EFF Promotes Freenet-like System Tor 379
The submitter continues "It also allows you to install Tor-aware apps, such as an HTTP proxy (for private browsing), or maybe private P2P? Unlike Freenet, it doesn't use massive encryption (as far as I can tell) and relies more on something called onion routing to randomly bounce requests between other Tor proxies, thus obfuscating the IP of the original client. So it allows you to browse regular Internet sites! Maybe it should be considered more of an 'open-source' Anonymizer? But I don't know if it's actually Open Source - you can download the source (and compile it yourself) but I don't know if the developers are letting anyone else touch their code. They are, however, looking for contributors and other forms of help. And, finally, they're hoping people will start running Tor servers!" It's open source, however contributions are handled.
EFF makes me happy. (Score:5, Interesting)
If they really want (Score:3, Interesting)
Re:If they really want (Score:3, Informative)
Re:If they really want (Score:5, Informative)
be trusted. Your communications with them are
encrypted and they know only the next hop in the
circuit -- they do not know the exit node and they
do not know the content of your communication.
Re:If they really want (Score:2)
Re:If they really want (Score:5, Informative)
It's not entirely unlike Mixmaster, only low latency.
Yay! Piracy! (Score:3, Funny)
I'm sure this network will be used to share protected speech and not copyrighted binaries.
</sarcasm>
Re:Yay! Piracy! (Score:4, Informative)
I don't think this system will be usable for piracy. Have you ever used <hat foil="tin">Freenet</hat>? Because of all the hopping though random nodes, "random" routes and encrypted traffic it's quite slow.
Take the example of the average "anonymous proxy" on the internet. After someone finds the proxy, it usually takes about 5 to 10 hours before the proxie's bandwith is completely saturated making it unusable. Even if Tor is to loadbalance all it's nodes, it's still going to be SLOW with the added encryption etc. Remember kids, using proxies that are close to you isn't anonimity but asking for problems with the law (usually why people want to use anonymous proxies is to avoid problems their employer/government could create).
Lastly, most anonymous networks are unreliable by nature. Freenet is unreliable because it drops "unpopular" keys and their content in favour of popular keys. Anonymous relays (eg mixmasters) are known to drop messages at random.
AT&T Crowds (Score:3, Informative)
Re:AT&T Crowds (Score:3, Interesting)
This actually works.... (Score:5, Interesting)
TOR is great, go EFF, making me proud to be a member!!!!
Re:This actually works.... (Score:4, Informative)
A Hidden Service URL looks something like this:
http://6sxoyfb3h2nvok2d.onion/
And, obviously, only functions when the TOR daemon intercepts your web browsers requests...
The very cool thing about TOR is that it not only can forward HTTP but also any other arbitrary protocol... You can even forward SSH traffic if you are among the uber paranoid elite.
Re:This actually works.... (Score:2)
Re:the problem with Freenet (Score:5, Insightful)
Relative anonymity isn't inherently destructive - nor is the anonymity offered here absolute. Conventional methods of online social investigation will still catch the people you imagine, as there is still a source and destination. With child crimes in particular, the investigation should move offline as soon as possible anyway as soon as suspicions arise.
People who attack and cruelly manipulate children deserve punishment - the rest of the world does not need to close entire realms of technology down for the sake of that punishment. The nerds of the world shouldn't be forced to think about punishing criminals when they make their tools any more than car manufacturers.
Ryan Fenton
Re:the problem with Freenet (Score:3, Insightful)
Thanks for the reasoned reply.
I don't disagree that Freenet is a tool, but I'm not sure all factors are equal in judging tools. We could compare to Kazaa, which does trade legitmate files... but trades scads of pirated material. Kazaa may trade many pirated files, but the relative harm is far less. Copyright infringement isn't in the same ballpark as child molestation... the law recognizes this with the vast difference in their respective penalties. The amount of harm (and type of harm) with Kazaa
Re:the problem with Freenet (Score:3, Interesting)
I don't have a problem with Freenet because
a) Freenet doesn't actually cache child porn on your drive. It may cache fragments of binary data which, if pieced together with other fragments from other sources and decoded a certain way, could be interpreted as something illegal. But that's a far cry from actually putting pictures or video on your disk.
b) If someone looks at child porn from Freenet, no child is harmed. Since it's on Freenet, not only has the
Free-as-in-beer does not make it legal (Score:3, Informative)
Free-as-in-beer does not make it legal. The creation, distribution, and possession of child pornography remains criminal even w
Re:Free-as-in-beer does not make it legal (Score:3, Insightful)
I didn't say that. But, ethically speaking, free-as-in-beer is better than giving-money-to-child-abusers.
