[tor-talk] Iran cracks down on web dissident technology

Paul Syverson syverson at itd.nrl.navy.mil
Mon Mar 21 19:39:52 UTC 2011 

On Mon, Mar 21, 2011 at 02:06:04PM -0500, Joe Btfsplk wrote:
> On 3/21/2011 10:07 AM, Paul Syverson wrote:
>> On Mon, Mar 21, 2011 at 02:43:22PM +0100, Anders Andersson wrote:
>>> In a scenario where the military actually
>>> would hide something in the source, all programmers working on the
>>> project would of course be in on it together. There are only a handful
>>> of them.
>> This is a reasonable concern, but I think you are oversimplifying the
>> assurance and risk management available to those who are not tech
>> savvy. If they are just going to look at one or two poorly researched
>> articles in a
>> blog/credentialed-news-publication/whatever-medium-you-want that
>> confirm their expectations, well there's not much more you can do to
>> help them. Whether they trust you or not, their beliefs will not be
>> very well grounded.  But if they do have the interest and time (lucky
>> them), they don't have to be able to read the source code themselves
>> or pay someone (and why trust the guy you are paying to read it
>> anyway?, and how do you know that this is the code running on all of
>> the relays out there?, or the code you downloaded, and ...)
>> There are good answers to the latter of these for people who
>> are tech savvy, but how do you get trust those answers short of
>> a significant self-education? Here are just a few of many possible
>> ways.
>>
>> The Tor source is available and people are encouraged to check it out,
>> but that's _not_ the whole story. Tor is also fairly well documented
>> (meaning that description of what the different parts of the source
>> code does is available) which encourages people to look at it more
>> than if it was just this pile of code goo to wade through.  And lots
>> of independent people _do_ look at the source code. One way you can
>> tell this is that they find mistakes, sometimes some fairly bad
>> ones. (Fortunately not too bad very often and generally fixed
>> quickly.) You can look at the posted history of the announced versions
>> https://lists.torproject.org/pipermail/tor-announce/ and see
>> acknowledgments of who found flaws and look them up. Lots of times
>> these are researchers at some reputed place. Lots of times these are
>> smart people with no credentials you would recognize. In either case
>> you could look them up and see who they are. Ask them their experience
>> reporting a flaw and getting it fixed and what their overall
>> impression of Tor is. You can do this even if you have no idea what
>> the flaw is that the release notes are saying they found or how the
>> Tor people fixed it.
>>
>> There's also lots of academic researchers looking at Tor all the time
>> (somewhat overlapping the people looking at the source) and poking
>> holes in the design, the deployment etc. testing its strengths and
>> weaknesses, suggesting improvements, which often do get incorporated.
>> This is also all well documented and vetted by publication in
>> peer-reviewed scientific venues. It is also work done at reputed
>> institutions of higher learning in various countries, if you want
>> to base anything on that. You could contact the authors of these.
>> There are also people at places you've never heard of if you don't
>> trust people at big institutions.
>>
>> If you don't know anyone you trust who is tech savvy, you could
>> contact your favorite computer science department by looking them up
>> on the web and ask around till you get directed to someone who knows
>> something about Tor and ask them.
>>
>> Yes, maybe someone bogusly directed you to a simulated website of
>> Enormous State University with fake phone numbers in it, and whoever
>> you talk to there might inadvertently link you back to the Tor cabal
>> rather than getting some random professor or savvy student's opinion,
>> and maybe all those publication venues and researchers and
>> universities are in on it, and the supposedly independent researchers
>> who found code flaws were also in on it (or sock puppets created by
>> Roger to create credibility). But at some point you have to look at
>> the size, diversity, and entrenchment of the conspiracy you think is
>> there. At some point there is only so much we can do to reassure
>> you. (I'm talking about reassuring you that there is no
>> conspiracy. That the stuff is good is a related but independent
>> question that the above suggested checks should help with.)  If the
>> above or some of the many other things you might do to check into it
>> yourself without needing to understand the technology doesn't convince
>> you, then probably you have already decided what to believe and no
>> evidence is going to change that.
>>
>> And yes there's always things to do to improve
>> transparency/trustability/usability/etc. People worth trusting
>> probably have a processes to do that and a relatively independent and
>> confirmable history of doing it.
>>
>> HTH,
>> Paul
>

Last comments for a while. (All I have time for, sorry.)  I'm just
going to respond to specific issues about system threats and the
like. I will not join in the speculation about what governments do or
why.


