Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
The Internet Privacy Censorship Your Rights Online

EFF Promotes Freenet-like System Tor 379

An anonymous reader writes "The Electronic Frontier Foundation (EFF) just announced that it has become a financial sponsor of Tor, an open-source project to help people 'engage in anonymous communication online.' It sounds like a simpler version of Freenet, e.g. 'a network-within-a-network that protects communication from ... traffic analysis.' Like Freenet, the source-code is freely available and binaries exist for Windows, Linux, etc." Read on for more details.

The submitter continues "It also allows you to install Tor-aware apps, such as an HTTP proxy (for private browsing), or maybe private P2P? Unlike Freenet, it doesn't use massive encryption (as far as I can tell) and relies more on something called onion routing to randomly bounce requests between other Tor proxies, thus obfuscating the IP of the original client. So it allows you to browse regular Internet sites! Maybe it should be considered more of an 'open-source' Anonymizer? But I don't know if it's actually Open Source - you can download the source (and compile it yourself) but I don't know if the developers are letting anyone else touch their code. They are, however, looking for contributors and other forms of help. And, finally, they're hoping people will start running Tor servers!" It's open source, however contributions are handled.

This discussion has been archived. No new comments can be posted.

EFF Promotes Freenet-like System Tor

Comments Filter:
  • EFF makes me happy. (Score:5, Interesting)

    by The I Shing ( 700142 ) * on Wednesday December 22, 2004 @04:03PM (#11162328) Journal
    The EFF is a light in a dark wilderness. How amazing that a group of people so talented, experienced, and dedicated to digital liberty can come together and accomplish so much. Episode #74 [thislife.org] of This American Life [thislife.org] features EFF co-founder John Perry Barlow [eff.org]'s touching account of a romance that blossomed between him and a wonderful woman he met at a convention. (Computer geeks take heed... play this story for a girl you fancy and see if it softens her heart.)
  • If they really want (Score:3, Interesting)

    by Neil Blender ( 555885 ) <neilblender@gmail.com> on Wednesday December 22, 2004 @04:04PM (#11162337)
    If they really want to sniff you, what is to stop them from sniffing at that unavoidable first hop?
    • by Gorny ( 622040 )
      There are some trusted nodes which serve as the starting point. You can also add your own trusted nodes if you're sure they're trustworthy.
      • by Anonymous Coward on Wednesday December 22, 2004 @04:12PM (#11162435)
        It's more than that; the entry nodes don't have to
        be trusted. Your communications with them are
        encrypted and they know only the next hop in the
        circuit -- they do not know the exit node and they
        do not know the content of your communication.
    • If the network were encrypted then you could simply argue that the packet wasn't yours and you were merely forwarding it. But if it's in the plain then they'd be able to see that it didn't come in and infer that it was yours.
    • by weaselp ( 32626 ) on Wednesday December 22, 2004 @04:25PM (#11162565) Homepage
      The first node knows your IP and the second node, but not the plain text. The last node knows the second-to-last node,the service you are connecting to, and the plain text unless you do some encryption on the application layer (like https).

      It's not entirely unlike Mixmaster, only low latency.
  • by Anonymous Coward on Wednesday December 22, 2004 @04:05PM (#11162352)
    <sarcasm>
    I'm sure this network will be used to share protected speech and not copyrighted binaries.
    </sarcasm>
    • Re:Yay! Piracy! (Score:4, Informative)

      by discord5 ( 798235 ) on Wednesday December 22, 2004 @04:59PM (#11162891)
      I'm sure this network will be used to share protected speech and not copyrighted binaries.

      I don't think this system will be usable for piracy. Have you ever used <hat foil="tin">Freenet</hat>? Because of all the hopping though random nodes, "random" routes and encrypted traffic it's quite slow.

      Take the example of the average "anonymous proxy" on the internet. After someone finds the proxy, it usually takes about 5 to 10 hours before the proxie's bandwith is completely saturated making it unusable. Even if Tor is to loadbalance all it's nodes, it's still going to be SLOW with the added encryption etc. Remember kids, using proxies that are close to you isn't anonimity but asking for problems with the law (usually why people want to use anonymous proxies is to avoid problems their employer/government could create).

      Lastly, most anonymous networks are unreliable by nature. Freenet is unreliable because it drops "unpopular" keys and their content in favour of popular keys. Anonymous relays (eg mixmasters) are known to drop messages at random.

