Is Tor still safe to use?
(blog.torproject.org)745 points by Sami_Lehtinen a day ago
745 points by Sami_Lehtinen a day ago
Agreed – you can never truly be completely "safe", but Tor remains the most privacy-preserving tool we've got.
When people say they're distrustful of Tor (for various reasons) to the extent they refuse to use it, they seldom suggest alternative tools/measures that provide anywhere near the level of safety offered by Tor.
They have the opposite of a point. The logical conclusion of that line of reasoning is that everyone should use privacy tools so no one can be singled out. And that ordinary users with "nothing to hide" should be the first to start using them.
>If all you’re doing is arguing that Tor shouldn’t be used because it isn’t/was never “safe”, then you might as well not use the Internet at all.
Exactly, and this same form of spurious argument came up in an hn post yesterday about cavity prevention, centering on an argument that a new advance in cavity treatment "cannot guarantee" to end cavities forever. [0]
I feel as though I've never been fooled by these arguments, although surely I have different types of weaknesses that are unique to me. But it seems to stand out as a form of argument that somehow has persuasive power among intelligent types whom I would never expect to fall for other forms of obviously fallacious arguments.
The 90s had the opportunity to deploy something like PGP widely, but because there was no perfectly safe way to distribute the keys it never went anywhere. The most practical solution the crypto nerds could accept was the web of trust, where you were supposed to physically meet everyone you wanted to communicate with so you could physically exchange the keys, which was never going to scale.
Email to this day is unencrypted at rest and completely transparent to whomever is running your mail server. You don't think Google runs GMail out of the goodness of their heart do you?
I remember reading on here years ago that people were concerned that the government was reading their "private" emails. I've always just considered email to be sent in plain text. Just 10 years ago only 30% of emails from Gmail were encrypted. Even though now its 99% of outgoing email is encrypted, but all those emails sent before are probably sitting in a database somewhere. And it still reverts to unencrypted if the recipient doesn't support TLS.
Well, for the sake of clarity I would say Tor is safer only if it’s not a honey trap. That is not knowable as a user, but I think that suspicion is well-deserved.
I think the Middle East gave us a very clear example of how state actors may target channels in unexpected ways.
But that's half the point. If someone has an intention to undergo some illegal activities with full intention not to be caught, only 100% "safe" solution works for them. Normally we talk about risk tolerance, but this particular use case is a bit special.
There are no "100% safe" solutions. There will always be weaknesses and vulnerabilities in any system. The sort of criminal who requires or expects 100% safety is quickly going to be caught due to being a dullard. Knowing you're never truly "safe" is what good criminals are keenly aware of at all times: you can plan and prepare for certain eventualities. Once you think you're "safe", it's the beginning of the end.
Security is a process, not a "state".
You don't do something, once, and then are good to go forever. Banks don't just put cash in a safe and forget about it; they have audits, security guards, cameras, threat intelligence profiling criminal gangs, etc.
As someone who's actually used Tor for illegal activities(buying drugs) this is completely missing the point. Criminals generally are not thinking about doing something completely risk free. The dumb ones don't consider risk at all, because they're desperate/addicted, and just hope/assume they won't get caught. More clever ones assume they'll be caught and try to make conviction less likely.
For instance, for buying drugs, the ordering isn't the risky bit. Receiving it in the mail is. Even if tor was magically "100% safe" the crime overall wouldn't be. The point of using tor is not to eliminate all risk, it's just to decouple payment from reception. I had my drugs intercepted by customs once, but they couldn't prove I ordered them, so they dropped the case. I'm sure it might've been possible for them to prove it if they spent a lot of resources trying to trace crypto transfers and so on, but police only do that if the fish is big enough because they're resource constrained.
Tor is just another tool criminals can use to reduce risk. It's not perfect, but for most things it's the best thing available.
> If someone has an intention to undergo some illegal activities with full intention not to be caught
As opposed to... people who undergo illegal activities with the intention to BE caught???
The only 100% safe method is to not do the illegal activity at all. There's always a risk/rewards analysis to be performed when committing any act that could have negative consequences whether you're playing the stock market or doing credit card fraud. For any major criminal that gets caught, you can usually read the arrest affidavit which offers a pretty interesting look into how the criminal was caught despite the careful measures they took. The one for DPR is interesting to read and shows how despite taking careful measures, DPR left a trail of breadcrumbs that investigators used to track him down. His use of Tor was pretty solid (assuming the whole affidavit isn't complete parallel construction fiction) but it was everything else he did outside of it that got him in the end. There's another story of a university student that sent threats to his school to get out of an exam or something through anonymous emails over Tor. They only caught him because he was the only person using Tor on the school network at the time the email was sent. If he was off campus, he may have remained anonymous.
