[tbb-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 22 11:59:41 UTC 2016

#18361: Issues with corporate censorship and mass surveillance
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |

Comment (by cypherpunks):

 Replying to [comment:5 willscott]:
 > Replying to [comment:1 marek]:
 > > > There are CDN/DDoS companies in the internet that provide spam
 protection for their customers. To do this they use captchas to prove that
 the visitor is a human. Some companies provide protection to many
 websites, therefore visitor from abusive IP address will need to solve
 captcha on each and all domains protected. Let's assume the CDN/DDoS don't
 want to be able to correlate users visiting multiple domains. Is it
 possible to prove that a visitor is indeed human, once, but not allow the
 CDN/DDoS company to deanonymize / correlate the traffic across many
 > >
 > > In other words: is it possible to provide a bit of data (i'm-a-human)
 tied to the browsing session while not violating anonymity.
 > >
 > >
 > This sounds very much like something that could be provided through the
 use of zero-knowledge proofs. It doesn't seem clear to me that being able
 to say "this is an instance of tor which has already answered a bunch of
 captcha's" is actually useful. I think the main problem with captchas at
 this point is that robots are just about as good at answering them as
 humans. Apparently robots are worse than humans at building up tracked
 browser histories. That seems like a harder property for a tor user to
 > What sort of data would qualify as an 'i'm a human' bit?

 Let's be clear on one point: humans do not request web pages. User-Agents
 request web pages. When people talk about "prove you're a human", what
 they really mean is "prove that your User-Agent behaves the way we expect
 it to".

 CloudFlare expect that "good" User-Agents should leave a permanent trail
 of history between all sites across the web. Humans who decide they don't
 want this property, and use a User-Agent such as Tor Browser fall outside
 of CloudFlare's conception of how User-Agents should behave (which
 conception includes neither privacy nor anonymity), and are punished by
 CloudFlare accordingly.

 It might be true that there is some kind of elaborate ZKP protocol that
 would allow a user to prove to CloudFlare that their User-Agent behaves
 the way CloudFlare demands, without revealing all of the user's browsing
 history to CloudFlare and Google. Among other things, this would require
 CloudFlare to explicitly and precisely describe both their threat model
 and their definition of 'good behaviour', which as far as I know they have
 never done.

 However, it is not the Tor Project's job to perform free labour for a
 censor. If CloudFlare is actually interested in solving the problem, then
 perhaps the work should be paid for by the $100MM company that created the
 problem, not done for free by the nonprofit and community trying to help
 the people who suffer from it.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:29>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list