tor-dev

tor-dev@lists.torproject.org

3581 discussions

7th and last status report for OnioNS
by Jesse V 28 Aug '15

28 Aug '15

Happy Friday everyone, This is my last status report for the Summer of Privacy program, but I think I can end my reports on a good note. * At the suggestion of several people, I rewrote the networking infrastructure. Before, OnioNS-client and OnioNS-HS contacted the servers over Tor circuits, and OnioNS-server sent messages to each other over unencrypted TCP/IP links P2P-style. Now, the servers bind to localhost and are powered by hidden services, so all server-server communication occurs Ricochet-style. This is superior because it provides a significant increase to network attacks, works around the problem of distributing another TCP port in the consensus, and allows Tor relay administrators to run OnioNS servers without having to punch yet another hole in their firewall. I don't need anonymity for server P2P communication, so I will certainly be using the single onion service infrastructure when it becomes available. * All OnioNS servers now manage Ed25519 keypairs. In my design, authoritative Quorum servers will use their key for authenticated denial-of-existence and to prevent regular name servers from forging responses, but this infrastructure is not fully in place yet. When OnioNS merges into Tor, this keypair would be each router's signing key or at least a keypair signed by the signing key. * Servers now save newly-received Records to disk to prevent them. The cache file is loaded when the server starts up. * OnioNS-HS now saves newly-validated Records to disk before attempting to upload them. This is incredibly handy to prevent having to re-preform all the proof-of-work if the upload fails. * OnioNS-HS no longer has a dependency on little-t-tor. As s7r wisely points out, some people may have installed tor from git. I also added a flag to specify the number of worker threads, which can help reduce the system requirements if the HS is hosted on a VM with minimal system resources. * OnioNS-client no longer logs all Tor Browser activity. I used this for debugging, but it's no longer worth compromising user privacy. The software also correctly shuts down when the Tor Browser closes; in the process of fixing this I also discovered that it's not a good idea to misinterpret the documentation and run an application containing "kill(0, SIGTERM);". The result was quite unexpected. * In addition to intercepting all *.tor domains, OnioNS-client now rewrites "check.torproject.org" to another domain that shows that OnioNS is enabled in the browser. Before, users had to visit "example.tor" to confirm that the OnioNS software is running, but this was problematic because if OnioNS wasn't running, they get an error message because their exit node cannot resolve "example.tor" on the Internet DNS. Now these failures no longer leak. * I've stopped packaging my own build of jsoncpp, so I added a dependency for a system installation. Fortunately, Ubuntu/Mint, Debian, and Fedora all have that library in their repositories. * Logs now include the date and time, which is quite handy. * Numerous bugfixes, most notably I fixed the bug where the recipient would fail to understand a message longer than 500 bytes. To summarize the state of the project at the end of the SoP program: * All of the infrastructure for OnioNS is in place. There are still a few protocols left to finish off, but all big tasks are complete. The client-side and HS-side software is pretty reliable and stable at this point. * Although the software lacks in-line documentation, I have gone to great lengths to increase its readability and overall organization. * OnioNS runs just fine on Debian, Ubuntu, Mint, and Fedora, although I do not have any support for Windows or OS X. I'm asking for help from any Windows developer to help port the client software over there, please talk to me about that. * I have full intentions of continuing to maintain the OnioNS project. Please keep an eye on https://github.com/Jesse-V?tab=repositories and I will post here when I push out releases. I'm very close to the next beta test. * Once the OnioNS software is fully ready, no modifications to Tor should be necessary to merge OnioNS into the Tor network. Thanks everyone for the help, it's been a great summer project! Jesse V.

