From eugen@leitl.org Mon Oct 14 05:18:36 2013 From: Eugen Leitl To: cypherpunks@lists.ogf.org Subject: [tor-relays] NSA's "Tor Stinks" Date: Mon, 14 Oct 2013 11:18:33 +0200 Message-ID: <20131014091833.GV10405@leitl.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5550425758166080456==" --===============5550425758166080456== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable ----- Forwarded message from Jesse Victors ----- Date: Tue, 08 Oct 2013 13:23:48 -0600 From: Jesse Victors To: tor-relays(a)lists.torproject.org Subject: [tor-relays] NSA's "Tor Stinks" Message-ID: <52545BC4.3020106(a)jessevictors.com> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbi= rd/24.0 Reply-To: tor-relays(a)lists.torproject.org I recently ran across several articles related to the NSA's attempts at cracking Tor and de-anonymizing its users. They are after terrorists and other individuals who seek to do harm of course, but their work obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities. So far, it appears that the cryptographic standards and protocols implemented by the Tor devs appear to be holding, which I find interesting. The NSA has been trying other methods to figure out Tor, including identifying and then infecting user machines, trying to control/hijack the Tor network, or by influencing the network as a whole, and they've had a very small amount of success, but not much. One thing that was especially interesting to me (and I expect to everyone on this mailing list) is that they are trying to control more relays via cooperation or direct access, which can then be used for timing attacks or disruptions to the users. They are also trying to shape traffic to friendly exits. For anyone interested, I would highly recommend these links: http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-prese= ntation-document http://www.bbc.co.uk/news/technology-24429332 http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encr= yption Also, from http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-inte= rnet-anonymity it appears that their opinion of Tails is that it "adds severe CNE misery to [the] equation". These are all highly informative articles, and it appears that Tor is remaining resilient to their efforts, as long as people (including relay/exit operators) use the latest software, remain aware that Tor doesn't protect them in all aspects, and as long as there are enough non-NSA relays and exits (we need more!) such that everything they see still remains encrypted and anonymous. Interesting I say. Jesse V. _______________________________________________ tor-relays mailing list tor-relays(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ----- End forwarded message ----- --=20 Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5 --===============5550425758166080456==-- From adam@cypherspace.org Mon Oct 14 06:02:20 2013 From: Adam Back To: cypherpunks@lists.ogf.org Subject: Re: [tor-relays] NSA's "Tor Stinks" Date: Mon, 14 Oct 2013 12:02:04 +0200 Message-ID: <20131014100204.GA28712@netbook.cypherspace.org> In-Reply-To: <20131014091833.GV10405@leitl.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0844752114188065226==" --===============0844752114188065226== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Btw speaking of GCHQ or NSA operating Tor nodes, of course that is inevitable; and to the extent that they are not perfectly policy aligned a good thing, and they'll try to do a professional job of securing their own tor nodes :) eg if you are a chinese dissident maybe you want to use them as one hop. You just dont want them controlling to many nodes. And probably the Russians, French, Israelis, Chinese etc are all running Tor nodes and even less mutually cooperative. What we could really do with is North Korea, and Iran intelligence services running some also. I suspect to the extent that they are experiencing limited success you could imagine its because not ony are some nodes controlled by users, but more that some are operated by mutually distrustful competing intelligence agencies. The intelligence agency nodes are probably better secured than user nodes, though some user nodes maybe run by security capable and conscious users.