An analog crime I think about is the murders in Moscow, Idaho. The criminal did take some careful measures like wearing gloves but he left a knife sheath behind that contained DNA evidence. Everything else they had on him was circumstantial, he owned a similar car to what police thought they saw on people's doorbell cameras and his phone went offline during the time of the murders and also pinged a tower close to the crime scene hours afterwards. Police found a partial genealogy match to his DNA which I'm sure they compared to similar car owners and cell tower records. If he hadn't left the sheath behind, wore something like a Tyvek suit, and simply left his phone at home, the suspect pool would have likely been too large. His careful measures (turning off his phone, making multiple passes in his car) likely contributed to police focusing on him once the DNA proved a link.
> The only 100% safe method is to not do the illegal activity at all.
Nope. Not even that is 100% safe because you can be falsely convicted of a crime you never even committed. Many privacy tools reduce that risk as well, because you're less likely to be convicted by e.g. a lazy prosecutor willing to take things out of context if you provide them with less source material to trawl through.
For context, here's the NDR report: https://www.ndr.de/fernsehen/sendungen/panorama/aktuell/Inve...
And more info here: https://lists.torproject.org/pipermail/tor-relays/2024-Septe...
Edit: The NDR alleges a timing attack (no further explanation) that allows "to identify so-called ‘entry servers’" Very little information is actually available on the nature of the attack. The NDR claims this method has already lead to an arrest.
Might one mitigating possibility be to use a VPN that uses padded and rate limited packets, so that it is always sending and receiving user_defined bit rate and your real traffic would be traffic shaped to take priority but not exceed the padded streams? Maybe this assumes one is running their own tor daemon on a server somewhere and the vpn terminates on that node. I assume this could be done with tc sch_htb class shaping or perhaps sch_cake and tagging packets with iptables mangle rules and two never-ending bi-directional rsync streams reading /dev/urandom or big random files.
e.g.
Port 873 (native rsync) bulk traffic, low priority
Port 3128 (squid mitm ssl-bump proxy) high priorityAlso relevant - wikipedia for Boystown, the pedo site in question
Here is an awesome DefCon talk about this topic from the perspective of a darknet vendor. It's amazing:
Is it sad that when someone else gives me a video with an si parameter or similar, I keep it on when passing it forward, in my eyes, this feeds garbage to their backend.
I remember Adrian Crenshaw doing a speech at Def Con 22 about how people got busted using Tor. Even then he point out in most of the cases, it was bad OpsSec by the person, and had nothing to do with Tor.
How applicable do people think this information is now 9-10 years later?
DEF CON 22 - Adrian Crenshaw- Dropping Docs on Darknets: How People Got Caught https://www.youtube.com/watch?v=eQ2OZKitRwc
Yup, that's how they got Ross Ulbricht.
Idiot used "rossulbricht at gmail dot com" under the same username he advertised silk road.
Timpestamp link about Ross: https://www.youtube.com/watch?v=eQ2OZKitRwc&t=2080s
I suspect that the reporter has a bone to pick with Tor and the CCC members that were given the documents were compelled legally or socially to not share them further.
Federal agencies operate enough exit nodes to make Tor use risky at best. I have no idea if they have since implemented some feature to prevent this but if not I would stay far away from Tor if you're planning to do illegal things. There's also the risk of trusting service operators to secure any PII you expose on marketplaces.
Not that I think the Fed's would blow their cover to hunt down people buying drugs but still seems stupid to trust.
“The western governments run most of the exits” is one of those things everybody “knows” but rarely backs up.
The list of all relays is public knowledge by design. There’s contact information attached to relays. The big operators are known individuals and organizations. They contribute. Interact.
Which ones are actually the governments doing bad things against their citizens? It’s hard to tell? Then why do you make such claims?
Relays that observably do bad things are removed from the network all the time. Are those ones the government? Tor seemingly has a reasonable handle on the situation if that’s the case.
If the fed is doing correlation attacks, why would they run relays at all? “Just” tap the IXPs near major hubs of relays. Or heck, get data from the taps you already had. Silent and more widespread.
Pushing people away from tor potentially makes it even easier to deanonymize them, depending on the adversary model assumed.
> “The western governments run most of the exits” is one of those things everybody “knows” but rarely backs up.
Thanks for pointing this out. Seems obvious in retrospect but I don't really recall seeing a lot of evidence for this despite seeing the claim quite commonly. That said, the use of "rarely" makes me wonder what evidence has been presented in such rare instances. Just curious. (Of course it's also fine if the phrasing was just communication style.)
Tor was literally developed by the intelligence community. I’m sure there are a variety of means to gather actionable intelligence from it, with or without the cooperation of the exit node volunteers.
Beyond a principled stance re communications, I can’t think of a reason to use it. If you’re planning to resist some regime that controls telecom infrastructure, the fact that you’re using it is both uncommon and notable.