Put yourself in the place of the child, her guardians, her counselors, and ask if you would want still photos and videos of her rape to be broadcast over the net
Of course not. But this is Freenet. 99-to-1 odds the child is never going to know. As such, he/she isn't harmed by their presence.
You haven't considered the possibility that the child might be identifiab
Re:the problem with Freenet (Score:4, Insightful)
Tell me this. How many child pornographers are busted when someone trades illegal pictures? Not illegal picture-traders, the actual people who TAKE the pictures?
By blocking the flow of information, you can only bust the picture-traders. And you get a nice excuse to bust anyone else whom you can reasonably define as a "terrorist" or other undesirable.
Bust the guys taking the pictures, at the source. When you get a kid who's been abused in this way, they can lead you to the picture taker.
The excuse of "needing better tools for law enforcement" is very often used as an excuse to abridge civil rights.
Child pornographers are bad. And should be stopped wherever their found. But I'm not ready to accept that we, as a civilization, can afford to eliminate anonymous speech. When we have better rules (that are enforced) to protect whistleblowers and dissidents, then maybe we can do away with anonymity.
Re:the problem with Freenet (Score:5, Insightful)
Solutions are simple. (Score:2, Interesting)
I, for one, do not use peer-to-peer file sharing for any reason. However the answer to secure peer-to-peer file sharing is so simple it's right in front of our noses.
First, encrypt the file you want to send with GPG, make the decrypting password "1" or "A" or something that simple. If "any one else" decrypts the file and prosecutes you for it, you can get off by using the DMCA. That's right, the DMCA works for people too.
Under the DMCA, the sender and receiver are the only two author
Re:Solutions are simple. (Score:2, Insightful)
Re:Solutions are simple. (Score:3, Insightful)
Nice idea, but tough in practice.
Re:Solutions are simple. (Score:5, Informative)
The DMCA prohibits circumventing a protection on a copyrighted work. Encryption only qualifies as a "protection device" if the person doing the encryption is the holder of the copyright. You can't "protect" what you do not own.
I don't know if the DMCA contains precisely this language, but it's certainly the way it would be interpretted in court.
I'm more interested in the case of using encryption to protect a computer virus. Since the author of the virus actually is the owner of the copyright on the viral code, then the encryption should qualify as a copyright protection device under the DMCA. Law enforcement officials who decrypt the virus to reverse engineer it would be in violation of the DMCA.
Re:Solutions are simple. (Score:2)
That's an interesting thought. I'd imagine at some point the virus would have to decrypt itself and then could be legally captured by some piece of monitoring software. An interesting technical challenge resulting from a "creative" use of the law.
Re:Solutions are simple. (Score:2)
Re:Solutions are simple. (Score:2)
Yes. Where did you get the idea that it's illegal to crack encryption?
The eavesdropper would probably be guilty of wiretapping or some other type of communications crime, but the fact that he broke the encryption has nothing to do with it.
Re:Solutions are simple-Ignorance is simpler. (Score:2)
It was speculation. If you have a reason why it wouldn't work, why not tell us?
I know -- it's because you're an asshole.
Re:Solutions are simple-Ignorance is simpler-II (Score:2)
Jeez man, take some comprehension classes. My point was that if the DMCA can be used to interfere with law enforcement, then the DMCA is fucked up -- NOT that I've discovered some cool new way for virus writers to cover their asses. Jesus.
Re:Solutions are simple. (Score:2)
Re:Solutions are simple. (Score:2)
I believe under the DMCA (again, not a lawyer) there is clause allowing for checking of owned material. The **AA would just have to get a writ (warrant, subpeona
Re:Solutions are simple. (Score:2)
Spammers (Score:5, Interesting)
1) Can spam be sent through Tor?
2) Can spammers collect data by running a Tor server of their own?
I checked the site's FAQ but couldn't find answers there.
Re:Spammers (Score:5, Informative)
Look the documentation [eff.org]
the faq responds your second question [noreply.org]Re:Spammers (Score:2)
Is that in England? (Score:3, Funny)
Anonymity is a good thing? (Score:5, Funny)
Besides, getting rid of anonymity would help with the spam crap.
In fact, I don't see anything positive in anonymity.
Re:Anonymity is a good thing? (Score:5, Funny)
by Anonymous Coward on Wednesday December 22, @04:11PM
You are the god of irony and paradox.
Re:Anonymity is a good thing? (Score:2)
Re:Anonymity is a good thing? (Score:2)
Re:Anonymity is a good thing? (Score:3, Informative)
I'd call him brilliant for that one.