1 0

patch to improve consensus download decompress performance
by starlight.2015q3＠binnacle.cx 28 Aug '15

28 Aug '15

3 2

Triaged some TorCoreTeam201508 tickets; please review
by Nick Mathewson 26 Aug '15

26 Aug '15

Hi! I've moved all the TorCoreTeam201508 tickets to TorCoreTeam201509 or out entirely. I've also moved some of them to the 0.2.8 milestone, and tentatively assigned the PostFreeze027 ticket to others. If I'm wrong about any of those, please feel free to fix 'em! Now I'm moving on to the 0.2.7 milestone as a whole. In general, any ticket in 0.2.7 that isn't tagged with PostFreeze027 is not going to be a candidate for merge after 1 Sep, so please keep that in mind. (You can add the tag to your own tickets if you want, but please do so judiciously and in moderation.) cheers, -- Nick

1 1

FSCONS CFP extended
by tordevmuc＠encambio.com 26 Aug '15

26 Aug '15

Hello list, Organizers of the Free Society Conference and Nordic Summit (FSCONS) taking place in Goeteborg, Sweden on 7-8 November have extended the CFP and seek speakers [1] for the event. Particularly relevant to us is the track: Everyday Crypto ...and being that at least one group friendly to Tor is already scheduled, it would be a welcome gesture to have a Tor lecture or workshop as well. Anyone interested in this should contact Stian (in Cc) with a speaking/workshop proposal. [1] https://fscons.org/2015/cfp.html Cheers, Michael

1 0

Hash Visualizations to Protect Against Onion Phishing
by George Kadianakis 26 Aug '15

26 Aug '15

Hello, this mail lays down an idea for a TBB UI feature that will make it slightly harder to launch phishing attacks against hidden services. The idea is based on hash visualizations like randomart [0] and key poems: ------------------- | o=. | | o o++E | | + . Ooo. | | + O B.. | | = *S. | | o | | | | | | | ------------------- The idea came up during a discussion with Jeff Burdges in CCC camp. This is a heavily experimental idea and there are various unresolved research and UX issues here, but we hope that we will motivate further study. The aim is to make it harder to phish people who click untrusted onion links. Think of when you click an onion link on a forum, or when a friend sends you an onion URL. The problem is that many people don't verify the whole onion address, they just trust the onion link or verify the first few characters. This is bad since an attacker can create a hidden service with a similar onion address very easily. There are currently ready-made scripts that people have been using to launch impersonation attacks against real hidden services. The suggested improvement here is for TBB to provide additional visual fingerprints that people can use to verify the authenticity of a hidden service. So when TBB connects to a hidden service, it uses the onion address to generate a randomart or key poem and makes them available for the user to examine. Here is an experimental mockup just to illustrate the idea: https://people.torproject.org/~asn/tbb_randomart/randomart_mockup.png The idea is that you hash (or scrypt!) the onion address, and then you make a visualization using the hash output. This forces the phishing attacker to generate a similar onion address _and_ similar hash visualizations. We assume that this will be harder to do than simply faking a similar onion address, which increases the startup cost for such an attacker. This is the basic concept. Now, here are some thoughts: - What hash visualizations can we use here? The SSH randomart is an obvious idea, and we can even have it colored since we are not in a terminal. Then we have the key poem idea, which generates a poem from a key. I don't think this is used by a deployed system currently. Then we could imagine music-based hash fingerprints, where the onion address corresponds to a small tune that is played when you visit an onion. Then there are even more crazy ideas like the "Dynamic Security Skins" paper [1]. So for example, TBB could generate a unique UI theme for each hidden service. - Of course, none of the above ideas is perfect. Actually most of them suck. For example, when it comes to randomart, many people are colorblind to some degree and most people are not good at recognizing subtle color differences. Furthermore, given a randomart, it's easy [2] to generate similar randomarts. However we hope that most of those similar randomarts will not correspond to a public key that is similar to the original one. When it comes to key poems, given even a moderately sized dictionary leads to pretty big poems. We are talking about poems of 24 random words, which is not something that most people can remember. Much more research needs to be done here. - Even though all these techniques are flawed in some way or another, we hope that by deploying them we increase the cost of the attacker. If a few of these techniques are implemented, a phishing attacker will have to spend time generating similar visualizations, because she does not know whether the user actually looks at them and which one the user prefers. Also, this feature only requires a TBB addon/patch and no modifications to the Tor protocol whatsoever, which makes it slightly easier to prototype and experiment with. - On the other hand, this might be a terrible idea for multiple reasons. From the UX perspective, it will confuse people who don't expect to see crazy visuals or poems on their browser. Our hope here is that this feature will be hidden by most users, and will only be used by people who understand it. However, this exact logic is what causes bad UI. Also, from a security perspective this might encourage people to not spend time to verify the whole onion address (currently 16 chars, but will be extended to 54 chars or so with prop224), and instead rely on the stupid randomart. Some real UX research needs to be done here, before we decide something terrible. - Finally, a positive thing with this idea is that it nicely complements directories of onion addresses like search engines and human-memorable systems. In the future, people who visit the same onion address using a search engine all the time, will have an extra way of verifying its authenticity. In any case, this is just a crazy pants idea, so please send your feedback to make it more useful, or to kill it completely! Cheers!~ [0]: http://undeadly.org/cgi?action=article&sid=20080615022750 http://users.ece.cmu.edu/~adrian/projects/validation/validation.pdf [1]: http://www.eecs.berkeley.edu/~tygar/papers/Phishing/Battle_against_phishing… [2]: http://www.dirk-loss.de/sshvis/drunken_bishop.pdf