Tor was literally developed by the Naval Research Lab. Not a part of the IC.
I know because I work there. AMA (edit: about tor. Because people say a lot about it without actually knowing much. But now I should put my phone down so… too late!)
To protect our most sensitive communications and vulnerable communities , Tor usage should be normalized so it is common and not notable.
> Tor was literally developed by the intelligence community. I’m sure there are a variety of means to gather actionable intelligence from it, with or without the cooperation of the exit node volunteers.
These two statements make little sense together. It was originally developed by the Navy. Okay. So why would they design it from the get-go with such a fatal flaw that would risk their own adversaries gathering "actionable intelligence" from it?
I'd like to stress if we're talking about the Navy's involvement, then you're questioning the design of the whole thing from the very beginning, not just the current implementation.
You'd be surprised how much crime goes on in plain sight. There are literally people on Instagram making stories of themselves showing off their drugs and stacks of money.
Given that a lot of law enforcement doesn't even bother with the low hanging crimes, the chance of them prosecuting anyone using Tor is extremely low unless you get big enough or go far enough to warrant the attention.
This brings up a couple questions I've always had about Tor. I played around with it a bit maybe a decade ago and it seemed it was used for drugs, CSAM, and getting yourself honeypotted trying to buy illegal guns or murder-for-hire.
I always assumed if you were doing things where your threat model included governments trying to kill you that Tor wouldn't be all that useful even if it was secure.
If they run just the exit node they still can’t de-anonymize you right?
Depends on the content of your traffic.
If “deanonymize” strictly means perform a timing attack using info you have from the beginning and end of the circuit, then by definition you’re correct.
But if you visit an identifying set of websites and/or ignore TLS errors or … they can still deanonymize you.
What role do TLS errors play in de-anonymizing onion traffic?
If enough governmental bodies can get behind running Tor nodes then couldn't we theoretically protect the bulk of humanity from spying on Internet access? Truly an advance in the Internet technology. It's kind of like if a single nation does it they control everything, but once all the nations compete then everyone wins.
But at planetary scale would Tor scale in an environmentally friendly way?
Ironically, most of these same sectors in the same governments have strong need to be protected from spying themselves.
So in many cases it's really a case of "we want a monopoly on secrecy".
Which should be a massive red flag for everyone, from left to right, from liberal to conservative, from anarchist to communist and so on. But somehow isn't picked up by any of these. I presume because they all believe somehow they either won't be targeted or will be exempt?
Several of those ideologies you mention are just different flavors of authoritarianism, and one of an ideological authoritarian's primary goals is power. Hell, take out "anarchist" and you could make a convincing argument they're all authoritarians in their own way. You don't get power by giving the populace - or helping them to keep - a free, secure Internet. It's just completely antithetical to someone who wants to hold power by nondemocratic means.
I don't see government monopolies as immediate red flags.
In most nations it's widely accept that the state has a monopoly on violence (usually through the police force), and it's not clear to me what a good alternative to that would be.
I also want my government to have a monopoly on taxation, I don't want any private company or gang to be able to just collect taxes from me, without any repercussion.
As for secrets? We probably have to distinguish a bit between secrets/data at rest vs. secrets/data in transit. I could well imagine that a good balance between security and privacy could require some tradeoffs when it comes to data in transit.
Good point. And while I too accept a state to have a monopoly on things, especially those you mention, secrets aren't those.
Because we all have them, need them, and because a society cannot function without them - there are many books and papers written about the "nothing to hide fallacy". We all really need some privacy. How much, is a different question, though. So in this discussion: maybe we don't need the level of "TOR by default for everyone", IDK.
The question is always and forever who are you hiding from and how strong is their will?
Assume if the will is strong and the resources are strong you will be eventually identified. If your not worth it then your not worth it.
become not worth it
TOR critics like Len Sassaman said the same years ago, with traffic analysis it is possible to detect where the source is coming from.
Timing attacks are a well-known weakness. There's a lot of research into timing attacks and proposed countermeasures.
Also, it's just Tor – not 'TOR'.
>Note: even though it originally came from an acronym, Tor is not spelled "TOR". Only the first letter is capitalized. In fact, we can usually spot people who haven't read any of our website (and have instead learned everything they know about Tor from news articles) by the fact that they spell it wrong.
I am interested in the “legitimate” uses for tor. I have not kept up with this but I understand it was designed by US Navy to make it hard for oppressive regiemes to track their citizens use of web.
What do we want Tor for except as a hope that Russian citizens might be able to get to the BBC site?
I am asking honestly - and would prefer not to be told my own government is on the verge of a mass pogrum so we had better take precautions.
For the same reason we have SSL on this site, despite the fact that it has no sex, no storefront, nor any access to my banking or private information.
If everything is SSL secured, then we don't have to explain why any specific thing is SSL secured. The same reason can be applied to use of TOR.
