[tor-talk] "Remation" -- joint GCHQ/NSA meeting on Tor

Aaron aagbsn at extc.org
Sun Oct 6 18:48:43 UTC 2013

On Fri, Oct 4, 2013 at 11:55 PM, Andrea Shepard <andrea at torproject.org>wrote:

> On Fri, Oct 04, 2013 at 05:43:32PM +0200, Griffin Boyce wrote:
> >   There's been a really interesting document to come out of the Guardian
> > todhttp://
> www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-documenay
> :
> >
> http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
> >
> > Interestingly:
> >   - NSA/GCHQ was fingerprinting using Flash
> >   - They were wondering whether to flood the network with slow
> > connections in order to discourage users
> >   - Cookie leakage
> >   - Timing attacks
> >   - Supposed bug in TorButton mid last year
> >
> > There are some questions in my mind as to the legitimacy of this
> > document -- particularly given that a slide is marked 2007, but
> > references 2012. (In particular, neither Torservers nor TorButton
> > existed in 2007).
> >
> > Thoughts?
> I think "flood the network with slow connections" is a mis-read; they
> seemed to be speaking of slow nodes that falsely advertise high bandwidth,
> an attack which won't work since we now cap unmeasured bandwidths to
> 20 kbit/sec IIRC.
> Their evident interest in this sort of thing suggests we should examine
> the bwauth system more closely to be sure the node can't distinguish a
> bwauth measurement from other connections, though - otherwise they could
> still manipulate the path selection weights like that.

It's probably quite easy to distinguish bwauth measurements as the
measurement endpoints are hosted on the clearnet and even though bwauth
operators should be running their own measurement endpoint the file sizes
of bwauth fetches are a set size, nor does bwauth verify the content of the
files it fetches, nor the ssl certificates presented by the endpoints.

A few ideas:

1. enumerate a set of high bandwidth (CDN) download links that could be
used instead of hosting our own files. (bwauth could potentially choke the
download after a # of bytes have been fetched and use a popular large

2. That said,  I think it might be rude to use someone elses infrastructure
here. Is there a way that we can measure performance over directory fetches
without screwing up Tor user stats? Or, can tor provide a bandwidth
measurement endpoint internal to the relay?

3. fix the bwauth code to verify the certificates (either use global CA
best-effort 'trust' or pin the certs)


More information about the tor-talk mailing list