traffic anonymous. But without those network effects, it is vulnerable by design to deanonymization attacks by state actors.
I run an exit node, and I know several people who do, I dont suspect any of them to be anything but people who care about privacy, surveillance, and helping people get access to the free internet from restrictive locations. I admit, I bristled at your comment, because I do not like myself, the EFF, and many of my close friends being imagined as part of the US Government.
Using Tor, like all security and privacy tools, must be balanced against what it is being used for. We will always live in a world of limited resources for policing, and systems of privacy work by increasing the difficulty and cost to deanonymize someone. They don't have to be perfect, they just have to be expensive.
If you want basic anonymity while researching someone powerful or accessing information, it's extremely unlikely anyone is going to go the lengths people are bringing up here as a way to compromise Tor. The intersection of expertise, funding and time required is too great for such a low value target.
If you're an international terrorist leader wanted in multiple countries, a prolific criminal, or enemy #1 of an authoritarian state though? Those who can go to those lengths absolutely will go to those lengths.
The problem with this assumption, that all possible attacks have been narrowed down to expensive only attacks i.e nation station level. These are complex systems and its not possible to prove that the only form of attacks are within these overton Windows. There may be much simpler forms of attack that aren't expensive, but the experts aren't aware of them, and therefore not focusing on. This is one of the big reasons for provably secure systems like Sel4 and other functional programming paradigms. We can't prove that all the problems are in this expensive box we put ourselves in, and all it takes is a 12 year old to discover one of these cheap attacks with a tooth pick or kids toy undermine very expensive defence systems.
Take for example, John Draper who discovered in the 60's that a Captain Crunch whistle toy could be used to make free phone calls on the telephone systems. Or the discovery of Side Channel attacks by an engineer at Bell Telephone company who noticed that a Bell Telephone model 131-B2 would produce distinct spikes for each key pressed on the oscilloscope across the room. Therefore not requiring nation station level expense to break the encryption used by Navy and Army's encryption systems. Or during the Afghan war, the US was deploying armored vehicles that they assumed would provide good protection, and would be expensive to attack by the enemy. Turned out they could make IEDs from inverted copper cheaply and within locals kitchens. That proved very successful. Or the kid who discovered he could bypass the mint screensaver by smashing random keys on the keyboard (https://github.com/linuxmint/cinnamon-screensaver/issues/354). The list of these types of cheap attacks are throughout history.
>If you want basic anonymity while researching someone powerful or accessing information, it's extremely unlikely anyone is going to go the lengths people are bringing up here as a way to compromise Tor. The intersection of expertise, funding and time required is too great for such a low value target.
Doesn't a solid VPN service also satisfy this exact need? Tor seems to occupy a narrow niche in which you have to care much more about privacy than the average person, but not at a nation state level. I think that is how it got associated with that 2nd tier of internet crime like buying drugs on the dark web or sharing CSAM. The truly sophisticated internet criminals probably know better and the people who only really care about anonymizing themselves are probably doing something simpler.
> Doesn't a solid VPN
Finding a solid one is the hard part. With tor, you kind of know what you are buying. The risks are in the open. With VPN maybe the operator is selling your data to advertizers. Maybe they are keeping logs. You kind of have to just trust them and have no way to verify.
Tor Project has a team that looks at relays and checks if relays are engaging in bad practices or any suspicious activity like a lot of nodes run by one operator.
If your nodes disclose their affiliation that's fine but the client will avoid using multiple. If you try to do this in secret the tor project will attempt to catch you by looking for suspicious nodes that use the same isp and update their tor version at the same time and things like that, to questionable success.
Yes it’s 100% going to be compromised if you are an enemy of the US government.
The primary purpose of tor is for their own use, which is why they have developed and funded it. So the underlying principle is secure, but they’ll definitely be paying for enough of the nodes to compromise it for you.
Yes, there aren’t that many tor nodes. It’s not the safe haven protocol or transport suite people make it out to be.
It’s then best we’ve got for achieving actually meaningful privacy and anonymity. It has a huge body of research behind it that is regularly ignored by those coming up with sexy or off-the-cuff alternatives.
It’s the most popular so it gets the most attention: from academics, criminals, law enforcement, journalists, …
Why not just have greater number of relays by default? Internet bandwidth tends to increase over time, and the odds of this correlation attack are roughly proportional to the attacker's share of relays to the power of the number of relays used.
So latency issues permitting, you would expect the default number of relays to increase over time to accommodate increases in attacker sophistication. I don't think many would mind waiting for a page to load for a minute if it increased privacy by 100x or 1000x.
>It’s then best we’ve got for achieving actually meaningful privacy and anonymity
...while being practical.
One could argue that there is i2p. But i2p is slow, a little bit harder to use, and from what I can remember, doesn't allow you to easily browse the clearnet (regular websites).
These sort of “Tor evangelism” comments are so tiring, frankly. There are quite a few like it in this thread, in response to…not people poo-pooing Tor, or throwing the baby out with the bathwater, rather making quite level-headed and reasonable claims as to the shortcomings and limitations of the network / protocol / service / whatever.
One should be able to make these quite reasonable determinations about how easy it’d be to capture and identify Tor traffic without a bunch of whataboutism and “it’s still really good though, ok!” replies which seek to unjustifiably minimise valid concerns because one feels the need to…go on and bat for the project that they feel some association with, or something.
The self-congratulatory cultiness of it only makes me quite suspicious of those making these comments, and if anything further dissuades me from ever committing any time or resources to the project.
The issue is that the people making 'level headed' claims have read none of the literature and their mathematical ability seems to end at multiplying numbers together.
It sounds reasonable to anyone who hasn't read the papers, to anyone that has these comments are so wrong that you can't even start explaining what's going wrong without a papers worth of explanation that the people don't read.