>
> 1st, a note.  I appreciate everyone's reply.  If some want to be a bit 
> insulting or sarcastic, that's OK.  I'm not highly technically savvy in 
> source code, but I've lived a long time & know a lot about typical modus 
> operandi of many govts.   I've read all up thru Klaus Layer's post.
>
> 2nd, my reference to a TRUE back door in open source software was fairly 
> tongue in cheek.  However, * software is only part of the the Tor system.*  
> Responders are assuming I meant the ONLY way * any * govt could "crack" Tor 
> is thru the software itself (or a back door, etc.). 

That's why I mentioned design, code, deployments, what the nodes
are running, etc. These are all subject to well documented scrutiny,
(and could of course use more and better scrutiny).

>  That's not what I 
> meant at all - sorry if I gave that impression.  There are lots of exit 
> nodes, for * one * instance.  There's lots of eaves dropping on exit nodes. 
>  There are probably ways inconceivable to most, how govts could get info 
> from Tor communication.  Tell me this:  what other form of communication is 
> off limits anymore in many counties, that govts monitor (constitutionally 
> or not)?  I am NOT anti-govt, nor am I completely blind.
>

Yes. This was an acknowledged tradeoff in design that is well discussed
and documented. And many people have tried to better assess its
significance and what to do about it. This connects to usability,
incentives to running a relay, many things. See for example
the original Tor design paper, also
Anonymity Loves Company: Usability and the Network
Effect. http://www.freehaven.net/anonbib/cache/usability:weis2006.pdf

I have done some work myself on understanding and trying to counter
endpoint eavesdroppers in both theory
"More Anonymous Onion Routing Through Trust"
www.cs.utexas.edu/~ajohnson/publications/trusted_sets-csf09.pdf
and practice
"AS-awareness in Tor Path Selection"
http://www.cs.rpi.edu/~edmanm2/ccs159-edman.pdf


> Axiom (or should be):  advanced governments have far more technological 
> ability & capability than 1) anyone knows; 2) the govtS (not just ONE ) 
> will EVER reveal; 3) than any university, institution or other very smart 
> individual or group will necessarily be able to detect, or certainly prove. 
>  Most of these are probably in the best interest of citizens.
> However, I feel comfortable saying, those thinking they know exactly what 
> govts are / are not technologically capable of, are deceiving themselves.  
> They call them "Top Secrets" for a reason.
>
> Fact:  Even if someone discovered any govt successfully monitoring 
> something like Tor, if they CHOOSE to, most any govt can shut down "whistle 
> blowers," university / private research, etc., on anything they consider of 
> national security, in an instant.
>
> Anders Andersson wrote:
>> They need a project like Tor as much as "we" do, if not more. They need ways to communicate with spies and dissidents located all over the world, they need a system that let their people do this without causing any suspicion.
>
> Maybe, but I'm asking why any govt would create a system that it can't 
> control, that could be used by its enemies to do as much or more damage, as 
> the good the govt gets from it?  That's one HUGE problem w/ the concept 
> that DoD / NRL created or continues funding anything * like * Tor (not JUST 
> Tor).  If they truly have no way of figuring out who's using a 
> communication method, what users are saying or any other means of 
> identifying something about (Tor) users , they have created & still funding 
> a WEAPON for the enemy to use against them.  Can't help wondering about 
> that.
>
> You can't have it both ways.  Either they can't & enemies are using it (or 
> similar) to plot against MANY govts, or they can & users in "free" 
> countries don't have nearly the privacy they think.  Is the DoD / NRL that 
> stupid?  Possibly - don't know.  But if those saying it is basically 
> impossible for any govt to get useful info from Tor communication are 
> indeed correct, it defies logic any govt would do such a thing.  Or is it 
> that they shortsightedly created something they thought would only benefit 
> them, & now the enemy is using it against us?  Pandora's box is open?
>
> Paul Syverson wrote:
>> If they are just going to look at one or two poorly researched
>> articles...
> One or 2... poorly researched?  Over several yrs, I think there're numerous 
> reputable instances of serious flaws discovered in Tor.  Sure, they're 
> patched when announced & confirmed.  I'm also sure it will be an ongoing 
> problem, hence part of my concern.
>
> Paul, it's NOT just the software 

Addressed above and in previous messages.

> - I'm sure that's regularly, independently 
> examined.  ONE thing no one knows, for instance, is what capability govts 
> have once communication leaves exit nodes. 

Also addressed above. Not claiming it's completely understood,
but I am claiming it is being publicly examined.

 Advanced govts aren't prone to 
> shooting themselves in the foot.  What some are indicating or at least 
> intimating here, is the US created something (maybe unintentionally) the 
> enemy can NOW use against many countries AND they are still funding it.  
> Does that make sense?  Not to me - w/o some reasonable facts, such as why 
> enemies can't use it against govts.
>
>> _______________________________________________
>> tor-talk mailing list
>> tor-talk at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

More information about the tor-talk mailing list