I’m not sure how much more useful that is than just using HN’s automatic ranking for comments, at least outside of parent comments on posts; As far as I can tell, child comments are always ORDER BY score DESC.
Even for top level comments, HN’s algorithm for ranking is pretty useful for assigning “worth”
On posts there's an attempt to suface later comments (with fewer points) so the comment section isn't dominated by earlier posts.
Ordering by score DESC only gives you relative point information, not absolute. Theres additional signal if the top comment has 100 points vs only having 3 (and the bottom post also having 100 vs 1).
"Every site having SSL is a Good Thing because it means you don't need to defend your use of SSL. If more people used Tor it would mean you didn't need to defend your use of Tor."
"Yeah but Y Combinator made a decision that makes it harder for me to auto-generate spam."
How would you feel if a stranger came up to you in the street and said they appreciated the wiki article you were reading last night?
I think everyone wants “privacy by default”, they just don’t make the connection between this hypothetical and real life. In real life you’re still spied but nobody confronts you directly.
I browse social media sites like Facebook and Reddit using their onion services. I was sick of seeing ads pop up that were clearly based on tracking my general browsing activity through IP correlation, tracking pixels and embedded “like” buttons. So now I block all cleartext Facebook/Reddit traffic completely.
Using Tor this way doesn’t anonymize me—on Facebook at least, I’m logged in under my own account—but it limits the profile Meta builds on me to the union of what it directly observes on Facebook and what it can purchase through data brokers. Ever since I started doing this, I’ve noticed a huge drop in relevance in my Facebook ads, so apparently it’s working. When the ads become suddenly relevant again (which has happened a few times), it exposes an information leak: usually a credit card purchase that Meta must have obtained from either my bank or the shop vendor and tied to my identity.
Using a VPN could theoretically provide the same benefit, but in practice Facebook tended to temporarily lock my account when using a VPN and Reddit blocks VPN traffic completely. So I stick to the onion services, which are run by the websites themselves and so are less likely to be treated as malicious traffic.
If you use these platforms, I recommend bookmarking their onion sites in Tor Browser and using it as your primary interface to them for a while. Then, if you don’t find it too inconvenient, start blocking the non‐onion versions of the sites on your network.
https://old.reddittorjg6rue252oqsxryoxengawnmo46qy4kyii5wtqn...
https://www.facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg...
(P.S.: You shouldn’t trust the links I just posted; I could have posted fake ones! I recommend double‐checking against https://github.com/alecmuffett/real-world-onion-sites which links to proofs of onion site ownership under their usual domain names.)
>This is a collection of anonymous user stories from people who rely on Tor to protect their privacy and anonymity. We encourage you to share their experiences with your network, friends and family, or as part of your work to promote the use of privacy-preserving technologies like ours and help us defend strong online protections.
Are there legitimate arguments in favour of privacy, and private communications? It seems to be largely the same issue.
We've come to accept (as a normal mainstream thing) end to end encryption in several popular messaging apps (which seems to be largely thanks to WhatsApp?), but the same idea applied to web browsing is still considered fringe for some reason. That distinction seems arbitrary to me, like just a cultural thing?
It might be a UX thing though. WhatsApp is pleasant. Trying to use the internet normally over Tor is horrendous (mostly thanks to Cloudflare either blocking you outright, or sending you to captcha hell).
Don't know if it is still used much. There is SecureDrop to facilitate communication between investigative journalists and sources/whistleblowsers via Tor that was at some point deployed by several prominent news organizations.
most governments retaliate to some degree against journalists, whistleblowers, etc. - no pogrom needed
You're saying that if you modify the tor software, other clients will be able to tell before connecting to you? And you can't trick them into sending to a bad node?
If you run a node that forwards traffic to any node other than the one requested by the client then that node won't be able to decrypt the traffic.
The client encrypts traffic to each node on its selected path in turn. If the traffic doesn't reach every desired node in order the traffic can't be decrypted.
I think it's prudent to point out that the article's title is quite 'clickbaity', but to address it directly, the correct answer is (as it usually is) is 'it depends'. In my view, it depends on the answer to the question 'safe for who?', i.e. what is the threat model to which you are trying to guard against? If it's the US, then of course not, as the code is well-known to the US and I would expect that they have known vulnerabilities that they can leverage to ascertain the users of their service. The fact that TOR is, 'on paper', non-governmental doesn't really matter these days with the merging of private and public (and non-affiliated open-source communities) inside the security community. I would say that even the fact that it's open source isn't much of guard against such attacks, given that it relies on proficient oversight (which many eyes may not guarantee). Against other 'nation state' type adversaries - I'd wager that the more prominent who have the capacity to host a large number of relay nodes, and have access to very large computational power, will find it possible to decode portions of the TOR traffic. Against less technically proficient adversaries, such as 'run of the mill' police forces and minor nation states I'd go so far as to say it might be secure but only if you are using it for something uninteresting to them, but I ask 'how hard is it really to do a man in the middle a TOR relay?', and in terms of the most general case, 'what about the endpoints?' which of course aren't secured via TOR. Ultimately the best defense against 'snooping' in my view is to use a pre-agreed communication protocol which is undocumented and is known only between the communicators and is unusual enough to be hard to recognize or hard to work out what it means (preferably with a key to those communications known only to the two parties), but then I suppose you could use any communication protocol...
