no-dr-onboard a year ago

After the Snowden revelations regarding FOXACID and QUANTUM going largely undressed in the tor project, people have every right to feel sketched out with using ToR for anything. "We're still helping people" just isn't a good enough argument for most people.

https://www.schneier.com/blog/archives/2013/10/how_the_nsa_a... https://blog.torproject.org/yes-we-know-about-guardian-artic...

  • xyst a year ago

    Wonder what has replaced “Xkeyscore” given the wide adoption of TLS. I know ISPs, especially national ISPs like AT&T (see: titanpointe - 33 thomas st, nyc) would feed data to NSA since traffic at the time was mostly via http (rather than https). I suppose the unencrypted dns queries are still useful (although DNSSEC is supposed to defend against snooping/deep packet inspection)

    • yupyupyups a year ago

      >Wonder what has replaced “Xkeyscore” given the wide adoption of TLS.

      Cloudflare is a US-based company that does MITM attacks on all traffic of the websites that it protects. It's part of how their DDoS mitigation works.

      Many people still use large US-based mail providers such as Outlook or Gmail.

      Many large services use AWS, GCP or Azure. Perhaps there are ways for the NSA to access customers' virtual storage or MITM attack traffic between app backends and the load balancer where TLS is not used.

      • sophacles a year ago

        It is MITM, but is it an attack? Literally the website owner hires Cloudflare explicity to decrypt and filter the traffic. Attack implies that it's unwanted behavior, yet the reality seems to imply that its wanted behavior by the site owner at a minimum, although continued use of the site by visitors also suggests that they want that behavior (or they'd go elsewhere).

        • EasyMark a year ago

          Isn’t the attack assuming that NSA/FBI/TLO has full access to the MITM connection at will? I mean that doesn’t seem too far fetched does it give various revelations over the years and things like The Patriot Act actually passing when it’s obviously unconstitutional

      • itscrush a year ago

        Load Balancing && WAF or CDN enablement usually suggests at least a decrypt step or two in the HTTP(s) chain. WAF for layer7 payload inspection, or the default wildcard cert'ing your Cloudflare site for instance.

        There's also significant aggregation of traffic at handfuls of service providers amongst service categories, all generally HTTP(s) type services too ... Mail, CDN, Video, Voice, Chat, Social, etc. Each of these are still likely to employ Load Balancing & WAF.

        Most WAF/Load Balancing providers have documentation about when/where to perform decrypt in your architecture.

        How many Cloudflare sites are just using the Cloudflare wildcard cert?

        From there, plenty of 3 letter agency space to start whiteboarding how they might continue to evolve their attack chain.

      • snewman a year ago

        Often the connection between the load balancer and app backend also uses TLS. I've operated a large / complex service on AWS and all internal communications at each level were encrypted.

        Of course, in principle, a cloud provider could tap in anywhere you're using their services – ELB (load balancer), S3, etc. I presume they could even provide backdoors into EC2 instances if they were willing to take the reputational risk. But even if you assume the NSA or whoever is able to tap into internal network links within a data center, that alone wouldn't necessarily accomplish much (depending on the target).

      • tonetegeatinst a year ago

        Worse is how most email providers require SMS confirmation or a secondary email.

    • bornfreddy a year ago

      A lot of pages are now behind CF, hosted on AWS,... It would surprise me if these providers didn't share their data with the 3-letter agencies.

      • tonetegeatinst a year ago

        I'd argue any data center of cloudflare is just as valuable to fiber tap, just like the undersea fiber cables.

    • xenophonf a year ago

      DNSSEC is an authentication mechanism. It does not encrypt queries or responses.

      You might be thinking of DNS-over-HTTPS (DoH) or DNS-over-TLS (DoT).

      There's also DNSCurve.

      https://en.wikipedia.org/wiki/DNSCurve

    • greyface- a year ago

      Lots of juicy Internet protocols are still running in cleartext. OCSP, for example, and DNS, as you noted. And the IP-level metadata of TLS connections is still enough to uniquely identify which entities are communicating with each other in many situations. I very much doubt XKeyscore has been retired.

    • tptacek a year ago

      DNSSEC is a replacement for the commercial WebPKI that is run by world governments.

    • treebeard901 a year ago

      >> Wonder what has replaced “Xkeyscore” given the wide adoption of TLS.