Yeah, right (Score:2, Funny)
Whups, so much for that idea. (Score:5, Informative)
Well, so much for that. *badaboom*
Double dipping (Score:4, Insightful)
... and also sponsored by .mil? (Score:3, Interesting)
*Puts on tinfoil-hat* isn't the guys at *.mil making their jobs harder by doing this? anonymous "terrorists" communicating freely without any traces, or do they already have this covered in the system? a honeypot?
Re:... and also sponsored by .mil? (Score:2)
Spies need anonymity too... (Score:5, Interesting)
Sometimes, government agencies would prefer it if web queries did not show up in the server's logs as coming from a
Just knowing what someone is reading or researching is a good source of intel, some government agencies see more benefit to this than the downside of potential terrorist uses.*
Jim
* anyway, if you work for a big governement agency you have the resources to treat these sorts of networks like a big black box and link up the endpoints. This is a fatal flaw to _all_ real-time anonymous networks. A big attacker can treat all of the fancy games you play in the middle of network as noise and just link up "message X went into dark network at time T and a message close to the size of message X came out of the network at time T +1, followed by a similarly linkable message going back the other way..."
Re:Spies need anonymity too... (Score:2)
Actually, that's not a workable solution. Try "message X went into dark network via entry point 127.0.0.1". The only thing they have is the
Re:Spies need anonymity too... (Score:3, Insightful)
Incorrect, although it can be challenging. For the sake of argument assume the NSA (our hypthetical attacker) has a Carnvore logging activity into and out of every ISP. They can therefore observe the existance, and perhaps size, of every packet between every node in the network, even if they cannot decrypt them. It also means they c
Just one slight problem with the name.... (Score:3, Interesting)
ttyl
Farrell
Re:Just one slight problem with the name.... (Score:2)
Even if "TOR Books" was trademarked, it's not in the same industry or even sector as the Tor sharing system, so trademark protection wouldn't apply anyway.
Re:Just one slight problem with the name.... (Score:2)
Onion Routing != FreeNet (Score:5, Interesting)
FreeNet is much more robust as you inject content and then it is stored in many nodes. Thus, it can't be taken down. Furthemore, in FreeNet different parts of the data are obtained from different sources, preventing more work that could be done with traffic analysis.
To say that TOR is like FreeNet is to seriously discount the features of FreeNet. TOR is a system for running Onion proxies. FreeNet is a completely anonymized hosting and content distribution system.
Re:Onion Routing != FreeNet (Score:2)
Re:Onion Routing != FreeNet (Score:5, Informative)
Freenet is a system which anonymizes content. Specifically, digital files.
TOR is a system which anonymizes connections. Specifically TCP connections.
While anonymizing client TCP connections has been around for awhile, TOR is the first major project (possibly second to i2p) that allows one to anonymize TCP *server* connections.
In my experience, TOR has been vastly more reliable than Freenet. Whether this can be attributed to the youth and small size of the TOR network relative to Freenet remains to be seen...
So if this routes through Onion servers... (Score:4, Funny)
Cool. (Score:2)
Sounds pretty good to me (Score:3, Funny)
Right... (Score:5, Insightful)
You are in for a world of hurt if you run a TOR node. Since you are perfectly aware of all plain HTTP requests your node makes, you are likely to stand trial for contributory copyright infringement, import/export/distribution of child porn, conspiracy to [whatever] and so on. Since I assume by default it doesn't log anything to give you someone to blame it on, they pin it on you.
I would honestly never run a TOR node. If I did, I would firewall it to only allow connections to other TOR nodes, i.e. be a pure leech on the network. Anything else is to expose yourself for a wide range of legal disasters. Freenet had this right. You must not know what you are transmitting. This idea is fundamentally flawed and I'm amazed that the EFF would support it.
And beyond that, from the brief techincal discussion, you have a single point of failure in the directory server. Gather a small botnet, compromise the server and present the botnet as the routing nodes. You control all the keys, you decrypt everything. Or just a simple DDoS attack, so you don't find any nodes to route through. Overall, I'm not impressed.
Kjella
Re:Right... (Score:3, Insightful)
So you don't mind transmitting the child porn, you just don't want to be associated with the transmission.
Re:Right... (Score:3, Insightful)
So, which is better:
1. Guilty get off free. Innocent sent to prison.
2. Guilty get off free. Innocent get off free too.
Clearly it would be better if we could block garbage like this altogether, but nobody has come up with a g
i think we're conflating moral and legal arguments (Score:3, Interesting)
you don't have to be an exit node (Score:5, Informative)
Padon me if I missed it... (Score:4, Informative)
Kjella
Re:Padon me if I missed it... (Score:3, Informative)
http://tor.freehaven.net/cvs/tor/doc/tor-doc.ht
But basically, even just running a client is good since the more clients using tor (up to the capacity of the network) increases the anonymity of all users. Only time will tell if enough volunteers will run servers to keep up with demand.