At the most basic level we're talking about a very public service that has been around for a long time that is a potential weakness/ enormous target for the best funded and most technically proficient intelligence agencies in the world.
Remember the Harvard student that emailed in a bomb threat via Tor to get out of a final exam in 2013?
He got caught not by the FBI breaking Tor, but just by network analysis of university network traffic logs showing a very narrow list of on-campus people using Tor at the time the threat was communicated. He quickly confessed when interviewed.
https://www.washingtonpost.com/blogs/the-switch/files/2013/1...
Just another factor to consider when using Tor - who's network you're on.
I recall this situation well as it interrupted an exam of mine. iirc, it was the MAC address of his machine being known/registered to the Campus network that nailed him.
As relevant today as it has ever been: https://www.youtube.com/watch?v=d-7o9xYp7eE - "Don't Talk to the Police" by Regent Law professor James Duane (2012). 19M views for a reason, it's a great talk that I've watched a couple times now. And a former cop who was an L3 at the time of the video also speaks very convincingly on the topic, and about how the only times people who they knew were guilty but couldn't prove it got away were when they lawyered up and shut up immediately.
As always there are caveats that he goes into regarding how to assert the right and all that but the major thrust is if the police want to talk to you for any reason, just don't. Lots of great stories, too.
You are under no legal obligation to assist police in their investigations. Give only the information you are legally required to (varies by state and whether it's a consensual encounter, detainment, arrest, etc.), and no more. If you're arrested say you want an attorney and you will not answer questions until they arrive.
You are right. The lack of details or time window when this happened make it difficult to know what the actual compromise was, or if it is still something that can be used. However, if they compromised a Ricochet user, then this attack was a long time ago, and from what Tor's blog says that client didn't have the defenses that would have prevented the attack they think it is. Without the actual details, it seems like this attack was mitigated some time ago and is no longer something that can be done in the same way.
We have a rough timeframe: "To the best of our knowledge, the attacks happened between 2019–2021."
The hidden service targeted[0] had completely ceased to exist by April 2021, so that time range makes sense.
[0]: https://www.ndr.de/fernsehen/sendungen/panorama/aktuell/Inve...
AFAIK v2 has stopped working. Iirc were up to v3 or something.
https://spec.torproject.org/vanguards-spec/index.html
>A guard discovery attack allows attackers to determine the guard relay of a Tor client. The hidden service protocol provides an attack vector for a guard discovery attack since anyone can force an HS to construct a 3-hop circuit to a relay, and repeat this process until one of the adversary's middle relays eventually ends up chosen in a circuit. These attacks are also possible to perform against clients, by causing an application to make repeated connections to multiple unique onion services.
Here's imaginary attack with adversary. Just push as much traffic as possible from many hosts to the given hidden service. Now observe traffic metadata from high level network operators. With enough filtering it should be possible to detect where traffic spike is terminated.
From what little I've heard, de-anonymization of Tor users is largely done by targeting their devices with zero-day exploits. That is still a valid method, I wouldn't trust Tor personally, but I'm with the Tor project that there is no credible evidence of a large scale de-anonymization attack.
Absolutist statements about services like TOR or VPNs are often not helpful. It's highly contextual to the threat. If the threat is a state actor it's likely nothing, TOR included, can preclude them from determining things about you that you would prefer them not to know.
Some specific state actors operate TOR entry and exit routers and can perform analysis which is different to others who just have access to the infra beneath TOR and can infer things from traffic analysis somewhat differently.
I have never been in a situation where my life and liberty depended on a decision about a mechanism like TOR. I can believe it is contextually safe for some people and also believe it's a giant red flag to a lead pipe and locked room for others.
I'm being pedantic but it's simply just Tor, not TOR.
https://support.torproject.org/about/why-is-it-called-tor/
>Note: even though it originally came from an acronym, Tor is not spelled "TOR". Only the first letter is capitalized. In fact, we can usually spot people who haven't read any of our website (and have instead learned everything they know about Tor from news articles) by the fact that they spell it wrong.
If your threat model includes western nation states, there are much bigger threats to your opsec than Tor. If your threat model does not include western nation states, Tor is safe to use.