  • AT&T Crowds (Score:3, Informative)

    by grub ( 11606 ) <slashdot@grub.net> on Wednesday December 22, 2004 @04:05PM (#11162354) Homepage Journal
    If it's not encrypting and just passing packets around then it sounds like the AT&T research Crowds proxy they were distributing a while ago. (it used to live at this page [att.com] but I see it's gone now.)
  • by Ajmuller ( 88594 ) * <adam@gotlinux.us> on Wednesday December 22, 2004 @04:05PM (#11162360) Homepage
    Unlike freenet, which I have tried to use for years and never got it to work properly, this actually works. Five minutes after I installed TOR i'm actually surfing the internet, anonymously, at decent speeds. Unlike freenet, i'm not stuck in a chatroom while someone tells me... Just wait 4-5 days for your node to associate with the network....
    TOR is great, go EFF, making me proud to be a member!!!!
  • Disclaimer: IANAL!

    I, for one, do not use peer-to-peer file sharing for any reason. However the answer to secure peer-to-peer file sharing is so simple it's right in front of our noses.

    First, encrypt the file you want to send with GPG, make the decrypting password "1" or "A" or something that simple. If "any one else" decrypts the file and prosecutes you for it, you can get off by using the DMCA. That's right, the DMCA works for people too.

    Under the DMCA, the sender and receiver are the only two author

    • by Anonymous Coward
      Can you really sue someone for violating the DMCA when they decrypt content that is not yours?
    • You have to be careful. What if the receiver is a member of the RIAA? Under your scheme, they are authorized to download from you and decrypt...

      Nice idea, but tough in practice.

    • by pclminion ( 145572 ) on Wednesday December 22, 2004 @04:21PM (#11162518)
      IANAL either. This doesn't work.

      The DMCA prohibits circumventing a protection on a copyrighted work. Encryption only qualifies as a "protection device" if the person doing the encryption is the holder of the copyright. You can't "protect" what you do not own.

      I don't know if the DMCA contains precisely this language, but it's certainly the way it would be interpretted in court.

      I'm more interested in the case of using encryption to protect a computer virus. Since the author of the virus actually is the owner of the copyright on the viral code, then the encryption should qualify as a copyright protection device under the DMCA. Law enforcement officials who decrypt the virus to reverse engineer it would be in violation of the DMCA.

      • Since the author of the virus actually is the owner of the copyright on the viral code, then the encryption should qualify as a copyright protection device under the DMCA

        That's an interesting thought. I'd imagine at some point the virus would have to decrypt itself and then could be legally captured by some piece of monitoring software. An interesting technical challenge resulting from a "creative" use of the law.

      • So you say if I use ssh to admin my server all the text output of the programs I use and have not written myself can be decrypted by everyone without legal problems because I do not own the copyright?
        • So you say if I use ssh to admin my server all the text output of the programs I use and have not written myself can be decrypted by everyone without legal problems because I do not own the copyright?

          Yes. Where did you get the idea that it's illegal to crack encryption?

          The eavesdropper would probably be guilty of wiretapping or some other type of communications crime, but the fact that he broke the encryption has nothing to do with it.

    • won't work, DMCA only applies to encrypting stuff that you own.
    • IANAL, either, but there is a flaw in your sceme: protectionary laws (for the most part) do not apply to illegal activities. The same way you can't call the cops cause your distributor took your drugs but didn't pay.

      I believe under the DMCA (again, not a lawyer) there is clause allowing for checking of owned material. The **AA would just have to get a writ (warrant, subpeona ... whatever) to allow them to open the file to check if it contained files owned by them that they believe were being transferred
    • Is this why some torrent downloads are RARed with a password that you have to find? So that the 'authorities' have to get a warrent, even though you could google the password?
  • Spammers (Score:5, Interesting)

    by bm17 ( 834529 ) * <brm@yoyodyne.com> on Wednesday December 22, 2004 @04:09PM (#11162392)
    Two questions come immediately to mind:

    1) Can spam be sent through Tor?

    2) Can spammers collect data by running a Tor server of their own?

    I checked the site's FAQ but couldn't find answers there.