      A nationwide invisible firewall, with man in the middle decryption and permanent storage of all unencrypted data. All run by the major backbones and ISPs.

      • yencabulator a year ago

        > man in the middle decryption

        How would that work?

    • zaik a year ago

      DNSSEC does NOT protect against snooping.

knodi123 a year ago

> If anyone tries to convince you Tor is not safe, ask yourself: cui bono?

It could be for insidious reasons, or because the speaker legitimately believes it. "If anyone tries to convince you you shouldn't use Rot13 as an encryption scheme, ask yourself- cui bono?" Silly example, but the point is, just about *everything* could be explained equally by either evil lies or honest warnings.

dijit a year ago

Same was true of Truecrypt.

After the core team disbanded there was a full security audit which uncovered some very minor issues.

People never really trusted Veracrypt though. Quite interesting how that turned out.

  • fencepost a year ago

    IIRC there were a lot more options by the time of the Truecrypt-Veracrypt shift. Truecrypt was around when drive encryption was otherwise an expensive enterprise software thing, but I think Bitlocker was included with Pro versions of Windows by the time of Veracrypt so that probably became the easiest free option - and probably with better compatibility as well.

    • no-dr-onboard a year ago

      this presumes that anyone would trust bitlocker.

      https://pulsesecurity.co.nz/articles/TPM-sniffing

      • bri3d a year ago

        Being able to sniff a key as it transits a local bus is a very different kind of compromise of "trust" than believing that something is preemptively backdoored by a threat actor. It is deeply mysterious that Microsoft don't simply use TPM encrypted sessions to prevent this, though.

    • input_sh a year ago

      How's it free if it's not available in the Home edition of Windows?

      In fact it's pretty much the only difference between Home and Professional editions of Windows these days, so I'd price it as the difference between the two (about $60).

      • fencepost a year ago

        IIRC the Home editions of Windows now do have drive encryption at least if signed into with a Microsoft account, but they have almost no features for managing that encryption beyond turning it off or getting the recovery key from the MS account.

        At the time I was talking about, Bitlocker drive encryption on Windows 7 required either Enterprise or Ultimate, and for a 2-5 person office with no domain and a couple laptops they wanted encrypted outside the office Truecrypt was a perfectly viable option.

  • hypeatei a year ago

    > People never really trusted Veracrypt though

    Can you expand on this? It was my understanding that Veracrypt is the new de-facto standard.

    • dijit a year ago

      Bitlocker, LUKS and FileVault are the new standard(s).

      Veracrypt is a curiousity, not beloved the way truecrypt was.

      I’d love to see hard numbers for this, just my outside impression.

      In fact, when trying to find old forums that I was part of during that era, I failed; and found only this: https://discuss.privacyguides.net/t/why-people-still-believe...

      • UberFly a year ago

        This is complete conjecture. Like Truecrypt, Veracrypt is open source, has been audited and has been actively maintained. Could it use another audit? Sure but so could Bitlocker but that isn't happening for even the first time any time soon.

stavros a year ago

I'll ask the inverse: if Tor is unsafe, who benefits from telling you to use it?

  • theonionrouter a year ago

    "Unsafe" is not enough data.

    Safer or unsafer than ISP or VPN, is the question.

    (I presume safe means private here)

  • appendix-rock a year ago

    Especially “the solution to an unsafe Tor is more Tor!” it feels like I’m at a charity drive.

  • pphysch a year ago

    The groups that primarily fund The Tor Project, i.e. the US State and Defense Departments.

cainxinth a year ago

The best attack against Tor is creating entrance and exit nodes that monitor traffic. That was the biggest risk factor when Tor was invented and it still is today.

  • theonionrouter a year ago

    How does that work technically, if I am connecting with SSL?

    The only thing I see is seeing which IP addresses are using Tor, when, and how much traffic exchanged, but mostly it will be a bunch of reused residential IPs? If you know who you are looking for anyway better to work with their ISP?

    With the exit nodes, you know which IP addresses are being looked up. You might get an exit node IP when investigating a crime say. Raid that person, but can you find anything more?

    This isn't an argument, but a question.