9 11

Design for onionsite certification and use with Let's Encrypt
by Paul Syverson 26 Aug '15

26 Aug '15

Hi Alec, Seth, Peter, Mike, all, I'm enthused about the progress Alec reported about the Onion RFC for certs for onion addresses in recent tor-dev posts and elsewhere. I wanted to further discuss a design for binding .onion addresses with registered (route-insecure) addresses. This ties in to in-person discussions had with Seth, Peter, and Mike back in June about how this all dovetails with Let's Encrypt and Tor Browser, which is why I am also addressing this message to them directly. I hope they can comment on whether this design seems realistic in that regard and any major caveats, stumbling blocks, etc. I'll start with a description of goals and complementarity comments about readability of onion addresses themselves, and other recent tor-dev discussion topics. I did a partially related post to tor-assistants on one-sided onion services back in June that covered perhaps too many alternatives concerning onion services and too many goals and too much of the motivation, and none of that adequately separated. I think it left most scratching their heads. This is an attempt to be a bit narrower and hopefully clearer. Those not interested in even the briefly described motivations and background set out here can skip below to the high-level design itself. Goals, Caveats, Complementarity to other recently discussed related topics A main goal is to give people a way to provide route-secure access to their websites in somewhat the same way that the current certificate and https protocol infrastructure lets them provide data-secure access to their website. I would really like to have a version of this be an offering as part of obtaining a certificate from Let's Encrypt because I would like it to encourage people to offer route-secure versions of their sites in the same way that Let's Encrypt as currently put forth is meant to encourage them to offer data-secure versions of their sites. Having this built into something like Let's Encrypt should make it easy for users to set up onionsites to provide security for their websites. The design should to be neutral between double onion services (services where connections involve a Tor circuit from the client and a Tor circuit from the server, such as the currently deployed design) and single onion services (basically just having a Tor circuit from the client). There's a draft Tor Proposal by John Brooks, Roger Dingeldine, and me on single onion services that I believe John should be making available soon, but I want to leave such details aside. I'm taking single onion services as the paradigmatic typical case, but unless it creates a big problem I would like to assume both single and double onion services will be compatible. Obviously an onion service tied to a registered domain doesn't cover many important uses of onion services, but it should cover many existing use cases. Note also that wanting to offer network-location protection for a service can be compatible with having a registered domain name for that service (and whether or not there was any attempt to obscure information about the registrant of the domain name). In some cases it is not compatible, but not necessarily. I think this is basically complementary to ways to make onion addresses more readable, recognizable. I'm OK with whatever an address is that will be acceptable to the RFC and that maintains the current self-authenticating property (not getting into quibbles about computational strength of that self-authentication), as long as it remains something that will fit into a cert as described below. I'm also leaving as an extension mentioned at the end below, offering an onion service for someone's site but not associated with a domain name she has registered. (E.g. an onionsite tied to Mary's Wordpress Blog, with, e.g., the goal being more about guarantees of binding to Mary than about guarantees of binding Wordpress.) I think that is another important and useful case, which we discussed in our W2SP paper, but I'd like to mostly leave it aside for now. High-level Design Creating the DV Cert At least the same DV level of checking should occur as for existing registered domain names. So the email check should include the onion name that is being bound as well as the route-insecure name(s). For simplicity, I am assuming a single onion address and possibly a small number of registered domain names, although I'm guessing doing this for a similarly small number of onion addresses might be made to work as well. (I'm assuming no wildcards, but maybe I'm not being ambitious enough.) Besides a check at the registered-domain name(s) a check should also be made that the onionsite verifies association with the registered-domain site(s). It is not as reasonable