[tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 22 15:22:01 UTC 2016

#18361: Issues with corporate censorship and mass surveillance
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |

Comment (by jeffburdges):

 Just to clarify : Adding auto-pay support to Taler is basically the same
 solution being discussed internally at CloudFlare.  We just have working
 blind singing code that runs in the browser already done.  :)

 These CAPTCHAs won't be so annoying if you solve one CAPTCHA for x page
 loads access everything, even across TBB sessions.  As opposed to one
 CAPTCHA per domain per TBB session.  It's just amortizing the CAPTCHAs

 ioerror, I agree that tokens for merely viewing web pages is extreme.  We
 should absolutely continue lobbying CloudFlare to apply their filters more
 precisely.  We do still need a token based scheme for anything that
 triggers SQL though because asking Tor users to solve a CAPTCHA anytime
 they want to post anything is also extreme.

 Also, one could imagine issuing tokens in other ways besides CAPTCHAs once
 we have an auto-pay blind singing based infrastructure deployed.  I
 dislike most idea in this space, like a facebook app that gives you
 CloudFlare tokens.  ;)

 As an aside, there is an interesting anonymous white/black listing
 protocol implicit in Taler's refresh protocol : If you do not miss behave
 then you get your token refunded, meaning far fewer CAPTCHAs.  I think
 refreshing tokens offers stronger anonymity than all the anonymous
 white/black listing protocols that I've seen in the literature (see Isis'
 comment, although I haven't read BLACR).  It's even post-quantum.  Now
 Taler's refresh protocol costs 3ish RSA signatures, while a simpler coin
 refresh costs only one, but Taler's refresh helps obstruct a market token
 distribution though.  I can explain all this in person if you like, but
 probably any near term deployment would avoid refreshing entirely.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:55>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list