    • Re:Spammers (Score:5, Informative)

      by miope ( 727503 ) on Wednesday December 22, 2004 @04:32PM (#11162627) Homepage

      Look the documentation [eff.org]

      2. Decide what exit policy you want. By default your server allows access to many popular services, but we restrict some (such as port 25) due to abuse potential. You might want an exit policy that is either less restrictive or more restrictive; edit your torrc appropriately. If you choose a particularly open exit policy, you might want to make sure your upstream or ISP is ok with that choice.
      the faq responds your second question [noreply.org]
      6.1. Can exit nodes eavesdrop on communications? Isn't that bad? Yes, the guy running the exit node can read the bytes that come out there. Our first answer is "then use end-to-end encryption such as SSL", which is great but not always practical. (The corollary to this answer is that if you are worried about somebody intercepting your traffic and you're *not* using end-to-end encryption at the application layer, then something has already gone wrong and you shouldn't be thinking that Tor is the problem.) Our second answer is that in a future release, we plan to have Tor clients recognize when the destination is co-located with a Tor server, and exit from that Tor server. So for example, people using Tor to get to the EFF website would automatically exit from the EFF Tor server (assuming it's nearby in network geography), thus getting *better* encryption and authentication properties than just browsing there the normal way. But this has a variety of technical problems we need to overcome first (the main one being "how does the Tor client learn which servers are associated with which websites in a decentralized yet non-gamable way?"). Stay tuned.
    • Uhm, I don't think you can use a proxy server to send spam AFAIK.
  • by worst_name_ever ( 633374 ) on Wednesday December 22, 2004 @04:10PM (#11162409)
    System Tor... I think that's in Devonshire, right?
  • by Anonymous Coward on Wednesday December 22, 2004 @04:11PM (#11162414)
    Are you sure all this anonymity is a good thing with all the terrorism and unpatriotic sentiment floating around?

    Besides, getting rid of anonymity would help with the spam crap.

    In fact, I don't see anything positive in anonymity.

  • And wait for my traffic to pass through some hippy's 386 running linux? I sure hope this requires some minimum hardware and bandwith to allow participation.
  • by Tackhead ( 54550 ) on Wednesday December 22, 2004 @04:15PM (#11162466)
    From the design documents [eff.org]:

    Based in part on our restrictive default exit policy (we reject SMTP requests) and our low profile, we have had no abuse issues since the network was deployed in October 2003. Our slow growth rate gives us time to add features, resolve bugs, and get a feel for what users actually want from an anonymity system. Even though having more users would bolster our anonymity sets, we are not eager to attract the Kazaa or warez communities-we feel that we must build a reputation for privacy, human rights, research, and other socially laudable activities.

    Well, so much for that. *badaboom*

  • Double dipping (Score:4, Insightful)

    by el borak ( 263323 ) on Wednesday December 22, 2004 @04:16PM (#11162475)
    Tor was initially designed and developed as part of the U.S. Naval Research Laboratory's Onion Routing program with support from ONR and DARPA.
    Gotta love this. Paid for by my tax dollars, then I also get to pay for the NSA to develop improved snooping technology to crack it. Still, good to know at least some of my tax dollars was well spent for a change.
  • by skabb ( 115949 ) on Wednesday December 22, 2004 @04:17PM (#11162482)
    Seems like a great system, but I just cant understand this statement: "Currently, Tor development is supported by the Electronic Frontier Foundation. Tor was initially designed and developed as part of the U.S. Naval Research Laboratory's Onion Routing program with support from ONR [navy.mil] and DARPA [darpa.mil]."

    *Puts on tinfoil-hat* isn't the guys at *.mil making their jobs harder by doing this? anonymous "terrorists" communicating freely without any traces, or do they already have this covered in the system? a honeypot?
    • Maybe they can classify it as a munition and ban its export.
    • by Jim McCoy ( 3961 ) on Wednesday December 22, 2004 @04:42PM (#11162719) Homepage
      As someone who has watched, helped with, and discussed various anonymous networks from Pipenet through Onion routing and Tor I can give you the quick summary for why NRL was interested in anonymous browsing (because when they first came out with the Onion network stuff it really was a surprise.)

      Sometimes, government agencies would prefer it if web queries did not show up in the server's logs as coming from a .mil or .gov site.