=20 The intelligence agencies however have a budget for and hoard of unpublished 0-days on PC & router operating systems so they have a slight edge. Also the intelligence agency is not going to cave under legal pressure when someone from law enforcement comes with threats and demands relating to exit traffic so they have that advantage too. It would be better to my mind if they just came out and said yes this is our node and ran it from their own domain tor.gchq.gov.uk or tor.nsa.gov; then users could opt to use it. However I suspect they think no one would use it, or the people they actively want to use it (who they are trying to trace) would avoid it. Could be useful if they used an identified one and a plausibly hidden one. Speaking of plausibly hidden I notice there is mention of code word 'NEWTONS CRADLE' in one of the docs for a GCHQ tor node operation, speculating could that be some MoD funded student at cambridge in their dorm? (Quite commnon in the UK for students to be sponsored by a company they will work for afterwards or a government career they took a break from. A couple of my classmates at BSc, University of Exeter (UK) comp sci BSc were openly MoD sponsored.) No matter, its trivial for establishment to provide perfect cover for node operation, just run from home address, or persuade ISP/telco to route traffic via DSL lines identifying IP address range as a IP forwarding proxy. = They can do whatever they want, you'd think that more likely, however a university dorm IP address range would look nice and plausible/credible also, maybe more so than a DSL address. Probably a university upstream or the university IT itself (universities often take defense contracts) could fake it or operate it under contract with intelligence cleared dual-hat admin if they cared enough. I do think it would be very useful if the intelligence agencies running tor nodes also ran one on their own domain. Then you could route via one who's government is overtly supportive of your political cause. (Doesnt protect you from backroom information exchange deals and horse trading, which I'm sure happens even with sworn enemies, but its a start if you are unintersting enough!) However I expect another reason they dont want to do that is they dont want to enable people to get stronger privacy period.=20 They have a dual hat, they want internet privacy for their own open source research, but they selfishly dont want other users to have privacy or gain any privacy as a side-effect from their own. Adam On Mon, Oct 14, 2013 at 11:18:33AM +0200, Eugen Leitl wrote: >----- Forwarded message from Jesse Victors ---= -- > >Date: Tue, 08 Oct 2013 13:23:48 -0600 >From: Jesse Victors >To: tor-relays(a)lists.torproject.org >Subject: [tor-relays] NSA's "Tor Stinks" >Message-ID: <52545BC4.3020106(a)jessevictors.com> >User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderb= ird/24.0 >Reply-To: tor-relays(a)lists.torproject.org > > >I recently ran across several articles related to the NSA's attempts at >cracking Tor and de-anonymizing its users. They are after terrorists and >other individuals who seek to do harm of course, but their work >obviously has implications into other Tor users, the vast majority of >whom use Tor for legal and proper activities. So far, it appears that >the cryptographic standards and protocols implemented by the Tor devs >appear to be holding, which I find interesting. The NSA has been trying >other methods to figure out Tor, including identifying and then >infecting user machines, trying to control/hijack the Tor network, or by >influencing the network as a whole, and they've had a very small amount >of success, but not much. One thing that was especially interesting to >me (and I expect to everyone on this mailing list) is that they are >trying to control more relays