    • cainxinth a year ago

      They don't use encrypted data. They look at the metadata like packet size and timing and perform traffic correlation, which defeats Tor's primary purpose: hiding the connection between the source and destination of traffic.

andai a year ago

Someone tries to convince you a room totally isn't bugged and that you should have private conversations in it. (A room designed by the US military, incidentally...)

jancsika a year ago

A question before I enter your Manichean universe:

Does Tor Browser Bundle currently ship with Ublock Origin installed and on by default?

  • duskwuff a year ago

    It would be irresponsible for it to do so. Ad blocker lists can inject scripts into web pages which could compromise user privacy.

    • bmicraft a year ago

      Well then ship a version that can't inject js and only block network requests. Could it be that hard?

    • jancsika a year ago

      In that case we're talking at cross-purposes, so I'll reserve judgment.

      I'm concerned with what let's call Gorhill's Web-- that is, the experience glued together by gorhill's Ublock Origin that is viewed by the vast majority of HN commenters on a day to day basis.

      What you're describing is the Web-based Wasteland that is experienced by the vast majority of non-technical users who view the web without an ad blocker.

      Encouraging Wasteland users to use TBB may well be an overall improvement for them. But there are more and more popular parts of the web that are practically unusable without an ad blocker-- e.g., fake download buttons, myriad other ad-based shenanigans, multiple ads squeezed into short pieces youtube content that ruins the music, etc. And there's an older segment of the population who at I cannot in good conscience move away from Gorhill's Web.

      If Tor uptake somehow spikes to the point that some services can no longer get away with discriminating against exit nodes, then great! But in the meantime, I and many others have solid reasons for encouraging more and more Ublock Origin use among a wide variety of users.

      And as you point out, there are technical reasons why the ad blocker lists are at odds with TBB design goals. Thus, I find the top poster's "cui bono" comment low effort and unhelpful.

      Edit: clarification

      • umanwizard a year ago

        I don’t think it’s true that the vast majority of HN users use ad blockers. I don’t, and I don’t find the web “practically unusable”.

orthecreedence a year ago

> cui bono?

You look for the person who will benefit, and uhh...uhh you know, uhh, you know, you'll uhh, uhh. Well, you know what I'm trying to say.

- VI Lenin

[removed] a year ago
[deleted]
supportengineer a year ago

Society benefits when people refrain from illegal and immoral activities.

  • BLKNSLVR a year ago

    Politicians and the powers-that-be benefit from slowly adding to the existing pile of what's considered illegal and immoral. They build that pile as a levee against threats to their power; to maintain the status quo.

    Immoral is as subjective as it gets and is therefore an awful yardstick.

  • barbazoo a year ago

    Are you implying that Tor is primarily used for illegal or "immoral" purposes?

    • lukan a year ago

      I would assume very likely yes?

      There definitely are legit use cases for it and in an ideal world, I think all traffic should go over onion routing by default to protect them.

      But in reality today besides a handful of idealists (like me some years ago), and legitimate users, like protestors under oppressive regimes - I would assume the biggest group with a concrete interest to hide would be indeed pedophiles and other dark net members and therefore use it.

      • yupyupyups a year ago

        I'm pretty sure many people use Tor for other things than journalism and CP.

        Tor is a privacy tool. Much of what we do in our lives is on the internet, and privacy is important. Tor helps people enjoy privacy in a medium that they are increasingly dependant on.

        • bmicraft a year ago

          Tor also helps you to increase your average loading time of a webpage to 10x. That's a very good deterrent against using it if you don't need it for some reason

      • edm0nd a year ago

        You would assume wrong then. The majority of Tor traffic is just normal people, not illegal stuffs.

        The regular internet aka clearnet has far more malicious activity and traffic.

        • lukan a year ago

          Can you link to some data, that proofs this?

          I have no data, just assumptions.

    • fsckboy a year ago

      are you implying that Tor is not used for illegal or immoral purposes? (I took out the primarily that you threw in to make your argument stronger because that made my argument stronger, and I took out your scare quotes because morality doesn't scare me)

      • barbazoo a year ago

        I have no idea who is using Tor other than that I heard it can be used by people requiring privacy from governments, e.g. whistleblowers. It also seems to have broad support from the tech industry so I'd be surprised if it was in fact primarily used for illegal or "immoral" purposes. That's why I'm asking.