Comment by valianteffort

Comment by valianteffort a day ago

23 replies

View on Hacker News

Federal agencies operate enough exit nodes to make Tor use risky at best. I have no idea if they have since implemented some feature to prevent this but if not I would stay far away from Tor if you're planning to do illegal things. There's also the risk of trusting service operators to secure any PII you expose on marketplaces.

Not that I think the Fed's would blow their cover to hunt down people buying drugs but still seems stupid to trust.

system33- a day ago

“The western governments run most of the exits” is one of those things everybody “knows” but rarely backs up.

The list of all relays is public knowledge by design. There’s contact information attached to relays. The big operators are known individuals and organizations. They contribute. Interact.

Which ones are actually the governments doing bad things against their citizens? It’s hard to tell? Then why do you make such claims?

Relays that observably do bad things are removed from the network all the time. Are those ones the government? Tor seemingly has a reasonable handle on the situation if that’s the case.

If the fed is doing correlation attacks, why would they run relays at all? “Just” tap the IXPs near major hubs of relays. Or heck, get data from the taps you already had. Silent and more widespread.

Pushing people away from tor potentially makes it even easier to deanonymize them, depending on the adversary model assumed.

Reply View 13 replies
  • lcnPylGDnU4H9OF a day ago

    > “The western governments run most of the exits” is one of those things everybody “knows” but rarely backs up.

    Thanks for pointing this out. Seems obvious in retrospect but I don't really recall seeing a lot of evidence for this despite seeing the claim quite commonly. That said, the use of "rarely" makes me wonder what evidence has been presented in such rare instances. Just curious. (Of course it's also fine if the phrasing was just communication style.)

    Reply View 0 replies
  • Spooky23 a day ago

    Tor was literally developed by the intelligence community. I’m sure there are a variety of means to gather actionable intelligence from it, with or without the cooperation of the exit node volunteers.

    Beyond a principled stance re communications, I can’t think of a reason to use it. If you’re planning to resist some regime that controls telecom infrastructure, the fact that you’re using it is both uncommon and notable.

    Reply View 11 replies
    • system33- a day ago

      Tor was literally developed by the Naval Research Lab. Not a part of the IC.

      I know because I work there. AMA (edit: about tor. Because people say a lot about it without actually knowing much. But now I should put my phone down so… too late!)

      To protect our most sensitive communications and vulnerable communities , Tor usage should be normalized so it is common and not notable.

      Reply View 8 replies
      • amatecha a day ago

        I think if the Tor Project wants to boost their network they might try putting anything about how to do so on their website, easily-accessible. I'm trying to figure out how to run a relay and having a pretty challenging time finding anything at all about this. They just really want me to download Tor Browser, it seems.

        Edit: I finally found it![0] I had to go to Donate, Donation FAQ, "Can I donate my time?" , "Learn more about joining the Tor community.", and then "Relay Operations" -> "Grow the Tor network" at the bottom right. I would really hope there's a more direct path than this...

        [0] https://community.torproject.org/relay/

        Reply View 2 replies
      • Nathanael_M a day ago

        Unrelated to Tor, what was your favourite project to work on that you're allowed to talk about? That must be a fascinating job.

        Reply View 2 replies
      • Jach a day ago

        I still think the IC, and especially the state department, benefits from having Tor fulfill its actual design goals most of the time. There are operations and state department goals that can benefit from Tor working properly. It's the same with encryption in general -- the IC benefits from there being strong and bug-free crypto implementations. That they have in the past backdoored some of them doesn't change that they've also hardened others. I'm sure they come up with and deploy various attacks on Tor all the time, same with foreign nations (whom the state department would like to thwart). I'm skeptical though that they can do working attacks at any time and against any set of people.

        For your AMA, if you want: How's the job? What keeps you working there? How's patriotism these days?

        Reply View 1 reply
        • system33- a day ago

          The job these days is boring but secure. Tor stuff was more exciting, then I switched teams because grass-is-greener.

          At least for the teams I have been on and my view of leadership, there is very little political talk.

          But patriotism isn’t politics… lol. The higher you get the more “hoo rah America!” is a part of the motivational speech or report or whatever. Down here in the streets it’s just another job. Pride in the country isn’t much of a driver. At least for me.

          Reply View 0 replies
    • pushupentry1219 a day ago

      > Tor was literally developed by the intelligence community. I’m sure there are a variety of means to gather actionable intelligence from it, with or without the cooperation of the exit node volunteers.

      These two statements make little sense together. It was originally developed by the Navy. Okay. So why would they design it from the get-go with such a fatal flaw that would risk their own adversaries gathering "actionable intelligence" from it?

      I'd like to stress if we're talking about the Navy's involvement, then you're questioning the design of the whole thing from the very beginning, not just the current implementation.

      Reply View 1 reply
      • llm_trw a day ago

        People saying that the government funds Tor so it's insecure is like saying that the government funds the army which kills people on purpose, so any government hospital will also kill people on purpose

        Reply View 0 replies
LouisSayers a day ago

You'd be surprised how much crime goes on in plain sight. There are literally people on Instagram making stories of themselves showing off their drugs and stacks of money.

Given that a lot of law enforcement doesn't even bother with the low hanging crimes, the chance of them prosecuting anyone using Tor is extremely low unless you get big enough or go far enough to warrant the attention.

Reply View 0 replies
0xggus a day ago

Please read the blog post:"It is important to note that Onion Services are only accessible from within the Tor network, which is why the discussion of exit nodes is irrelevant in this case."

Reply View 0 replies
pc86 17 hours ago

This brings up a couple questions I've always had about Tor. I played around with it a bit maybe a decade ago and it seemed it was used for drugs, CSAM, and getting yourself honeypotted trying to buy illegal guns or murder-for-hire.

I always assumed if you were doing things where your threat model included governments trying to kill you that Tor wouldn't be all that useful even if it was secure.

Reply View 0 replies
midtake a day ago

Monitoring exit nodes does not necessarily reveal hidden services, though.

Edit: Never does, exit nodes are not part of the circuit, thanks to commenter below.

Reply View 1 reply
  • system33- a day ago

    Monitoring exits is completely irrelevant to onion services, in fact.

    Completely.

    Exits aren’t a part of the circuit. Ever.

    Reply View 0 replies
drexlspivey a day ago

If they run just the exit node they still can’t de-anonymize you right?

Reply View 3 replies
  • system33- a day ago

    Depends on the content of your traffic.

    If “deanonymize” strictly means perform a timing attack using info you have from the beginning and end of the circuit, then by definition you’re correct.

    But if you visit an identifying set of websites and/or ignore TLS errors or … they can still deanonymize you.

    Reply View 2 replies
    • iluvcommunism a day ago

      What role do TLS errors play in de-anonymizing onion traffic?

      Reply View 1 reply
      • system33- a day ago

        My comment is strictly about exit nodes which are not used as part of connecting to onion services.

        Ignoring TLS errors might mean you’re ignoring the fact your exit relay is MitM attacking you.

        Reply View 0 replies