via cooperation or direct access, which >can then be used for timing attacks or disruptions to the users. They >are also trying to shape traffic to friendly exits. For anyone >interested, I would highly recommend these links: >http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-pres= entation-document >http://www.bbc.co.uk/news/technology-24429332 >http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-enc= ryption > >Also, from >http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-int= ernet-anonymity >it appears that their opinion of Tails is that it "adds severe CNE >misery to [the] equation". These are all highly informative articles, >and it appears that Tor is remaining resilient to their efforts, as long >as people (including relay/exit operators) use the latest software, >remain aware that Tor doesn't protect them in all aspects, and as long >as there are enough non-NSA relays and exits (we need more!) such that >everything they see still remains encrypted and anonymous. Interesting I >say. > >Jesse V. > > > > >_______________________________________________ >tor-relays mailing list >tor-relays(a)lists.torproject.org >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > >----- End forwarded message ----- >--=20 >Eugen* Leitl leitl http://leitl.org >______________________________________________________________ >ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org >AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5 --===============0844752114188065226==-- From jya@pipeline.com Mon Oct 14 10:11:20 2013 From: John Young To: cypherpunks@lists.ogf.org Subject: Assassination Politics on Ycombinator Date: Mon, 14 Oct 2013 10:12:13 -0400 Message-ID: In-Reply-To: <20131014100204.GA28712@netbook.cypherspace.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8365274904649027992==" --===============8365274904649027992== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Snapshot this morning: http://cryptome.org/2013/10/ap-ycombinator-13-1014-0944.htm --===============8365274904649027992==-- From jd.cypherpunks@gmail.com Mon Oct 14 13:52:28 2013 From: jd.cypherpunks@gmail.com To: cypherpunks@lists.ogf.org Subject: Re: Assassination Politics on Ycombinator Date: Mon, 14 Oct 2013 19:50:30 +0200 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8173707167414837337==" --===============8173707167414837337== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reposted Jim's original at http://cpunks.wordpress.com/2013/10/14/assassinati= on-politics-199596/ b/c too many young people didn't read it.=20 --Michael 14.10.2013 - 16:12 John Young : > Snapshot this morning: >=20 > http://cryptome.org/2013/10/ap-ycombinator-13-1014-0944.htm >=20 >=20 >=20 >=20 --===============8173707167414837337== Content-Type: text/html Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="attachment.html" MIME-Version: 1.0 PGh0bWw+PGhlYWQ+PG1ldGEgaHR0cC1lcXVpdj0iY29udGVudC10eXBlIiBjb250ZW50PSJ0ZXh0 L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPjwvaGVhZD48Ym9keSBkaXI9ImF1dG8iPjxkaXYgc3R5bGU9 Ii13ZWJraXQtdGV4dC1zaXplLWFkanVzdDogYXV0bzsgIj5SZXBvc3RlZCBKaW0ncyBvcmlnaW5h bCBhdCZuYnNwOzxzcGFuIHN0eWxlPSJmb250LXNpemU6IDE1cHg7IGxpbmUtaGVpZ2h0OiAxOXB4 OyB3aGl0ZS1zcGFjZTogbm93cmFwOyAtd2Via2l0LXRhcC1oaWdobGlnaHQtY29sb3I6IHJnYmEo MjYsIDI2LCAyNiwgMC4yOTI5NjkpOyAtd2Via2l0LWNvbXBvc2l0aW9uLWZpbGwtY29sb3I6IHJn YmEoMTc1LCAxOTIsIDIyNywgMC4yMzA0NjkpOyAtd2Via2l0LWNvbXBvc2l0aW9uLWZyYW1lLWNv bG9yOiByZ2JhKDc3LCAxMjgsIDE4MCwgMC4yMzA0NjkpOyAtd2Via2l0LXRleHQtc2l6ZS1hZGp1 c3Q6IG5vbmU7ICI+PGEgaHJlZj0iaHR0cDovL2NwdW5rcy53b3JkcHJlc3MuY29tLzIwMTMvMTAv MTQvYXNzYXNzaW5hdGlvbi1wb2xpdGljcy0xOTk1OTYvIj5odHRwOi8vY3B1bmtzLndvcmRwcmVz cy5jb20vMjAxMy8xMC8xNC9hc3Nhc3NpbmF0aW9uLXBvbGl0aWNzLTE5OTU5Ni88L2E+PC9zcGFu PjwvZGl2PjxkaXY+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogMTVweDsgbGluZS1oZWlnaHQ6IDE5 cHg7IHdoaXRlLXNwYWNlOiBub3dyYXA7IC13ZWJraXQtdGFwLWhpZ2hsaWdodC1jb2xvcjogcmdi YSgyNiwgMjYsIDI2LCAwLjI5Mjk2OSk7IC13ZWJraXQtY29tcG9zaXRpb24tZmlsbC1jb2xvcjog