[tor-talk] Some thoughts about Tor Project

juanjo fornes juanjo at avanix.es
Sat May 21 21:17:00 UTC 2016

El 21/05/2016 a las 20:54, Moritz Bartl escribió:
> Hi juanjo,
> Welcome! :)
> On 05/21/2016 07:56 PM, juanjo wrote:
>> -A circuit should never have all hops from the same country: days ago I
>> was on a web with the latest version of Tor Browser and I advised all
>> hops from the circuit were from the same country. This is bad, since
>> with bulk data collection and traffic analysis this country could
>> deanonymize me easily.
> The decision is hard to make across all users. You want a uniform
> strategy for all 2 million+ users. Crossing country borders might
> actually make it legally and technically *more* easy for your adversary
> to collect and analyze traffic. If, say, all relays in your circuit
> happen to be on ISPs that peer with each other, there might not be a
> tapping device installed at all in between those. Internet routing is
> complex.
> But, yes, for many users it may be useful to cross borders. You seem to
> be interested in anonymity, so you will love
> http://freehaven.net/anonbib/ :-)
> http://freehaven.net/anonbib/#ccs2013-usersrouted is a quite good
> overview paper that looks at the problem you touch.

Well, Tor Browser by default chooses randomly the nodes which will be 
part of a circuit, so most of them actually are not from the same 
country. I don't understand your point here... there could be cases and 
users where crossing borders might be illegal or more dangerous, but I 
think most of the people who use Tor Browser by default, doesnt choose 
all hops from the same country... I think what most of the people needs 
to protect their anonymity is to choose nodes from different countries, 
or at least not all from the same country like happened to me.
Maybe we can work here on the Tor Browser config dialog and put there an 
option like "forbid to choose all hops from the same country" or even 
say "all hops from different countries".
>> cheap VPS to install Tor nodes, but I think thats bad. We should advice
>> Tor node operators to move their nodes to other countries if possible...
>> or even a campaign with crowdfunding to create more nodes in countries
>> where there aren't many...
> While I agree that for many users crossing borders might be useful, I am
> not sure this is the perfect strategy for everyone. We had a script to
> distribute donations that we receive as Torservers, and as a first
> approximation the money you would get would be higher if the exit relay
> was in a country with low total exit capacity. You might like it.
> Unfortunately it is buggy, someone should do a rewrite and potentially
> work in more criteria.
> https://github.com/torservers/exit-funding
> There is also http://www.tor-roster.org/ , a project that awards
> "points" based on some of the potential criteria.
As I said, maybe for some people crossing borders might not be a good 
strategy, but right now for most people I think it makes sense. But the 
problem is still the servers are in too few countries, and I think this 
is bad for all users... Just think that many european countries are 
starting to make laws against privacy and even considering bulk data 
analysis so if USA do this, Germany too and France too, like I said, 
most of the Tor users will be deanonymized... I will look into that exit 
funding code too, but I don't have much free time...
>> -Maybe we should think a way of introducing high latency features on
>> Tor, I know this is troublesome but we need to think a way to protect
>> people even if NSA and Europe works together against Tor users...
> Some time ago, researchers from Ruhr-University mentioned on tor-dev@
> that they were working on something like it. Pond was a similar
> experiment. I would love to see high-latency support integrated in Tor,
> but there's a lot of open research questions. Maybe, if you have time to
> dig into this, a great outcome would be to bug Tor developers and
> collect all the open questions and potential design decisions into a
> wiki page!
>> -What about Tor traffic obfuscation by default? I mean the traffic
>> between all Tor nodes. Will it help on something?
> You might like https://arxiv.org/abs/1512.00524 and
> https://blog.torproject.org/blog/critique-website-traffic-fingerprinting-attacks
> .
>> -More public libraries with Tor nodes. Great work with that, this
>> initiative should spread.
> It is slowly spreading :) Take it on and get in touch with local libraries!
>> And maybe how Tor Browser users can help the
>> network in the future being a relay...
> https://www.torproject.org/docs/faq.html.en#EverybodyARelay
>> -I heard making a pluggable transport work in a privileged port (less
>> than 1024) is a hard work. we have to fix it.
> It's worse, the instructions on the website are quite outdated. It's a
> surprise we even have bridges with latest pluggable transports...

I think that should be a priority right now: this works against 
censorship and even could work against traffic analisys... I can't help 
developing anything here, but maybe if I have time, I can work on the 

>> -Better node testing: I think some people is working on this already. I
>> mean more and better ways to test if a exit node is a bad exit, or if
>> any other node is making traffic shaping attack.
> Yes, this is actively being worked on.
>> So this is it. Thank you all again for all your hard work and see you in
>> other time.
> Great feedback, great questions and comments! Spot on! :)

Yes, I will work spreading the word about privacy, why it is important, 
the Tor Project, etc...

More information about the tor-talk mailing list