I recently ran across several articles related to the NSA's attempts at cracking Tor and de-anonymizing its users. They are after terrorists and other individuals who seek to do harm of course, but their work obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities. So far, it appears that the cryptographic standards and protocols implemented by the Tor devs appear to be holding, which I find interesting. The NSA has been trying other methods to figure out Tor, including identifying and then infecting user machines, trying to control/hijack the Tor network, or by influencing the network as a whole, and they've had a very small amount of success, but not much. One thing that was especially interesting to me (and I expect to everyone on this mailing list) is that they are trying to control more relays via cooperation or direct access, which can then be used for timing attacks or disruptions to the users. They are also trying to shape traffic to friendly exits. For anyone interested, I would highly recommend these links: http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-pres... http://www.bbc.co.uk/news/technology-24429332 http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-enc...
Also, from http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-int... it appears that their opinion of Tails is that it "adds severe CNE misery to [the] equation". These are all highly informative articles, and it appears that Tor is remaining resilient to their efforts, as long as people (including relay/exit operators) use the latest software, remain aware that Tor doesn't protect them in all aspects, and as long as there are enough non-NSA relays and exits (we need more!) such that everything they see still remains encrypted and anonymous. Interesting I say.
Jesse V.
Noob question here, I have some servers on the net one of which is not too busy. How much bandwidth on average does a Tor gateway eat up in a month? And will that Tor gateway still remain anonymous even if I run other 'Public' services on the same server?
R.M.
On 10/08/2013 03:23 PM, Jesse Victors wrote:
I recently ran across several articles related to the NSA's attempts at cracking Tor and de-anonymizing its users. They are after terrorists and other individuals who seek to do harm of course, but their work obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities. So far, it appears that the cryptographic standards and protocols implemented by the Tor devs appear to be holding, which I find interesting. The NSA has been trying other methods to figure out Tor, including identifying and then infecting user machines, trying to control/hijack the Tor network, or by influencing the network as a whole, and they've had a very small amount of success, but not much. One thing that was especially interesting to me (and I expect to everyone on this mailing list) is that they are trying to control more relays via cooperation or direct access, which can then be used for timing attacks or disruptions to the users. They are also trying to shape traffic to friendly exits. For anyone interested, I would highly recommend these links: http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-pres... http://www.bbc.co.uk/news/technology-24429332 http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-enc...
Also, from http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-int... it appears that their opinion of Tails is that it "adds severe CNE misery to [the] equation". These are all highly informative articles, and it appears that Tor is remaining resilient to their efforts, as long as people (including relay/exit operators) use the latest software, remain aware that Tor doesn't protect them in all aspects, and as long as there are enough non-NSA relays and exits (we need more!) such that everything they see still remains encrypted and anonymous. Interesting I say.
Jesse V.
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi Raistlin,
How much bandwidth on average does a Tor gateway eat up in a month?
You can set the maximum amount of bandwidth you'd like it to use in the config file.
And will that Tor gateway still remain anonymous even if I run other 'Public' services on the same server?
The tor relay isn't anonymous - its IP address will be widely shared. It's used to keep tor users anonymous. Unless you're referring to hidden services, in which case the answer is 'yes', I think, as long as you're careful not to leak anything between the hidden service and the public ones.
Nick
On 2013-10-08 23:10, Nick wrote:
And will that Tor gateway still remain anonymous even if I run other 'Public' services on the same server?
The tor relay isn't anonymous - its IP address will be widely shared. It's used to keep tor users anonymous. Unless you're referring to hidden services, in which case the answer is 'yes', I think, as long as you're careful not to leak anything between the hidden service and the public ones.
No, the answer is "no": an attacker will be able to correlate non-availability periods of the public services and the hidden service and thus deanonymise the hidden service.
Benedikt
Let me try another way of asking that first question .. how much bandwidth is required for the relay to be useful?
R.M.
On 10/08/2013 05:10 PM, Nick wrote:
Hi Raistlin,
How much bandwidth on average does a Tor gateway eat up in a month?
You can set the maximum amount of bandwidth you'd like it to use in the config file.
And will that Tor gateway still remain anonymous even if I run other 'Public' services on the same server?
The tor relay isn't anonymous - its IP address will be widely shared. It's used to keep tor users anonymous. Unless you're referring to hidden services, in which case the answer is 'yes', I think, as long as you're careful not to leak anything between the hidden service and the public ones.
Nick _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Quoth Raistlin Majere:
Let me try another way of asking that first question .. how much bandwidth is required for the relay to be useful?
Search the mailing list archives for guidance on that. IIRC something like 50KiB/s is a useful minimum, but I may be misremembering.
Raistlin Majere:
Let me try another way of asking that first question .. how much bandwidth is required for the relay to be useful?
See “Is it worth running a relay on a home broadband connection?” in https://lists.torproject.org/pipermail/tor-talk/2013-July/028996.html
Roger Dingledine drew the cut [23]: “at this point if you‘re at least 800kbit (100KBytes/s) each way, it‘s useful to be a relay.”
[23] https://lists.torproject.org/pipermail/tor-relays/2013-July/002255.html
On 13-10-09 12:24 PM, Lunar wrote:
Raistlin Majere:
Let me try another way of asking that first question .. how much bandwidth is required for the relay to be useful?
