Computers - Software Hardware : Tor: Arms Race Between Anti-Censorship and Governments

Gorilla

Well-Known Member
REGISTERED MEMBER
Jan 31, 2009
2,450
1,375
The following is an outline/summary provided by BoingBoing:
Last night's Chaos Computer Congress (28C3) presentation from Jacob Applebaum and Roger Dingledine on the state of the arms race between the Tor anti-censorship/surveillance technology and the world's repressive governments was by turns depressing and inspiring. Dingledine and Applebaum have unique insights into the workings of the technocrats in Iranian, Chinese, Tunisian, Syrian and other repressive states, and the relationship between censorship and other human rights abuses (for example, when other privacy technologies failed, governments sometimes discovered who was discussing revolution and used that as the basis for torture and murder).
Two thirds of the way through the talk, they broaden the context to talk about the role of American companies in the war waged against privacy and free speech -- SmartFilter (now an Intel subsidiary, and a company that has a long history of censoring Boing Boing) is providing support for Iran's censorship efforts, for example. They talked about how Blue Coat and Cisco produce tools that aren't just used to censor, but to spy (all censorware also acts as surveillance technology) and how the spying directly leads to murder and rape and torture.

Then, they talked about the relationship between corporate networks and human rights abuses. Iran, China, and Syria, they say, lack the resources to run their own censorship and surveillance R&D projects, and on their own, they don't present enough of a market to prompt Cisco to spend millions to develop such a thing. But when a big company like Boeing decides to pay Cisco millions and millions of dollars to develop censorware to help it spy on its employees, the world's repressive governments get their R&D subsidized, and Cisco gets a product it can sell to them.

They concluded by talking about how Western governments' insistence on "lawful interception" back-doors in network equipment means that all the off-the-shelf network gear is readymade for spying, so, again, the Syrian secret police and the Iranian telcoms spies don't need to order custom technology that lets them spy on their people, because an American law, CALEA, made it mandatory that this technology be included in all the gear sold in the USA.

Video Presentation:

Project Website: https://www.torproject.org/
 
The Amnesic Incognito Live System (Tails) Live CD:https://tails.boum.org/

This one is Debian-based. I tried it out yesterday and it worked pretty well. This is the official project life cd for all practical purposes.

Liberte Linux Live CD: http://dee.su/liberte

Gentoo-based. I haven't tried this one out yet but there seem to be positive reviews about how light-weight it is.


These are complete ready to use systems that can be booted up without having to manage the browser bundles or any similar set ups.
 
There were some other anonymity-oriented Linux distributions pointed out at https://prism-break.org/ (also mentioned on the site previously here: http://www.destee.com/index.php?threads/opt-out-prism-break-org.77145/ ).

Whonix is one that is actually built with being used inside of virtual machines in mind. There's two images that can be imported into something like virtual box. After starting up both images, you have a gateway and a workstation that can be used to push traffic through Tor's network.

I've been trying it out for the last day or so and it seems to function pretty well even though it's still in a developmental phase.

Here's the project page and documentation: https://www.whonix.org/wiki/Main_Page
 
Tor is continuing their drive to constantly improve the service and address threats to the network (traffic analysis):

When people install the Tor client software, their outgoing and incoming traffic takes an indirect route around the Internet, hopping through a network of “relay” computers run by volunteers around the world. Packets of data hopping through that network are encrypted so that relays know only their previous and next destination (see “Dissent Made Safer”). This means that even if a relay is compromised, the identity of users, and details of their browsing, should not be revealed.

However, new research shows how a government agency could work out the true source and destination of Tor traffic with relative ease. Aaron Johnson of the U.S. Naval Research Laboratory and colleagues found that the network is vulnerable to a type of attack known as traffic analysis.

This type of attack involves observing Internet traffic data going into and out of the Tor network and looking for patterns that reveal the Internet services that a specific Internet connection, and presumably its owner, is using Tor to access. Johnson and colleagues showed that the method could be very effective for an organization that both contributed relays to the Tor network and could monitor some Internet traffic via ISPs.

“Our analysis shows that 80 percent of all types of users may be deanonymized by a relatively moderate Tor-relay adversary within six months,” the researchers write in a paper on their findings. “These results are somewhat gloomy for the current security of the Tor network.” The work of Johnson and his colleagues will be presented at the ACM Conference on Computer and Communications Security in Berlin next month.

Full article: http://www.technologyreview.com/new...a-tune-up-to-protect-users-from-surveillance/
 

Donate

Support destee.com, the oldest, most respectful, online black community in the world - PayPal or CashApp

Latest profile posts

HODEE wrote on Etophil's profile.
Welcome to Destee
@Etophil
Destee wrote on SleezyBigSlim's profile.
Hi @SleezyBigSlim ... Welcome Welcome Welcome ... :flowers: ... please make yourself at home ... :swings:
Back
Top