      Just knowing what someone is reading or researching is a good source of intel, some government agencies see more benefit to this than the downside of potential terrorist uses.*

      Jim

      * anyway, if you work for a big governement agency you have the resources to treat these sorts of networks like a big black box and link up the endpoints. This is a fatal flaw to _all_ real-time anonymous networks. A big attacker can treat all of the fancy games you play in the middle of network as noise and just link up "message X went into dark network at time T and a message close to the size of message X came out of the network at time T +1, followed by a similarly linkable message going back the other way..."
      • ....This is a fatal flaw to _all_ real-time anonymous networks. A big attacker can treat all of the fancy games you play in the middle of network as noise and just link up "message X went into dark network at time T and a message close to the size of message X came out of the network at time T +1, followed by a similarly linkable message going back the other way..."

        Actually, that's not a workable solution. Try "message X went into dark network via entry point 127.0.0.1". The only thing they have is the

  • by farrellj ( 563 ) * on Wednesday December 22, 2004 @04:21PM (#11162519) Homepage Journal
    TOR Books [tor.com], one of the largest publishers of Science Fiction and Fantasy in North America *might* have some problem with this...Methinks that I should let David Hartwell know...and the wonderful people at EFF...

    ttyl
    Farrell
  • by pridkett ( 2666 ) on Wednesday December 22, 2004 @04:22PM (#11162528) Homepage Journal
    Just a quick FYI, TOR is an onion routing system, meaning that the data is passed between TOR proxies until it reaches it's destination. This means that eventually you still need to fetch the data from a server, which means that the server can still be put under attack or taken down.

    FreeNet is much more robust as you inject content and then it is stored in many nodes. Thus, it can't be taken down. Furthemore, in FreeNet different parts of the data are obtained from different sources, preventing more work that could be done with traffic analysis.

    To say that TOR is like FreeNet is to seriously discount the features of FreeNet. TOR is a system for running Onion proxies. FreeNet is a completely anonymized hosting and content distribution system.
    • One interesting thing that tor provides for "hidden services" so you can publish/host content, but without giving up your location. The nice thing about this is that you can run any tcp service such as a web or irc server, not just static content.
    • by bitspotter ( 455598 ) on Wednesday December 22, 2004 @06:32PM (#11163597) Journal
      To summarize:

      Freenet is a system which anonymizes content. Specifically, digital files.

      TOR is a system which anonymizes connections. Specifically TCP connections.

      While anonymizing client TCP connections has been around for awhile, TOR is the first major project (possibly second to i2p) that allows one to anonymize TCP *server* connections.

      In my experience, TOR has been vastly more reliable than Freenet. Whether this can be attributed to the youth and small size of the TOR network relative to Freenet remains to be seen...
  • by Anonymous Coward on Wednesday December 22, 2004 @04:23PM (#11162546)
    ... it must be intended primarily for satirical content.
  • Where can I get some EFF grant money?
  • by caluml ( 551744 ) <slashdot@spamgoe ... g ['ere' in gap]> on Wednesday December 22, 2004 @04:25PM (#11162557) Homepage
    Freenet - but not in Java?! Sign me up. Keep that nasty java off my system. GRSec and PaX don't like it and keep killing it off anyway.
  • Right... (Score:5, Insightful)

    by Kjella ( 173770 ) on Wednesday December 22, 2004 @04:28PM (#11162579) Homepage
    Let me get this straight. As a TOR node, my computer will request information from regular web sites unencrypted. This means that when someone requests e.g. child porn on the network, and my node is chosen to retrieve it, my IP will be the one logged?

    You are in for a world of hurt if you run a TOR node. Since you are perfectly aware of all plain HTTP requests your node makes, you are likely to stand trial for contributory copyright infringement, import/export/distribution of child porn, conspiracy to [whatever] and so on. Since I assume by default it doesn't log anything to give you someone to blame it on, they pin it on you.

    I would honestly never run a TOR node. If I did, I would firewall it to only allow connections to other TOR nodes, i.e. be a pure leech on the network. Anything else is to expose yourself for a wide range of legal disasters. Freenet had this right. You must not know what you are transmitting. This idea is fundamentally flawed and I'm amazed that the EFF would support it.

    And beyond that, from the brief techincal discussion, you have a single point of failure in the directory server. Gather a small botnet, compromise the server and present the botnet as the routing nodes. You control all the keys, you decrypt everything. Or just a simple DDoS attack, so you don't find any nodes to route through. Overall, I'm not impressed.

    Kjella
    • Freenet had this right. You must not know what you are transmitting.