Because they're not common carriers. (Score:2)
Kjella
Re:Because they're not common carriers. (Score:2)
Client --> A --> B --> C --> Server
Where A, B & C are tor routers, only C can see the clear text. Of course, if you're using SSL or SSH, then even C can't see the clear text.
NAT all traffic? (Score:2)
Obviously, this would still break things that don't play well with NAT.
Misconceptions about Tor (from Chris @ EFF) (Score:5, Informative)
1. Spam? Well, spammers already have much better tools than Tor. Namely, botnets. The Tor network currently doesn't support the kind of bandwidth usage spammers can chew up. By their willingness to break the law, spammers and criminals already have good tools to hide their network origin. Tor doesn't really help them. Plus, the default Tor exit policy is to block port 25.
2. Free/open source? Yes, three-clause BSD. EFF would not financially support a non-free/open source project!
3. Do you have to trust the nodes? You have to trust the entry node and the exit node. The entry node can be on your own computer, which I highly advise people to do. It's easy to install on all platforms, so that shouldn't be a hurdle. As far as trusting the exit node: Yes, the exit node can see the plaintext of your communications. That is why you should always use end-to-end encryption, anyway! Remember, all normal Internet routers in your route can read your traffic; Tor is actually BETTER because traffic is strongly encrypted (AES, multiple times) while inside the Tor network.
So, you actually have to trust Tor a bit less than regular Internet routes.
Use encryption.
4. Is it like Freenet/Crowds/Anonymizer? Yes, and no. It is like somewhat like those systems in goals, but the design is different. For example, unlike Freenet, Tor helps you talk to the real Internet. Unlike Anonymizer, Tor uses a whole network of proxies, not a single proxy; and the proxies are generic SOCKS proxies, not specifically HTTP.
5. Version number is too low. Is this alpha software? Roger and Nick are very modest.
6. Is there a backdoor? Well, you tell me. The source code is open. Is there a backdoor in other free software you like?
7. Minimum bandwidth requirement? For exit and middleman nodes, yes, you should have a reasonable pipe and a stable machine. "Reasonable" pipe can mean a good DSL connection. Crappy nodes can degrade the network for those poor saps whose circuit goes through one. That is why the directory server operators won't list your server unless it meets basic stability and bandwidth requirements.
Re:Misconceptions about Tor (from Chris @ EFF) (Score:2)
Freenet is a tremendous disappointment (Score:2)
There is no reasonble way to search freenet.
Scalability (Score:3, Informative)
In Tor's case there is a centralised global list of all peers which must be added to manually by Tor's developers. This is fine with a small number of users, for which Tor clearly works well, but isn't practical when dealing with large numbers of users.
Freenet, for all its faults, is designed to deal with potentially millions of unreliable peers. It is its ability to do this that makes it such an ambitious project, and makes any comparision between it and Tor a situation of apples and oranges.
Re:Scalability (Score:2)
Which is also a centralized place of control. "Your directory may now only point to peers which have backdoor x.y.z installed."
Freenet, for all its faults, is designed to deal with potentially millions of unreliable peers.
Going off-topic, freenet is not designed for unreliable peers, but yes potentially millions in number. The routing in freenet is dependent on historical data are requires
But but but (Score:3, Funny)
I mean, why do you even need something like this? If you don't have anything to hide, there shouldn't be a problem with your internet chats being monitored.
BTW, click here [reference.com]
Re:But but but (Score:2)
comment on Freenet (Score:2)
I know that there are a lot of technical problems that keep these things from happening right now, but I have hope that they'll figure out something before it is impossible to have any real privacy on the net.
Could it have the reverse-effect? (Score:2)
Re:Could it have the reverse-effect? (Score:2)
Why do you think so? It does increase anonymity, but why would it decrease privacy in the same process? You are as private as you wish; if you send your name anonymously, you break the whole point, of course. If you allow harmful Javascript to snoop your real IP and send that over Tor, you are of course busted; but Tor users should browse with Privoxy to filt
Firefox extension? (Score:4, Interesting)
It would be nice if TOR were easy to turn on and off within a given browser or other http-aware client. I can't see need the for use TOR 100% of the time, especially since there is a performance hit. And it seems like it would be a pain in the ass to have to reconfigure the browser's proxy settings each time you want to use TOR for browsing/downloading.