See “Is it worth running a relay on a home broadband connection?” in https://lists.torproject.org/pipermail/tor-talk/2013-July/028996.html
Roger Dingledine drew the cut [23]: “at this point if you‘re at least 800kbit (100KBytes/s) each way, it‘s useful to be a relay.” [23] https://lists.torproject.org/pipermail/tor-relays/2013-July/002255.html
The other half of that answer to an FAQ is, for those who dont have that sort of bandwidth to share, it is still worthwhile to run a bridge. Bridges are supposed to be lesser known and have lower consequences to the network if one of them is exposed, but can be life-saving to Tor users who need one.
On 10/08/2013 10:19 PM, Raistlin Majere wrote:
Noob question here, I have some servers on the net one of which is not too busy. How much bandwidth on average does a Tor gateway eat up in a month? And will that Tor gateway still remain anonymous even if I run other 'Public' services on the same server?
I don't know what exactly you mean by "gateway". If you are talking about a Tor node that forwards traffic for other Tor users, these are called "Tor relays".
A Tor relay takes whatever bandwidth you are willing to provide. You can use the "Bandwidthrate" configuration option (note that it limits throughput per direction). A relay is not anonymous by itself, it will be listed in the public documents -- all Tor clients need to know all Tor relays, both address/port and public key, so they can build paths through these relays. So, by running other services on the same server, you are not harming the anonymity Tor provides to users (relays cannot be anonymous in their function as relays).
You can also choose to run a "bridge", which is an unpublished Tor relay that can be used by clients that are manually configured to use your address as entry into the Tor network.
I would advise to read the Torproject website first before you go ahead.
On 10/08/2013 11:19 PM, Raistlin Majere wrote:
Noob question here, I have some servers on the net one of which is not too busy. How much bandwidth on average does a Tor gateway eat up in a month? And will that Tor gateway still remain anonymous even if I run other 'Public' services on the same server?
R.M.
Bandwidth consumption is easily configurable. Normal Tor relays are publicly known. If you don't want this, but still want to contribute to Tor network you could run a Tor bridge : https://www.torproject.org/docs/bridges.html.en
On 13-10-08 03:23 PM, Jesse Victors wrote:
... obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities.
Could you give some evidence for what "vast majority" means in terms of percentages? How are you getting such data?
On 10/09/2013 05:40 AM, krishna e bera wrote:
obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities.
Could you give some evidence for what "vast majority" means in terms of percentages? How are you getting such data?
There can never be "proof", and I don't have hard statistical evidence, but estimating from the number of bytes our (exit) relays pushed in the last years, compared to the amount of abuse reported (or, police requests, for that matter), I tend to agree with that statement.
On Wed, Oct 9, 2013 at 3:07 AM, Moritz Bartl moritz@torservers.net wrote:
On 10/09/2013 05:40 AM, krishna e bera wrote:
obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities.
Could you give some evidence for what "vast majority" means in terms of percentages? How are you getting such data?
There can never be "proof", and I don't have hard statistical evidence, but estimating from the number of bytes our (exit) relays pushed in the last years, compared to the amount of abuse reported (or, police requests, for that matter), I tend to agree with that statement.
True. If one took the total of all traffic/flows passed, and divided that by the amount of traffic/flows of the average user (or simply counted users), the result will certainly be far more than the number of problems. Whether that ratio is tilted in one direction or the other when compared with the internet would be hard to test without examining traffic or drafting other estimates, but the problem ones are still a reasonably minimal fraction from the perspective of the operator. ie: 5M users/day are generating how many reports again... 50? 500? 5000? That's barely a fraction of a percent. Of course, as with the internet, misbehavior rates are obviously much higher than report rates, but that's a discipline problem not a criminal one.
On Tue, Oct 08, 2013 at 11:40:37PM -0400, krishna e bera wrote:
On 13-10-08 03:23 PM, Jesse Victors wrote:
... obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities.
Could you give some evidence for what "vast majority" means in terms of percentages? How are you getting such data?
This is bad advice, don't do it, but if you vgrep tcpdump on an exit the eyeballs will give you an estimate. I have no idea what you would see.
On Tue, 2013-10-08 at 23:40 -0400, krishna e bera wrote:
On 13-10-08 03:23 PM, Jesse Victors wrote:
... obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities.
Could you give some evidence for what "vast majority" means in terms of percentages? How are you getting such data?
I think that we first need a clear definition what "legal" means or what "proper activities" are. The core problem is, that the definition of these terms can differ a lot (e.g. from country to country but even from person to person inside a country. At least the interior minister of germany seems to have some strange ideas :) ).
And I just read a news article of a german publisher (Heise) about NSA and what they do and I understood it that NSA is claiming to just check on non US citizens or illegal things. The "owner" of the data that is sent between 2 tor nodes cannot be identified so when the NSA attacks any tor traffic there must be some kind of understanding, that using the tor network already is something illegal in the minds of these people.
At least that was, what I understood when I was reading this article.
With kind regards,
Konrad
tor-relays@lists.torproject.org