      So you don't mind transmitting the child porn, you just don't want to be associated with the transmission.
      • Re:Right... (Score:3, Insightful)

        by Rich0 ( 548339 )
        Clearly I wouldn't want to be associated with that garbage. However, neither system prevents it. The difference is that somebody who innocently ends up spreading it can get sued with TOR, but won't be discovered if they're using Freenet. The guilty get away with it either way.

        So, which is better:

        1. Guilty get off free. Innocent sent to prison.

        2. Guilty get off free. Innocent get off free too.

        Clearly it would be better if we could block garbage like this altogether, but nobody has come up with a g
    • by adturner ( 6453 ) on Wednesday December 22, 2004 @05:06PM (#11162944) Homepage
      Tor already provides the means for people to run a tor node as only a router (add the line: reject *:* in your torrc), not an exit node. Hence, your IP will never download kiddie porn or anything like that.

      • by Kjella ( 173770 ) on Wednesday December 22, 2004 @05:24PM (#11163120) Homepage
        ...but what exactly is the incentive to actually help the TOR network? Seems to me that you can just leech as much as you want, give nothing. And each byte I download gets multiplied by as many nodes as I route through. Right now, it would appear they have a small userbase and mostly volunteer providers. What would happen if it got exposed to say, the slashdot userbase? Or people in general?

        Kjella
        • Perhaps you should read "Should I run a client or a server?", which explains the benefits for running a server.

          http://tor.freehaven.net/cvs/tor/doc/tor-doc.htm l

          But basically, even just running a client is good since the more clients using tor (up to the capacity of the network) increases the anonymity of all users. Only time will tell if enough volunteers will run servers to keep up with demand.
  • What about a network (possibly implemented in VPNs), where all packets are NAT'd by each node. Anyone viewing the traffic would never know if the request originated on that host, or if it was a host 10 hops away. (Apart from the TTL, which could be randomised between 200 and 255 anyway).
    Obviously, this would still break things that don't play well with NAT.
  • by innerFire ( 1016 ) on Wednesday December 22, 2004 @04:30PM (#11162598) Homepage
    Hi there! I'm Chris Palmer from EFF. I am working with the Tor developers, so I know a bit about it. I'll try to clear up some questions and misconceptions people seem to have.

    1. Spam? Well, spammers already have much better tools than Tor. Namely, botnets. The Tor network currently doesn't support the kind of bandwidth usage spammers can chew up. By their willingness to break the law, spammers and criminals already have good tools to hide their network origin. Tor doesn't really help them. Plus, the default Tor exit policy is to block port 25.

    2. Free/open source? Yes, three-clause BSD. EFF would not financially support a non-free/open source project!

    3. Do you have to trust the nodes? You have to trust the entry node and the exit node. The entry node can be on your own computer, which I highly advise people to do. It's easy to install on all platforms, so that shouldn't be a hurdle. As far as trusting the exit node: Yes, the exit node can see the plaintext of your communications. That is why you should always use end-to-end encryption, anyway! Remember, all normal Internet routers in your route can read your traffic; Tor is actually BETTER because traffic is strongly encrypted (AES, multiple times) while inside the Tor network.

    So, you actually have to trust Tor a bit less than regular Internet routes.

    Use encryption. :)

    4. Is it like Freenet/Crowds/Anonymizer? Yes, and no. It is like somewhat like those systems in goals, but the design is different. For example, unlike Freenet, Tor helps you talk to the real Internet. Unlike Anonymizer, Tor uses a whole network of proxies, not a single proxy; and the proxies are generic SOCKS proxies, not specifically HTTP.

    5. Version number is too low. Is this alpha software? Roger and Nick are very modest. :) Tor works. It is stable, many bugs have been fixed, and the protocol is moderately stable. Tor does not crash randomly or eat all your memory. What's in flux is bigger picture items, such as "How can we reduce our dependency on the central directory server" and "Wouldn't a GUI configuration tool be nifty?"

    6. Is there a backdoor? Well, you tell me. The source code is open. Is there a backdoor in other free software you like?

    7. Minimum bandwidth requirement? For exit and middleman nodes, yes, you should have a reasonable pipe and a stable machine. "Reasonable" pipe can mean a good DSL connection. Crappy nodes can degrade the network for those poor saps whose circuit goes through one. That is why the directory server operators won't list your server unless it meets basic stability and bandwidth requirements.
  • I looked on there for music and movies and the only thing i could see was 'Kill Bill'.

