The counter they made has a good point, that you really don't know who is using it; but to suggest that means it's entirely used by criminals is also ridiculous. What can be known is *how* TOR is being used by setting up studies at exits and seeing what kind of services people are connecting to. From that, some inference of *who* is using TOR is possible. Maybe it's the same guy buying cocaine from a black market seller that posts articles on a civil rights abuses site, but it would be silly to make that assumption.
From the usage stats I've seen, the TOR website paints a prettier picture than the truth, but at the same time opponents paint a significantly darker one.
On 05/03/2017 05:00 AM, tor-relays-request@lists.torproject.org wrote:
Good morning,
I recently presented to a group of ten local police chiefs on the topic of Tor and its more common, though less publicized, civil usage, as opposed to the more publicized criminal usage. During my presentation I emphasized this fact, and they countered that because its usage is entirely anonymous, it is reasonable to assume that it could be used entirely by criminals and none of the oppressed as I had claimed.
Which brings me to my question. Other than private individuals saying "Hey, I use Tor for X", how does the overall network know what the network is used for, even approximately?
Make your day great, Isaac Grover, Senior I.T. Consultant Aileron I.T. - "Practical & Proactive I.T. Solutions"
O: 715-377-0440, F:715-690-1029, W: www.aileronit.com
What can be known is *how* TOR is being used by setting up studies at exits and seeing what kind of services people are connecting to.
Please don't do that, or suggest doing that. Sniffing or inspecting exit traffic may be illegal in some jurisdictions, and will result in the BadExit flag.
On Wed, May 3, 2017 at 7:27 PM, tor tor@anondroid.com wrote:
What can be known is *how* TOR is being used by setting up studies at exits and seeing what kind of services people are connecting to.
Please don't do that, or suggest doing that. Sniffing or inspecting exit traffic may be illegal in some jurisdictions, and will result in the BadExit flag.
How is this even possible? Surely, sniffing or inspecting traffic is inherently passive?
What can be known is *how* TOR is being used by setting up studies at exits and seeing what kind of services people are connecting to.
Please don't do that, or suggest doing that. Sniffing or inspecting exit traffic may be illegal in some jurisdictions, and will result in the BadExit flag.
How is this even possible? Surely, sniffing or inspecting traffic is inherently passive?
Ignoring the legal implications for a moment, and also the logical issue of how you'd "study" exit traffic and publish your findings without basically admitting to the world you've been intercepting users' traffic...
From the level of the Tor network and its directory authorities, I think it's only feasible to detect sniffing when "sslstrip" style attacks are used. I.e., it's possible to detect man-in-the-middle attacks where SSL is in place. I know this has been used to detect and flag bad exits in the past. I am not aware of trivial methods to detect passive sniffing of unencrypted traffic.
On 03.05.2017 19:07, Jivan Amara wrote:
What can be known is *how* TOR is being used by setting up studies at exits and seeing what kind of services people are connecting to.
Keeping logs of Tor related traffic on nodes -- a prerequisite for analysing behaviour -- is not only a bad idea that weakens anonymity, but is also potentially illegal.
Service providers can evaluate the percentage of incoming connections from Tor exit nodes (exit lists are publicly available), but Tor nodes should never keep a record of the source or destination of the traffic they're routing, or of DNS lookups.
-Ralph
tor-relays@lists.torproject.org
-
Anders Andersson -
Jivan Amara -
Ralph Seichter -
tor