This isn't written in the most confidence inspiring way
But the things that do inspire confidence:
Tor is updated against vulnerabilities pre-emptively, years before the vulnerability is known to be leveraged
Tor Project happens to be investigating the attack vector of the specific tor client, which is years outdated
They should have just said “we fixed that vulnerability in 2022”
with a separate article about the old software
The truth isn't confidence inspiring, the truth can be even without selling something, its not here.
There is a risk that the network is compromised at any moment and cannot be relied upon, except for your own personal risk tolerance on the activity you are interested in.
To quote the article. " To the best of our knowledge, the attacks happened between 2019-2021." and " This protection exists in Ricochet-Refresh, a maintained fork of the long-retired project Ricochet, since version 3.0.12 released in June of 2022."
While it has been fixed for years it was not a case of using old software from what I am reading.
The vulnerability is mitigated by shifting the economic incentives, not fixed by making it impossible. It can't be fixed without a completely different network design, like in Mixminion or Katzenpost. Someone suggested I2P, but it's mostly fundamentally the same as Tor. It uses unidirectional tunnels, which might help.
To get past the self signed certificate: https://web.archive.org/web/20240918195838/https://blog.torp...
The certificate for blog.torproject.org should not be self-signed. For me it is an extended validation certificate issued by DigiCert Inc.
I don’t think you should be seeing a self-signed certificate? I’m getting a valid Digicert-signed certificate on my end.
Is it possible to "break" the protocol in such a way that Hidden Services cannot be used without some version of vanguards? It almost seems worth doing?
https://github.com/blueprint-freespeech/ricochet-refresh
...We are writing this blog post in response to an investigative news story looking into the de-anonymization of an Onion Service used by a Tor user using an old version of the long-retired application Ricochet by way of a targeted law-enforcement attack.
...From the limited information The Tor Project has, we believe that one user of the long-retired application Ricochet was fully de-anonymized through a guard discovery attack. This was possible, at the time, because the user was using a version of the software that neither had Vanguards-lite, nor the vanguards addon, which were introduced to protect users from this type of attack. This protection exists in Ricochet-Refresh, a maintained fork of the long-retired project Ricochet, since version 3.0.12 released in June of 2022.
So was the Internet at DARPA (or its modern foundation). And the WWW at CERN.
Tor's development team aren't on the payroll of the US gov't, and their funding comes from many sources.
If having received funding from a government agency is enough to earn your distrust, you'd quickly become a paranoid schizophrenic.
> Tor's development team aren't on the payroll of the US gov't, and their funding comes from many sources.
That's not serious. From the Tor official blog:
> U.S. Government (53.5% of total revenue)
> Individual Donations (28.5% of total revenue)
> Non-U.S. Governments (7.5% of total revenue)
> Foundations (6.4% of total revenue)
> Corporations (3.4% of total revenue)
> Other (0.6% of total revenue)
https://blog.torproject.org/transparency-openness-and-our-20...
It's true that a majority is from the US government through various funding schemes and grants. They're very transparent about their funding and ongoing efforts to diversify. But a little over half coming from US government sources isn't the same as their devs literally being on the gov't payroll; people often talk about Tor as if the developers themselves earn a government salary.
(Funnily, Signal also received major funding from US government sources but very few people seem to question that when lauding Signal.)
The more privacy the better as far as I'm concerned, but I've never used tor. What are people using tor for? General comms, piracy (mild illegal), other (very illegal), ...?
Besides regular browsing (basically a free VPN), a pretty nice use case of Tor is that some news sites have non-paywalled onion addresses.
The Guardian: https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3...
New York Times: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2l...
BBC: https://www.bbcweb3hytmzhn5d532owbu6oqadra5z3ar726vq5kgwwn6a...
Maybe. I think the real distinction is reach. Are you consuming content passively, or are you creating content for many people? If you're creating content on torture China's doing, they absolutely will track you down. If you're in North Korea and revealing what life is really like in South Korea, or in Russia exposing the realities of the Ukraine war, Tor is probably unsafe.
But there is also an element of resources. Even if you're sowing distrust in, say, the Comorian government, I don't think they have the resources to go after you unless you are truly destabilizing and not just annoying.
I doubt it, it's too vulnerable to relay or 50% style attacks. I stopped using it in 2011/12-ish.
You’re leaving out one very important class of actors, which I will call the NSA: The NSA, and others like them, unlike Mossad, are not after you personally, in that they don't want to do anything to you. Not immediately. Not now. They simply want to get to know you better. They are gathering information. All the information. What you do, what you buy, how you vote, what you think. And they want to do this to everybody, all the time. This might or not bite you in the future. You seems to imply that since nothing immediately bad is happening by using slightly bad security, then it’s OK and we shouldn’t worry about it, since Mossad is not after us. I think that we should have a slightly longer view of what allowing NSA (et al.) to know everything about everybody would mean, and who NSA could some day give this information to, and what those people could do with the information. You have to think a few steps ahead to realize the danger.