I wholeheartedly agree, the 'dragnet' methodology is already documented and well-known and that should factor into your security assessments.
> Surely eventually I'm going to get a hit where all three nodes in the circuit are my nodes that are logging everything?
If you're looking for static assets, why would you need to see the whole chain? Wouldn't a connection to a known website (page) have a similar fingerprint even if you wrap it in 3 layers of encryption? Does Tor coalesce HTTP queries or something to avoid having someone fingerprint connections based on the number of HTTP requests and the relative latency of each request?
I've always assumed that, if a global adversary attack works, you'd only need to watch one side if you're looking for connections to known static content.
I don't know much beyond the high level idea of how Tor works, so I could be totally wrong.
If I don't know the whole chain (or I don't use a timing attack with a known guard and exit node) then I don't see how I'd know who sent the packet in the first place. The person in the chain would connect to a random tor guard node, which would connect to another random node which would connect to my evil exit node. My evil exit node would only know which random TOR node the connection came from but that's not enough to tell who the original person was.
Say there are only 2 sites on Tor. Site 'A' is plain text and has no pages over 1KB. You know this because it's public and you can go look at it. Site 'B' hosts memes which are mostly .GIFs that are 1MB+. You know this because it's also a public site.
If I was browsing one of those sites for an hour and you were my guard, do you think you could make a good guess which site I'm visiting?
I'm asking why that concept doesn't scale up. Why wouldn't it work with machine learning tools that are used to detect anomalous patterns in corporate networks if you reverse them to detect expected patterns.
? tor reroutes the packets so how would you identify who is visiting who? it's not just 'layers of encryption' it is layers of redirection
If I visit facebook.com it's about 45 requests and 2.5MB of data. Are you saying that if I did that via Tor I would get a different circuit for each request or each individual packet?
Eventually the guard has to send the whole payload to me, right? Wouldn't that look similar every time if there's no obfuscation?
The issue that TOR has is that it's a layered routing concept that won't respect ASN based spreading/scattering of traffic.
Circuits are temporary but the traffic is not scattered across the network to make MITM fingerprinting of request/payload sizes/timestamps impossible.
A typical MITM like the FBI surveillance van next door can identify you by observing the network packets and by _when_ they were requested and by _how large_ the payloads were. There was a famous court case where this was enough evidence to identify a user of an onion service, without the FBI having access to the Wi-Fi of the user. But they had access to the exit node logs that were encrypted, the pcap logs to the onion service from that exit node, and the encrypted Wi-Fi packets of the user.
(Also TLS lower than 1.3 and SNI related problems are relevant here, because DNS TTL 0 effectively makes everyone's privacy compromised, shame on you if you set a DNS TTL to 0)
My point is that with more randomized hops across the network and across ASNs it would be less likely that a threat actor can control both guard and exit nodes.
(Assuming that they parse RIR datasets to map organizations across ASNs, which the datasets already provide)
The problem is also that different network stack implementations have different MTU values and different TCP headers.
There's a lot of tools available that can fingerprint different applications pretty well these days. For example, Firefox and TOR Browser can be fingerprinted because of their custom network library that's OS independent.
It gets worse if you use a DSL2 connection with scaling because that will uniquely make your packets fingerprintable because they have a specific MTU size that's dependent of the length of the cable from modem to the next main hub. Same for cable internet, because the frequencies and spectrums that are used are also unique.
(I'm clarifying this, because an FBI van not having access to your Wi-Fi still has access to the cable on the street when there's a warrant for surveillance / wire tapping issued)
[1] https://github.com/NikolaiT/zardaxt (detects entropies of TCP headers and matches them with applications)
[2] https://github.com/Nisitay/pyp0f (detects the OS)
[3] https://github.com/ValdikSS/p0f-mtu (detects the VPN provider)
I think so.
And of course for a state-level actor, they can afford a couple orders of magnitude more spend prob too.
This attack is quite practical. In 2007 I controlled a huge chunk of Tor traffic from 2 racks of cheap servers in a basement on Folsom Street in SF. It was easy to arrange and nobody noticed. Yeah those were early days for Tor but I don't think scale changes anything. If you're using Tor because you think it is private, you have fooled yourself.
The skilled labor to set that all up, especially in a way that TOR won't notice and shut you down will be worth much much more than $5k.
People that have such a sophisticated and resourced team actively hunting them down, likely know about it, and are using many additional layers of security on top of TOR. Even just for personal use out of curiosity to "see what the darkweb is," I used 1-2 additional methods on top of TOR.
> used 1-2 additional methods on top of TOR
Curious: what did you do and what were you hoping to mitigate?
Just playing around, not mitigating anything. I think it would be poor practice to share my ideas/techniques- think of your own! Contrary to popular philosophy- obscurity is a powerful security method. People still rob houses with expensive locks… nobody robs secret underground bunkers.
It'd be ten times that cost, easily. You have to buy data volume.
Also since you aren't targetting specific people, rather specific interests, it'd be easier to setup an irresistible site serving content of the vice of interest. It can even be a thin wrapper on existing sites. Do you only need to control entry nodes in that case? You'll return user-identifying data in headers or steganographically encoded in images and since you control the entry node you can decrypt it. It doesn't work for a normal (unaffiliated) entry node but since your entry node is in collusion with the server I think this works.
Here is what I don't understand: Let's say I as a private individual fund 1000 tor nodes (guard and exit nodes included) and have them all log everything. This could cost less than $5000 for a month, with some time needed to get guard node status.
I want to find a certain kind of person so I look for people that access a specific hidden service or clearnet url.
Surely eventually I'm going to get a hit where all three nodes in the circuit are my nodes that are logging everything? It will take a long time, and I can't target a specific person, but eventually I can find someone who has all three bounces through tor nodes I control, no?