to assume email infrastructure exists corresponding to the onion address is in place. Instead a validation query protocol will be needed that simply connects to the onionsite and asks if it is acceptable to certify association of the onionsite with the registered-domain(s). Only if all DV checks complete successfully should the CA be willing to issue the Cert. The cert obtained will have the onion address listed as a SAN (subjectAltName) in the certificate. Connecting to an onionsite by the client I assume that the default HTTPS-everywhere ruleset will be updated to include a direction of route-insecure addresses to onion addresses for sites that hold appropriate certificates. It would be reasonable to have this update occur initially along with the certification process. HTTPS-everywhere rules should differentiate whether they are being requested by Tor Browser or another browser. If by Tor Browser, I assume(?) the redirection is straightforward: If a Tor-Browser request is to connect to a route-insecure address, HTTPS-everywhere should redirect this to an onion address. At that point everything should proceed as normal for connecting to an onion address. If another browser it could be a setup config option whether clients can choose to be redirected via tor2web or simply always sent to a route-insecure address. I will assume for simplicity that all requests for route-insecure addresses by other browsers simply send to a route-insecure HTTPS address in the ruleset (if available). I'm going to also assume that requests for onion addresses for other browsers simply fail, although if the tor2web option was available and chosen at the time of setup, then there is another question how to offer this to the client, perhaps as an HTTPS Everywhere setting. Comments on the feasibility, usefulness, design etc. of the tor2web option would be bonus, but of course I'm most wanting to know about the viability of the most basic version of things. If the Tor-Browser request is to connect to an onion address, proceed as normal except that it can now be redirected by HTTPS Everywhere to an https connection to the address. Certified connection to such an onionsite should work and be indicated as normal for any site with a DV Cert. End basic description Web of trust extension W had suggested in the w2sp paper that people could bind their route-insecure address to their onion address with a gpg key. One rationale is that there is an existing web of trust that can be leveraged, and existing mechanisms to do the verification. This would allow not just securing of human-meaningful addresses and connections but also certification by more human-meaningful trust relations than the usual CA. It also allows things like binding a wordpress blog to an onion address as mentioned above so people need not have a registered domain to have a human-meaningful address for a route-insecure site for which they would like to offer a route-secure alternative. Drawbacks include: 1. There is no simple automated significant infrastructure to support this. The Monkeysphere plugin is out there, and would probably be leveraged to support something like this, but... 2. PGP/GPG remains something of a geek tool. That is possibly changing slowly, but perhaps it would be better not to wait for that. Also, it's yet another thing to learn about, so... If onion keys could be themselves linked in a PGP-like web of trust, then this could be more directly relevant and meaning to people operating on the web, especially those unfamiliar with PGP-like notions. This would of course require things like the check and indication being either built into the browser or as a plugin. And it would similarly for people deciding when to sign another's key require an easy interface and easy to understand criteria as well as mechanisms for that to all happen securely. I think this holds more hope for successful widespread web of trust to complement the X.509 type trust hierarchy that the PGP plan would support. How to decide whether a site is trusted depending what each of these trust mechanisms indicate would also need to be worked out and might again be configurable with standard defaults.

3 3

Video of my presentation on domain fronting (PETS 2015)
by David Fifield 26 Aug '15

26 Aug '15

My presentation on domain fronting (the meek pluggable transport in Tor), which I gave at PETS 2015 on June 30, 2015, is online. This page has the video and a copy of the slides. It is about 17 minutes long. https://www.bamsoftware.com/talks/fronting-pets2015/ Here is the paper on which the talk is based, by Chang Lan, Rod Hynes, Percy Wegmann, Vern Paxson, and me: https://www.bamsoftware.com/papers/fronting/

1 0

[Measurement Team] Next IRC meeting happens on Wednesday, Aug 26, 14:00 UTC in #tor-project
by Karsten Loesing 25 Aug '15