(This has been a partial repost of a comment written four years ago: <https://news.ycombinator.com/item?id=23572778>)
Hah, I was reminded of that essay while reading about recent events.
"If the Mossad wants your data, they’re going to use a drone to replace your cellphone with a piece of uranium that’s shaped like a cellphone."
The best attack against Tor is convincing people not to use it.
If anyone tries to convince you Tor is not safe, ask yourself: cui bono?
After the Snowden revelations regarding FOXACID and QUANTUM going largely undressed in the tor project, people have every right to feel sketched out with using ToR for anything. "We're still helping people" just isn't a good enough argument for most people.
https://www.schneier.com/blog/archives/2013/10/how_the_nsa_a... https://blog.torproject.org/yes-we-know-about-guardian-artic...
Wonder what has replaced “Xkeyscore” given the wide adoption of TLS. I know ISPs, especially national ISPs like AT&T (see: titanpointe - 33 thomas st, nyc) would feed data to NSA since traffic at the time was mostly via http (rather than https). I suppose the unencrypted dns queries are still useful (although DNSSEC is supposed to defend against snooping/deep packet inspection)
>Wonder what has replaced “Xkeyscore” given the wide adoption of TLS.
Cloudflare is a US-based company that does MITM attacks on all traffic of the websites that it protects. It's part of how their DDoS mitigation works.
Many people still use large US-based mail providers such as Outlook or Gmail.
Many large services use AWS, GCP or Azure. Perhaps there are ways for the NSA to access customers' virtual storage or MITM attack traffic between app backends and the load balancer where TLS is not used.
A lot of pages are now behind CF, hosted on AWS,... It would surprise me if these providers didn't share their data with the 3-letter agencies.
I'd argue any data center of cloudflare is just as valuable to fiber tap, just like the undersea fiber cables.
Lots of juicy Internet protocols are still running in cleartext. OCSP, for example, and DNS, as you noted. And the IP-level metadata of TLS connections is still enough to uniquely identify which entities are communicating with each other in many situations. I very much doubt XKeyscore has been retired.
>> Wonder what has replaced “Xkeyscore” given the wide adoption of TLS.
A nationwide invisible firewall, with man in the middle decryption and permanent storage of all unencrypted data. All run by the major backbones and ISPs.
DNSSEC is an authentication mechanism. It does not encrypt queries or responses.
You might be thinking of DNS-over-HTTPS (DoH) or DNS-over-TLS (DoT).
There's also DNSCurve.
> If anyone tries to convince you Tor is not safe, ask yourself: cui bono?
It could be for insidious reasons, or because the speaker legitimately believes it. "If anyone tries to convince you you shouldn't use Rot13 as an encryption scheme, ask yourself- cui bono?" Silly example, but the point is, just about *everything* could be explained equally by either evil lies or honest warnings.
Same was true of Truecrypt.
After the core team disbanded there was a full security audit which uncovered some very minor issues.
People never really trusted Veracrypt though. Quite interesting how that turned out.
IIRC there were a lot more options by the time of the Truecrypt-Veracrypt shift. Truecrypt was around when drive encryption was otherwise an expensive enterprise software thing, but I think Bitlocker was included with Pro versions of Windows by the time of Veracrypt so that probably became the easiest free option - and probably with better compatibility as well.
this presumes that anyone would trust bitlocker.
Bitlocker, LUKS and FileVault are the new standard(s).
Veracrypt is a curiousity, not beloved the way truecrypt was.
I’d love to see hard numbers for this, just my outside impression.
In fact, when trying to find old forums that I was part of during that era, I failed; and found only this: https://discuss.privacyguides.net/t/why-people-still-believe...
"Unsafe" is not enough data.
Safer or unsafer than ISP or VPN, is the question.
(I presume safe means private here)
Especially “the solution to an unsafe Tor is more Tor!” it feels like I’m at a charity drive.
How does that work technically, if I am connecting with SSL?
The only thing I see is seeing which IP addresses are using Tor, when, and how much traffic exchanged, but mostly it will be a bunch of reused residential IPs? If you know who you are looking for anyway better to work with their ISP?
With the exit nodes, you know which IP addresses are being looked up. You might get an exit node IP when investigating a crime say. Raid that person, but can you find anything more?
This isn't an argument, but a question.
In that case we're talking at cross-purposes, so I'll reserve judgment.
I'm concerned with what let's call Gorhill's Web-- that is, the experience glued together by gorhill's Ublock Origin that is viewed by the vast majority of HN commenters on a day to day basis.
What you're describing is the Web-based Wasteland that is experienced by the vast majority of non-technical users who view the web without an ad blocker.
