The Tor Project Anonymity Online Erinn Clark

Slides:



Advertisements
Similar presentations
ToR. Tor: anonymity online Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet.
Advertisements

Staying Safe, Having Fun, And Cruising The ‘Net Daniel Owens IT Security Professional.
Sofya Rozenblat 11/26/2012 CS 105 TOR ANONYMITY NETWORK.
© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
Anonymity and the Internet Nathan Owens. Overview Regular Internet anonymity Non-standard implementations Benefits Negatives Legal changes Future Ideas.
CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Case Study: TOR Anonymity Network Bahadir Ismail Aydin Computer Sciences and Engineering University.
Adrian Crenshaw. Darknets  There are many definitions, but mine is “anonymizing private networks ”  Use of encryption.
Esri Maps for Office A brief introduction Dan Ames 9/20/2012.
COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.
Juan Ortega 8/20/09 NTS300. Right now IPv4 dominates the Internet with some experts believing the need for IPv6 isn’t necessary because of NAT. But even.
Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–
Digital Law -The Deep Web- Digital Law -The Deep Web- Liam Leppard Matthias Lee Russell Wong.
Protecting Children from Internet Pornographers Act of 2011.
ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.
1 Design of a blocking-resistant anonymity system Roger Dingledine, Nick Mathewson The Tor Project.
1 How to make Tor play well with the rest of the Internet. Roger Dingledine The Tor Project
The Tor Project
1 Tor and circumvention: Lessons learned Roger Dingledine The Tor Project
1 Tor: a brief intro Roger Dingledine The Tor Project
1 Overview of Tor issues Roger Dingledine The Tor Project
1 Tor and circumvention: Lessons learned Roger Dingledine The Tor Project
1 Tor and circumvention: Lessons learned Roger Dingledine The Tor Project
1 Tor blocking-resistance design overview Roger Dingledine The Tor Project
Online Anonymity & Privacy Andrew Lewman The Tor Project
17- 1 Last time ● Internet Application Security and Privacy ● Link-layer security: WEP, WPA, WPA2 ● Network-layer security: VPN, IPSec.
1 Tor and circumvention: Lessons learned Roger Dingledine The Tor Project
Online Anonymity The Tor Project
1 Paul Syverson U.S. Naval Research Laboratory Anonymous Internet Communication.
The Tor Project Anonymity Online Erinn Clark TU-Berlin Techtalks January 2011.
1 Tor: Anonymous Communications for the EFF... and you. Roger Dingledine The Tor Project
 P:I know bullying over the Internet is a problem (…) I still don’t know what I can do about it.  C:Well, why wouldn’t you treat a cyberbully like any.
1 Tor: a quick overview Roger Dingledine The Tor Project
Andrew Lewman The Tor Project
Hotspot Shield Protect Your Online Identity
CS590B/690B Detecting Network Interference (Fall 2016)
CS590B/690B Detecting Network Interference (FALL 2016)
Tor Good + Evil.
Vulnerabilities in Tor: (past,) present, future
Private Facebook Chat Chris Robison, Scott Ruoti, Tim van der Horst, Kent Seamons Internet Security Research Lab Computer Science Department Brigham Young.
Common Methods Used to Commit Computer Crimes
The Tor Project
The Tor Project
The Hidden face of the Darknet
Online Anonymity Roger Dingledine, Andrew Lewman The Tor Project
Andrew Lewman
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
Tor Internals and Hidden Services
Practical Censorship Evasion Leveraging Content Delivery Networks
Anonymous Communication
By Karen Hesse Historical fiction verse novel in five acts
Web 2.0 and Internet Safety for Educators
Andrew Lewman The Tor Project
Karen Reilly Andrew Lewman
Andrew Lewman The Tor Project
Introduction to Networking
Privacy Online.
Roger Dingledine Jacob Appelbaum
Fast Action Links extension A love letter to CiviCRM
QuickBooks Pro- Issues That Are Commonly Faced by You Failure in upgrading data file Rebuilding data file Connection loose while attempt Reinstallation.
QuickBooks Pro- Issues That Are Commonly Faced by You Failure in upgrading data file Rebuilding data file Connection loose while attempt Reinstallation.
Exercise ?: TOR.
Privacy Through Anonymous Connection and Browsing
0x1A Great Papers in Computer Security
Anonymous Communication
Anupam Das , Nikita Borisov
DoH! Peter Van Roste GAC/ccNSO meeting - ICANN 64
Anonymous Communication
My Digital Footprint….
Anonymous Communication
CS101 Security.
Presentation transcript:

The Tor Project Anonymity Online Erinn Clark erinn@torproject.org Codebits 2010

In the future everyone will be anonymous for 15 minutes – Banksy

The Tor Project, Inc. 501(c)(3) non-profit dedicated to the research and development of tools for online anonymity and privacy

The Tor Project, Inc. 501(c)(3) non-profit dedicated to the research and development of tools for online anonymity and privacy Thousands of volunteers running relays

The Tor Project, Inc. 501(c)(3) non-profit dedicated to the research and development of tools for online anonymity and privacy Thousands of volunteers running relays Dozens of volunteer developers

The Tor Project, Inc. 501(c)(3) non-profit dedicated to the research and development of tools for online anonymity and privacy Thousands of volunteers running relays Dozens of volunteer developers Between 7-15 paid developers at any given time

All personal life rested on secrecy, and possibly it was partly on that account that civilized man was so nervously anxious that personal privacy should be respected. - Anton Chekhov The Lady with the Little dog

What is anonymity?

Anonymity isn't cryptography: Cryptography just protects contents “Hi, Bob!” “Hi, Bob!” Alice <gibberish> Bob attacker

Anonymity isn't just wishful thinking... “You can't prove it was me!” “Promise you won't look!” “Promise you won't remember!” “Promise you won't tell!” “I didn't write my name on it!” “Isn't the Internet already anonymous?”

What is Tor? Online anonymity: software, network, protocol

What is Tor? Online anonymity: software, network, protocol Free software

What is Tor? Online anonymity: software, network, protocol Free software Community of researchers, developers, and relay operators

What is Tor? Online anonymity: software, network, protocol Free software Community of researchers, developers, and relay operators Funding from US DoD, EFF, Voice of America, Google, NLNet, Human Rights Watch, ...

Though he flick my shoulders with his whip I will not tell him which way the fox ran - Edna St. Vincent Millay Conscientious Objector

Threat model: what can the attacker do? Anonymity network Alice Bob watch Alice! watch (or be!) Bob! Control part of the network!

The simplest designs use a single relay to hide connections Alice1 Bob1 E(Bob3,“X”) “Y” Relay Alice2 Bob2 E(Bob1, “Y”) “Z” “X” E(Bob2, “Z”) Alice3 Bob3 (example: some commercial proxy providers)

But a single relay (or eavesdropper!) is a single point of failure Alice1 Bob1 E(Bob3,“X”) “Y” Evil Relay Alice2 Bob2 E(Bob1, “Y”) “Z” “X” E(Bob2, “Z”) Alice3 Bob3

… or a single point of bypass Alice1 Bob1 E(Bob3,“X”) “Y” Irrelevant relay Alice2 Bob2 E(Bob1, “Y”) “Z” “X” E(Bob2, “Z”) Alice3 Bob3

So, add multiple relays so that no single one can betray Alice Bob R1 R3 R5 R4 R2

A corrupt first hop can tell that Alice is talking, but not to whom Bob R1 R3 R5 R4 R2

A corrupt final hop can tell that somebody is talking to Bob, but not who Alice Bob R1 R3 R5 R4 R2

But the network layer is not the only problem Browsers and plugins can de-anonymize you too Browsers are unique Plugins almost always ignore proxy settings Plaintext over Tor still plaintext

Torbutton Enables/disables Tor use in the browser Firefox extension (Chrome in-process) Enables/disables Tor use in the browser Disables plugins by default

Who uses Tor and why?

Who uses Tor and why? Normal people Law enforcement Human rights activists Business executives Militaries Abuse victims Whistleblowers

Estimated 500,000 daily Tor users

Tor and Circumvention

Tor and Circumvention

Tor and Circumvention What happened around September 25th, 2009?

Tor and Circumvention What happened around September 25th, 2009? China blocked most of the Tor network in anticipation of the CCP 60th anniversary

Tor and Circumvention

Tor and Circumvention

Want to help? Run a relay Help us hack on stuff! Run a bridge More information at https://www.torproject.org/

Credits and Links Irving Penn / Steinberg In Nose Mask Recreation: Summer Luu via Flickr http://www.flickr.com/photos/summerluu/2388805263/ “How Unique is Your Browser?” https://panopticlick.eff.org/browser-uniqueness.pdf Tor Metrics Portal https://metrics.torproject.org/