[tor-talk] Iran cracks down on web dissident technology

Mike Perry mikeperry at fscked.org
Tue Mar 22 05:09:43 UTC 2011


Thus spake Joe Btfsplk (joebtfsplk at gmx.com):

> On 3/21/2011 2:39 PM, Paul Syverson wrote:
> >On Mon, Mar 21, 2011 at 02:06:04PM -0500, Joe Btfsplk wrote:
> >Last comments for a while. (All I have time for, sorry.)  I'm just
> >going to respond to specific issues about system threats and the
> >like.

> I don't pretend to know the answers, but know when to ask questions.  
> For all I know, the US wants the enemy to use Tor for plotting, thinking 
> they're anonymous, when they're not.  No one's answering my specific 
> questions, possibly because if they knew them, they'd be in top level 
> govt positions, sworn to secrecy.  For those doubting any of this has 
> any merit, are you still waiting for them to find WMDs in Iraq?

Despite Lucky closing the thread in response to your conspiracy theory
in favor more productive matters, I didn't get enough sleep last night
to be productive, so I feel like trying to inject some reason into
this thread.


To distill your argument down, you've said so far:

1. Tor was/is funded by a government.

2. Governments only act out of self-interest.

3. Governments often have ulterior movies.

4. Governments have inconceivable power.

You've argued that #1, #2, and #3 together means that Tor cannot be
trusted. It appears we may have dissuaded you from this, because of
the fact that so many other individuals and entities have also had a
hand in Tor research and development.

You seem to have somewhat independently argued that #4 means that Tor
cannot be trusted against (any) large government(s). This,
unfortunately, may be true for some governments. Extremely well funded
adversaries that are able to observe large portions of the Internet
can probably break aspects of Tor and may be able to deanonymize
users. This is why the core tor program currently has a version number
of 0.2.x and comes with a warning that it is not to be used for
"strong anonymity". (Though I personally don't believe any adversary
can reliably deanonymize *all* tor users, for similar reasons as
detailed here: http://archives.seul.org/or/dev/Sep-2008/msg00016.html
but attacks on anonymity are subtle and cumulative in nature).


The goal of Tor is to balance the interests of as many different
parties as possible to provide distributed trust, and to raise the
amount of resources that any one adversary must have before it can
compromise the network. Academic research also focuses on ways to
improve the network characteristics of tor to defend against
wide-scale observation (think dummy traffic and Paul's topology
research), but so far none of these approaches has proved either
robust or lightweight enough to actually deploy.

In fact, the best known way we have right now to improve anonymity is
to support more users, and more *types* of users. See:
http://www.freehaven.net/doc/wupss04/usability.pdf
http://freehaven.net/~arma/slides-weis06.pdf

This is also why it is not the case that point 2 means that Tor is
necessarily broken just because The Tor Project has done the legwork
to show these and other groups how a robust Tor is useful for them.
The Tor Project has done this because every new entity that believes
Tor is useful makes Tor stronger and more anonymous for every other
entity.

Most of the governmental entities that like Tor either like it because
they use it (think FBI stings, investigative research, and soldiers
deployed overseas), or because they understand that a "liberation
technology" like Tor is both great PR for them, and a great tool in
diplomacy and statecraft, to deploy in countries where it is clear
that better information flows will weaken or even topple unfriendly
rulers.

These are good enough first-order benefits to discount some ulterior
bait-and-switch conspiratorial motives, I believe. Couple this with
the fact that the real serious "cybersecurity" threats come not from
tor, but from sophisticated, well funded adversaries that have their
own botnets that can leverage the same properties of the Internet
that tor leverages, regardless of tor's existence.

Once this is understood, there isn't really a whole lot of downside to
government entities encouraging a stronger Tor that these entities
don't already have to deal with in other ways (such as better
information security).

Of course, it still is concerning that any entity that can fit into
argument #4 might be able to break tor, but hey, it's still 0.2.x.
We're working on it ;).



-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20110321/3867e3da/attachment.pgp>


More information about the tor-talk mailing list