25 Aug '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello list, This is an announcement/reminder that there will be an IRC meeting of the Measurement Team on Wednesday, August 26, 2015, 14:00 UTC in #tor-project https://www.timeanddate.com/worldclock/fixedtime.html?iso=20150826T14 Talk to you tomorrow! All the best, Karsten -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJV3IStAAoJEJD5dJfVqbCr0NYIAK00hHH1HjxkjNGyjnJuAfyV 6XpSzI4zGLPNuuG5+rap3yGnYo/LgsvE4mfGfMGIfk4FWJ6mEC//rh0b/F6BgDsm lKfIG4FBaPkkjWHn/jTPfbSdHSc/6P3tXjM4M2ZJ1Kj28axmD3nIwAP7miRRQK5C fEq5WuKpmcW++rtJfuGml10pqOtMkbjgiTK41myVSqbWd4rdgix9A6siUcWY9Mkd ZDltyth1hDXuhDpmtBz3RuN6s4901KU6cc3ZrOk3mVUG/Eos6lfpThVkcIpRIUxz XrWPtQxUxBqOe2GuID/0pvZK4/n7R/nDldrOJ+QKd3ST5rgAVu2Q8CYo1a9YYoY= =qYpH -----END PGP SIGNATURE-----

1 0

[PATCH] Log malformed hostnames in socks5 request respecting SafeLogging
by Andreas Stieger 25 Aug '15

25 Aug '15

Hello, I found a warning-level message in socks5 code relating to malformed hostnames that did not respect the SafeLogging setting, breaking the rule of least surprise. Please review the attached simple patch. Andreas -- Andreas Stieger <astieger(a)suse.com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)

2 3

Updated aggregated data served by Metrics
by Karsten Loesing 25 Aug '15

25 Aug '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi devs, if you're fetching .csv files from Metrics or if you're interested in discussing future .csv files served by Metrics you should read on. (And if you're surprised that Metrics serves .csv files at all and want to learn more, tick the "Advanced" box under "Level" and take a look at all the pages of type "Data".) I just deployed a new data-aggregating module on Metrics that produces the .csv file here: https://metrics.torproject.org/connbidirect2-data.html That .csv file replaces the following .csv file which will go away in the future: https://metrics.torproject.org/connbidirect-data.html The main difference between the two files is that the new file contains daily aggregates whereas the old file contained raw statistics as reported by relays, which is why I added the aggregation step. So, that's news number one: if you're currently using that file for any reason, please let me know, and I'll try to help you generate the same data from CollecTor's data yourself. But the main reason for changing the format is that I wanted to separate the code to extract and aggregate statistics into a new Metrics module for better maintenance. And here's news number two: I'm planning to do the same with the following three .csv files: https://metrics.torproject.org/servers-data.html https://metrics.torproject.org/bandwidth-data.html https://metrics.torproject.org/torperf-data.html If you have any ideas for improving those data formats or adding closely related data while doing so, please let me know. Also, if you have ideas for adding new .csv files and new graphs based on them, I'd want to learn about that. Note that I might not be able to include all suggestions. But now's a much better time to make them than when I'm done replacing those three .csv files. (I'll also look through open Trac tickets before writing any new code.) Thanks! All the best, Karsten -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJV3DoyAAoJEJD5dJfVqbCroRgIAKL8lV6MkY+NQZcE7PkuVxzl lN/GadzzQVgN0bXzRw/qu10ds8yq7R3ir3z85OH2ojHxrSzrqK+7oZPpdhSELEvf jTE5Elr60G1YOGq1bw84v1eUoOnu4BfQOanPaIVG8Q8jzPCiIbGRhVOaWwR32gSf MFVphGwAjB+quz4I+63aPC/EPo0420QwnGSAEKpQiU4Cg2FJmj4NWGO/gkoQ0Xor 5hjJQGHKiwtzSUfiV+kGBaz65XPTLZv0od/IP6tCk6FAU8T1IphhANx8ZmWmlJas WlpoUzW+rRUQRY9bjkfDxRW5dRxt2EXTvoLLMlElUtnyCferX1g27TJQhwWjXNI= =n1mW -----END PGP SIGNATURE-----

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-dev