Encouraging Wasteland users to use TBB may well be an overall improvement for them. But there are more and more popular parts of the web that are practically unusable without an ad blocker-- e.g., fake download buttons, myriad other ad-based shenanigans, multiple ads squeezed into short pieces youtube content that ruins the music, etc. And there's an older segment of the population who at I cannot in good conscience move away from Gorhill's Web.
If Tor uptake somehow spikes to the point that some services can no longer get away with discriminating against exit nodes, then great! But in the meantime, I and many others have solid reasons for encouraging more and more Ublock Origin use among a wide variety of users.
And as you point out, there are technical reasons why the ad blocker lists are at odds with TBB design goals. Thus, I find the top poster's "cui bono" comment low effort and unhelpful.
Edit: clarification
> cui bono?
You look for the person who will benefit, and uhh...uhh you know, uhh, you know, you'll uhh, uhh. Well, you know what I'm trying to say.
- VI Lenin
Society benefits when people refrain from illegal and immoral activities.
Politicians and the powers-that-be benefit from slowly adding to the existing pile of what's considered illegal and immoral. They build that pile as a levee against threats to their power; to maintain the status quo.
Immoral is as subjective as it gets and is therefore an awful yardstick.
I would assume very likely yes?
There definitely are legit use cases for it and in an ideal world, I think all traffic should go over onion routing by default to protect them.
But in reality today besides a handful of idealists (like me some years ago), and legitimate users, like protestors under oppressive regimes - I would assume the biggest group with a concrete interest to hide would be indeed pedophiles and other dark net members and therefore use it.
No. It is not. More than 1/3 of the Tor servers are run by US Federal Govt as does other members of the Five Eyes. Israel has a large number as well. Cases are built backwards or in parallel that are from the fruit of the poisonous tree. If you don't know what that term means, look it up.
Use Tor with extreme caution.
How is that even possible? Unless you keep to hidden services underneath you do need an exit point to talk to the regular internet.
Comment is saying: never use regular internet ONLY use hidden services so you never need to exit the network through an exit node
It's safe if you ain't a pedo or terrorist.
Sometimes I wonder wtf y'all are doing with such crazy security expectations and paranoia.
1. It's fun. Playing with these technologies is entertaining and will learn you some good stuff about the networking and the encryption and what not.
2. Tor allows reception of unsolicited TCP/IPv4 traffic if you are behind a NAT you can't open ports for, because your connection to the network is initiated on your side. This is nice, especially with increasing prevalence of CGNAT.
3. Something my niece stated when I talked to her about it, who I disagree with: Many countries have a notion of upstanding citizen enforced by well funded and maintained violence-monopoly actors (R) that are not equivalent to what the majority of citizens actually do (S). R minus S is T - the tolerance gap. Things that allow T to exist include lack of will to prosecute, general social acceptance of things that were not acceptable years ago, etc. All things that are quite mutable. If your activities fall into T, privacy-enforcement tech benefits you if R and S might change in the future.
FWIW I am firmly in the "if you have nothing to hide you have nothing to fear" camp and I looked at her funny when she said this. Maybe she is a criminal or just crazy, idk.
You believe you have "nothing to hide" from 1. your own government, 2. the government of a nation you happen to be visiting or communicating with, 3. corporations who slurp up and sell personal data, 4. organized crime, 5. con artists and phishers looking for an easy mark, 6. people who personally want to harm you or exploit you, 7. people who want to harm others in your life and would use you as a means to do so, 8. people who want to harm your race/gender/religion/etc and identified you as a member of their targeted group.
Really?
End-to-end encryption technologies (of which TOR is one) help prevent entire categories of attacks which would otherwise be available to all of those groups, to use against you and others.
The implication of the right to privacy being unnecessary because you have nothing to hide is akin to declaring the right to free speech unnecessary because you have nothing to say.
The ability to maintain privacy and anonymity is not for today, it's for tomorrow.
I don't think many people seriously think that terrorists planning attacks to maim and kill people, and pedophiles sharing child sexual abuse imagery with each other, have an absolute right to privacy in such communications, nor that doing so is an example of free speech.
Really it's a good thing that the "global adversary" is - almost certainly - keeping tabs on Tor traffic and tracking down who is responsible for the worst abuses within this network.
Not sure what you mean. Gathering evidence is a vital part of investigating criminal activity. In the age of the internet, this includes evidence generated on computer networks, such as connection metadata from distributed systems like Tor.
Why, in your view, is this akin to Stalinism? It's just standard police work adapted for modern technologies, not an indication of totalitarian governance.
As knowledgeable users of the Internet in 2024, we would do well to assume that nothing is 100% “safe” (I.e. there’s no such thing as perfect security/privacy).
However, some things, like Tor, can make your use of the Internet safer.
If all you’re doing is arguing that Tor shouldn’t be used because it isn’t/was never “safe”, then you might as well not use the Internet at all.