    There is no reasonble way to search freenet.

  • Scalability (Score:3, Informative)

    by Sanity ( 1431 ) on Wednesday December 22, 2004 @04:33PM (#11162630) Homepage Journal
    I think the general problem with this kind of architecture is that it dodges the hard issue - which is how new peers get integrated into the network, and how do you ensure their reliability.

    In Tor's case there is a centralised global list of all peers which must be added to manually by Tor's developers. This is fine with a small number of users, for which Tor clearly works well, but isn't practical when dealing with large numbers of users.

    Freenet, for all its faults, is designed to deal with potentially millions of unreliable peers. It is its ability to do this that makes it such an ambitious project, and makes any comparision between it and Tor a situation of apples and oranges.

    • In Tor's case there is a centralised global list of all peers which must be added to manually by Tor's developers.

      Which is also a centralized place of control. "Your directory may now only point to peers which have backdoor x.y.z installed."

      Freenet, for all its faults, is designed to deal with potentially millions of unreliable peers.

      Going off-topic, freenet is not designed for unreliable peers, but yes potentially millions in number. The routing in freenet is dependent on historical data are requires
  • But but but (Score:3, Funny)

    by halcyon1234 ( 834388 ) <halcyon1234@hotmail.com> on Wednesday December 22, 2004 @04:33PM (#11162638) Journal
    Terrorists might use this! Won't someone please think of the children? If my government can't hear what my neighbor is saying, how do I know he isn't planning on killing me in my sleep?

    I mean, why do you even need something like this? If you don't have anything to hide, there shouldn't be a problem with your internet chats being monitored.

    BTW, click here [reference.com]

  • The Freenet concept is great and Ian Clarke must be applauded, but it really needs an implementation that is more user-friendly and lower latency before it can become really popular.

    I know that there are a lot of technical problems that keep these things from happening right now, but I have hope that they'll figure out something before it is impossible to have any real privacy on the net.
  • It seems to me that Tor (and possibly all onion-type concepts, although I dont know a huge amount about them as a whole) actually increases the footprint of any given request/response by increasing the amount of hops taken from source to destination. Could it be that it increases anonymity of a connection but also potentially decreases the privacy instead? Couple this with payload analysis (HTTP packets having obvious information about destination at least) and you have a powerful tracking mechanism
    • I'm not sure I understand why you worry.

      Could it be that it increases anonymity of a connection but also potentially decreases the privacy instead?

      Why do you think so? It does increase anonymity, but why would it decrease privacy in the same process? You are as private as you wish; if you send your name anonymously, you break the whole point, of course. If you allow harmful Javascript to snoop your real IP and send that over Tor, you are of course busted; but Tor users should browse with Privoxy to filt

  • Firefox extension? (Score:4, Interesting)

    by multiOSfreak ( 551711 ) <culturejam&gmail,com> on Wednesday December 22, 2004 @04:50PM (#11162795) Homepage Journal
    Somebody quick! Make a FireFox extension that adds a button to the toolbar that says "Switch to TOR mode" or something to that effect.

    It would be nice if TOR were easy to turn on and off within a given browser or other http-aware client. I can't see need the for use TOR 100% of the time, especially since there is a performance hit. And it seems like it would be a pain in the ass to have to reconfigure the browser's proxy settings each time you want to use TOR for browsing/downloading.

    I'd take a crack at it myself, but I'm no code monkey. I'm a documentation nerd. If anybody wants to develop this, let me know and I'll do the docs and help files.
  • Look, you don't know who I am. I'm anonymous. I don't really want you knowing who I am because some of you are freaks (no offense). It works and it's all I really need.

    Is this REAL anonymity? Not really. If I come on here and say I'm going to kill George Bush they'll find out who I am in a heartbeat. I don't really have a problem with that. Basically the only people who are not anonymous are criminals. This is simply because in the vast sea of people on the internet who really gives a crap who "Smi
    • The problem with this logic is that it works very poorly for political activists in totalitarian regimes, or anyone with sufficiently unpopular opinions. These people have the right to communicate, and people have the right to hear what they have to say.
  • If it indeed works as an anonymizer, what prevents its users from scanning/cracking web servers?
  • by Kjella ( 173770 ) on Wednesday December 22, 2004 @04:56PM (#11162851) Homepage
    ...maybe I'll just dig up the link to what happened with the JAP proxy network, providing pretty much exactly the same service:

    Net anonymity service back-doored [theregister.co.uk]

    Basicly, they were given the choice of backdooring it or shutting it down. Yes, the whole network. They did install a backdoor (still with source), got found out but they didn't exactly have much trust left.