I'd take a crack at it myself, but I'm no code monkey. I'm a documentation nerd. If anybody wants to develop this, let me know and I'll do the docs and help files.
Smilin is all the anonymity I need. (Score:2, Interesting)
Is this REAL anonymity? Not really. If I come on here and say I'm going to kill George Bush they'll find out who I am in a heartbeat. I don't really have a problem with that. Basically the only people who are not anonymous are criminals. This is simply because in the vast sea of people on the internet who really gives a crap who "Smi
Re:Smilin is all the anonymity I need. (Score:3, Interesting)
Sounds nice, but something troubles me. (Score:2)
Since noone believes me when I post about it... (Score:4, Informative)
Net anonymity service back-doored [theregister.co.uk]
Basicly, they were given the choice of backdooring it or shutting it down. Yes, the whole network. They did install a backdoor (still with source), got found out but they didn't exactly have much trust left.
Can someone explain to me why the exact same will not happen to this service? Any reason why TOR servers would have greater legal immunity? I don't see it, at least.
Kjella
Re:Since noone believes me when I post about it... (Score:4, Informative)
Can someone explain to me why the exact same will not happen to this service? Any reason why TOR servers would have greater legal immunity? I don't see it, at least.
One reason: the white-hat lawyers at the EFF.
I didn't see any indication from your link whether the JAP team got any legal consultation. Did they fully understand their rights and options before they gave in to the authorities?
I don't think the EFF is sponsoring this just to move the technology along. I'd bet that they also want to use Tor to advance their legal arguments for anonymity. They've probably already drawn up "battle plans" for likely legal challenges.
GNUNet (Score:2, Interesting)
What's about GNU's own GPL'd freenet "clone" GNUNet [gnu.org]?
I've successfully used it to get some pr0n, at decent speeds. You might also search it for "Billy Joel" to see my additions to the network.
Re:GNUNet (Score:3, Interesting)
Tor's hidden service is the really cool thing (Score:2, Interesting)
Tor supports something called a "hidden service" which allows you to serve something, such as a web site, ftp, or dare I say, a bittorent link.
The neat thing is, you can serve the service without anyone knowing your IP address. So you would share a link such as follows: http://6sxoyfb3h2nvok2d.onion/ (which is the tor hidden service wiki BTW). The Tor servers "meet in the middle", thus hiding the originating serving ip address. Read here [freehaven.net] for more on this functionality.
This could really shut the door
Comments (Score:4, Informative)
Once I get the firewall box I want set up I plan to make one port link directly into Tor, so that anything plugged into that port is shunted 100% into the Tor network. Right now you've sort of got to trust that your program really is punching everything through the SOCKS proxy - not all programs are really reliable about that, plus the program can still see your IP if you're not behind a firewall.
Question about Tor (Score:4, Interesting)
Any developers here that can comment on if a feature similar to this is planned for a future release?
Re:Question about Tor (Score:4, Insightful)
Re:Question about Tor (Score:2)
Exit routers, which connect to other services (web, irc, etc) and middlemen routers which only pass encrypted packets.
Middlemen routers have no idea what the content of the data is since it's encrypted, hence it would be impossible to enforce that there. Exit routers can limit which IP/ports to allow connections to, but there's no application level intelligence to restrict based on mime-types or anything else like that.
not cost effective to track and sue for RIAA et al (Score:3, Interesting)
Right now, there are hundreds or even thousands of file sharers being sued (or being threatened, or getting letters etc). That threat serves as a real deterrent. But if it were too costly for them to det
Re:pros and cons (Score:2, Insightful)
Does AIM and MSN user = Terroist?
No.
But they can very easily use such software can they not?
What about Planes? Maybe we should stop using planes.. I mean terrorists can use them to fly into our buildings.
Why are you drawing the line at this piece of software? Where should this line be? The further it goes into our freedoms...
Re:Is is in Java? (Score:2)
no no no no (Score:2)
Tor allows you to access existing internet resources anonymously.
Freenet allows you to PUBLISH and access resources anonymously - if it works.
Re:Like Freenet? (Score:2)
The Japanese fork of Freenet (Winny) was popular, and supposedly included a fundemental flaw in their implimentation (which does not appear in Freenet). Two users were arrested [cnet.com], and the Winny network collapsed.
Re:But... (Score:2)
...
The Anti-1337 Manifesto [umanwizard.com]
;-).
Yeah, dvorak absolutely pwns
Re:How does this differ from a regular anon proxy? (Score:2)
No one node in the tor system knows all of this.
Re:YRO = PIRACY (Score:3, Funny)
One man's pirate is another man's freedom fighter.
Re:YRO = PIRACY (Score:3, Interesting)