cmdiYSgxNzUsIDE5MiwgMjI3LCAwLjIzMDQ2OSk7IC13ZWJraXQtY29tcG9zaXRpb24tZnJhbWUt Y29sb3I6IHJnYmEoNzcsIDEyOCwgMTgwLCAwLjIzMDQ2OSk7Ij5iL2MgdG9vIG1hbnkgeW91bmcg cGVvcGxlIGRpZG4ndCByZWFkIGl0LiZuYnNwOzxicj48L3NwYW4+PGRpdiBzdHlsZT0iLXdlYmtp dC10ZXh0LXNpemUtYWRqdXN0OiBhdXRvOyAiPi0tTWljaGFlbDwvZGl2PjxkaXYgc3R5bGU9Ii13 ZWJraXQtdGV4dC1zaXplLWFkanVzdDogYXV0bzsgIj48YnI+PC9kaXY+PC9kaXY+PGRpdiBzdHls ZT0iLXdlYmtpdC10ZXh0LXNpemUtYWRqdXN0OiBhdXRvOyAiPjxicj4xNC4xMC4yMDEzIC0gMTY6 MTIgSm9obiBZb3VuZyAmbHQ7PGEgaHJlZj0ibWFpbHRvOmp5YUBwaXBlbGluZS5jb20iPmp5YUBw aXBlbGluZS5jb208L2E+Jmd0Ozo8YnI+PGJyPjwvZGl2PjxibG9ja3F1b3RlIHR5cGU9ImNpdGUi IHN0eWxlPSItd2Via2l0LXRleHQtc2l6ZS1hZGp1c3Q6IGF1dG87ICI+PGRpdj48c3Bhbj5TbmFw c2hvdCB0aGlzIG1vcm5pbmc6PC9zcGFuPjxicj48c3Bhbj48L3NwYW4+PGJyPjxzcGFuPjxhIGhy ZWY9Imh0dHA6Ly9jcnlwdG9tZS5vcmcvMjAxMy8xMC9hcC15Y29tYmluYXRvci0xMy0xMDE0LTA5 NDQuaHRtIj5odHRwOi8vY3J5cHRvbWUub3JnLzIwMTMvMTAvYXAteWNvbWJpbmF0b3ItMTMtMTAx NC0wOTQ0Lmh0bTwvYT48L3NwYW4+PGJyPjxzcGFuPjwvc3Bhbj48YnI+PHNwYW4+PC9zcGFuPjxi cj48c3Bhbj48L3NwYW4+PGJyPjxzcGFuPjwvc3Bhbj48YnI+PC9kaXY+PC9ibG9ja3F1b3RlPjwv Ym9keT48L2h0bWw+ --===============8173707167414837337==-- From cathalgarvey@cathalgarvey.me Mon Oct 14 17:17:02 2013 From: Cathal Garvey To: cypherpunks@lists.ogf.org Subject: Re: Assassination Politics on Ycombinator Date: Mon, 14 Oct 2013 22:16:41 +0100 Message-ID: <20131014221641.48b4da6d@Neptune> In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2355196509858343522==" --===============2355196509858343522== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit > Reposted Jim's original at > http://cpunks.wordpress.com/2013/10/14/assassination-politics-199596/ > b/c too many young people didn't read it. --Michael Funny, I was just reading about restitutionary justice this morning. Reminded me of a longstanding thought process indicting "retributionary justice" for many of the failing in our societal system. That is, we punish people for things, expecting that the threat of punishment, or the experience of punishment, will prevent crime. But, it doesn't, at all. Assassination politics is just extreme retributionary justice. It's a lipstick-on-a-pig rebranding that's easy to sell to crypto-enthusiasts; "Look, we can use crypto to solve all societal problems, including keeping politicians honest!". To some extent it might, but it certainly wouldn't solve the problem as well as, er, most viable alternatives. It'll just breed a generation of smarter crooked politicians. On Mon, 14 Oct 2013 19:50:30 +0200 "jd.cypherpunks(a)gmail.com" wrote: > Reposted Jim's original at > http://cpunks.wordpress.com/2013/10/14/assassination-politics-199596/ > b/c too many young people didn't read it. --Michael > > > 14.10.2013 - 16:12 John Young : > > > Snapshot this morning: > > > > http://cryptome.org/2013/10/ap-ycombinator-13-1014-0944.htm > > > > > > > > --===============2355196509858343522== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjEuNC4xMiAoR05V L0xpbnV4KQoKaVFJY0JBRUJDZ0FHQlFKU1hGODVBQW9KRUwwaU5nU1lpNUNab1BvUC8xOHNVcFZ0 UkFlRG8vVFNLZkl1Q1pwbgpKNW9vL3NmMTlQSGh3Q3orRFMyUjM5Z1czRE4vMVZlQ1NRNFFmSXdZ aWF5VHdzdmg4YXlVa1BuTEtDR3FLTVMxCk9kakJYUVdZcXhSL1RGb0F1YWVJQml5R0x2UURwRTZK elZ6Q3k4bE03SDRZUEZXWWs2Ylk0OFErMFN1Z3lveXEKQ09vNFJ2WmtVK1BXUll6SlNhdU5xZ256 TFdkc1VYaUE3N2sxMGNCcHBwR1lRQlN6SERFU3JZZmFDNkRuQ09paQpyTHllRjIwanJOZVBEdGps UldHaGNMMlh6RlUxeGFnSTNEQUJ4YUt6MnNULzA5Vi81Snc2UlZmRzJRZDhxMVc0ClZMZ0pDQzNL SVlIbU9VcFZOSytmUExmcjlNTnArclI3OStDQjh0N0x1dFlZWGlUVWV0bjR6ZktqOW1GSnNFUWQK NzRKbXNYemVZM05ybnF2YkprMjlacWcrM1UxNmM2TTdaZDZqVlM1cUVxQnlrNkg3YW9XVnB2K3JV TGtscVdhWApITG1rcjFvTVBkRzJXQjZhM2tiNHd0cVcwV0drRjRidEdzelhVOVd2VExrZlNhOVJq Q2dYOE1abmU3WmFmbFZIClZEQ0IzYXR4RitpbktpSlJQeDVPdkZibnJPd1ZlcVVrQTBSQ2lVeW5F eUxxUmJkd2FSR2lPbHVYaEhCOXlzOHIKcWFUREMvM3BaTHFnQk53T21SNERGWWt6cU42b2tzTlFP N3MxbDhCNUdvVzRVNUlDbnc5Q0JOdTZsL2dJUFFNTQpKZGpBcGZUV3VlTEEyRWZNeW1tdm9wRFhm aUJyNGdkanJic29SeUc0RUc5NHB4S1M2TjhnbFE0L0paUVhkeTVhCjZxUUYxTitja1YxTGJsTjlJ dmpHCj1tNk56Ci0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo= --===============2355196509858343522==--