    Can someone explain to me why the exact same will not happen to this service? Any reason why TOR servers would have greater legal immunity? I don't see it, at least.

    Kjella
    • by wildwood ( 153376 ) on Wednesday December 22, 2004 @05:40PM (#11163281)
      Basicly, they were given the choice of backdooring it or shutting it down. Yes, the whole network. They did install a backdoor (still with source), got found out but they didn't exactly have much trust left.

      Can someone explain to me why the exact same will not happen to this service? Any reason why TOR servers would have greater legal immunity? I don't see it, at least.

      One reason: the white-hat lawyers at the EFF.

      I didn't see any indication from your link whether the JAP team got any legal consultation. Did they fully understand their rights and options before they gave in to the authorities?

      I don't think the EFF is sponsoring this just to move the technology along. I'd bet that they also want to use Tor to advance their legal arguments for anonymity. They've probably already drawn up "battle plans" for likely legal challenges.

  • GNUNet (Score:2, Interesting)

    What's about GNU's own GPL'd freenet "clone" GNUNet [gnu.org]?

    I've successfully used it to get some pr0n, at decent speeds. You might also search it for "Billy Joel" to see my additions to the network.

    • Re:GNUNet (Score:3, Interesting)

      by RPoet ( 20693 )
      What about it? GNUNet is an anonymous file sharing application, while Tor is a generic anonymizing networking layer. It can run file sharing apps, but it wasn't even primarily designed for it -- it was designed for safely and anonymously exchanging messages. The American navy started what became the roots of Tor, and it was designed for their needs.
  • Tor supports something called a "hidden service" which allows you to serve something, such as a web site, ftp, or dare I say, a bittorent link.

    The neat thing is, you can serve the service without anyone knowing your IP address. So you would share a link such as follows: http://6sxoyfb3h2nvok2d.onion/ (which is the tor hidden service wiki BTW). The Tor servers "meet in the middle", thus hiding the originating serving ip address. Read here [freehaven.net] for more on this functionality.

    This could really shut the door

  • Comments (Score:4, Informative)

    by ZorbaTHut ( 126196 ) on Wednesday December 22, 2004 @05:17PM (#11163059) Homepage
    Tor is great. I've been playing with it for a while - the sheer simplicity of setup makes it fantastic, and it's highly amusing to go to whatismyip.com half a dozen times and get different IPs.

    Once I get the firewall box I want set up I plan to make one port link directly into Tor, so that anything plugged into that port is shunted 100% into the Tor network. Right now you've sort of got to trust that your program really is punching everything through the SOCKS proxy - not all programs are really reliable about that, plus the program can still see your IP if you're not behind a firewall.
  • Question about Tor (Score:4, Interesting)

    by theantix ( 466036 ) on Wednesday December 22, 2004 @05:26PM (#11163151) Journal
    As a civil libertarian I love the idea, and I would be happy to run a Tor server if I could restrict what filetypes I pass through. I'm not interesting in helping people pass kiddie porn or pirated movies through my server (which I assume would be a primary use of this), so I would want to restrict it to text and html mimetypes. I looked through the FAQ and documentation and didn't see any mention of this.

    Any developers here that can comment on if a feature similar to this is planned for a future release?
    • by RPoet ( 20693 ) on Wednesday December 22, 2004 @05:32PM (#11163207) Journal
      With Tor, you don't transfer files; you transfer packets. This is analogous to running a TCP/IP router on the internet, you just relay traffic for others. What Tor adds to this is that you have no way to find out what packets you relay contain or where they are ultimately headed. If you are really a civil libertarian, you won't care. If you still care, maybe you should look for another label for yourself :)
    • There are two kinds of tor servers:

      Exit routers, which connect to other services (web, irc, etc) and middlemen routers which only pass encrypted packets.

      Middlemen routers have no idea what the content of the data is since it's encrypted, hence it would be impossible to enforce that there. Exit routers can limit which IP/ports to allow connections to, but there's no application level intelligence to restrict based on mime-types or anything else like that.

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...