
Tor Exit Nodes Mapped and Located - the_wanderer
http://hackertarget.com/tor-exit-node-visualization/
======
Wilya
Any background on who "Conformal Systems" are and why they would operate exit
nodes ? I'm not really familiar with who they are and what they do, but they
seem to be the only one in the top-25 that isn't either a hosting company or a
residential ISP.

(apart from Formless Networking, but that one is a bit more well known)

Not that it's not nice of them, but it seems a bit out of place.

~~~
EwanG
Government contractor. Feel free to guess what they're being paid to do...

~~~
jcr
Casting doubts and aspersions when you don't know anything and haven't
bothered to read up on what they do is extremely unfair.

They do some very impressive cryptographic deduplication. Essentially it's a
method to deduplicate already encrypted data reliably. If you don't realize
how amazingly cool that is, you need to do some reading. It's a really tough
problem, and it solves a major pain point for anyone with large volumes of
encrypted data (i.e. governments).

EDIT: Links

<https://www.conformal.com/>

<https://www.cyphertite.com/>

~~~
JonnieCache
_"cryptographic deduplication"_

How is that even possible? Surely a custom crypto scheme is needed?

~~~
sp332
Yes, it's possible with certain kinds of algorithms. A while back IBM found a
way to do general computation on data without decrypting it, like adding
encrypted dollar amounts together etc. But it's about a million times slower
than normal data processing.

~~~
betterunix
General computation on encrypted data was discovered by a graduate student at
Stanford named Craig Gentry. He now works for IBM, and has been pretty active
in that field, along with a handful of other experts. It's very slow, sure,
but over the past 4 years speeds have increased to the point where it is
reasonable to start talking about practical applications.

It is also worth pointing out that systems supported _restricted_ classes of
functions preceded Gentry's work. If you are willing to limit yourself to NC1
functions (i.e. those that can be represented as boolean circuits with depth
that is the logarithm of the input size), you can use oblivious transfer or
the SYY construction (cannot recall their names off the top of my head). If
you only need products in certain groups, you can use ElGamal. If you only
need an XOR, you can use the Goldwasser-Micali system.

Also, there are garbled circuits, which date back to the 1980s. That is a
somewhat different notion of computing on encrypted data, since it requires
messages to be sent every time the computation is performed. Garbled circuits
are substantially faster than FHE right now, although that may change due to
FHE's low communication overhead and the rate at which FHE speeds have been
improving. Also in this category are multiparty protocols that use arithmetic
circuits, which have seen at least one major real-world use:

<http://fc09.ifca.ai/papers/15_Secure_MPC_goes_live.pdf>

------
bergie
Interesting, all the Berlin exit nodes are in a place that is a huge
construction area on the Museum Island. Based on this I suppose they were only
able to do city-level positioning (GeoIP or something similar).

~~~
tych0
It's worth noting that the statistics may be skewed because e.g. of US-based
operators run their nodes at foreign ISPs due to fear of US law enforcement.
Countries with more "liberal" policies probably have more nodes because of
this, but it doesn't necessarily mean there are more operators based in those
countries.

~~~
hkmurakami
I'm curious: what are the specific laws that we should be concerned about?

(Obviously the US has many draconian laws regarding cyber-anything, but I'm
curious what specific lines we cross with Tor Exit Node operation. Does it
include something like ownership and responsibility of the data that passes
through a node that we operate?)

~~~
tych0
Yes, exactly. There's never been any case law on the issue, but in the ideal
theoretical world, exit node operators would get the same protections from
what their users do that ISPs do.

Unfortunately, since we're often a single guy with no legal entity, we are not
afforded such protections by default. I've been running an exit node since
2005, and I've had to switch ISPs numerous times because of abuse coming out
of the node. I've even had my hardware physically confiscated when network
administrators couldn't figure out what kind of traffic was coming out of it.

While I believe in the goals of the Tor project, I am not really interested in
being the guy who has to set the precedent here, so I don't run my exit node
in the US any more. If history is any indication it would be a long legal
battle to set such a precedent.

See <https://www.torproject.org/eff/tor-legal-faq.html.en> for more discussion
on the topic.

~~~
ufmace
I would think that in any decent courtroom, then eventually would, since those
same protections apply to forum operators, chat rooms, picture sharing sites,
etc. But I don't blame you at all for not wanting to be the test case, since
that would probably be rather expensive and likely to disrupt your personal
life.

Your ISP is obviously an ISP, and most law enforcement agencies understand
that and that it means that if something dirty comes through there, then an
employee of the ISP most likely didn't do it. But if you're using your home PC
as an exit node... most agencies probably have no idea what Tor is, and would
assume that you personally were doing whatever came through it, and would
commence with the whole search, seizure, and media circus before they figured
it out.

------
bifrost
In case its not already obvious, most Geo-IP data is not particularly correct.
In my experience its often off by 50-100 miles, and lucky if it even says the
correct city. I've actually had Google say my IPs were in Singapore, when they
were obviously not, and its a big pain to get Google to change that. Some of
the other Geo-IP providers are better, but not by a whole lot in my
experience.

If its also not obvious, most large TOR exit nodes are in datacenters and not
in people's houses, for a variety of reasons.

~~~
D9u
I concur with your statements, as I've seen my own GeoIP resolve to someplace
3,000 miles away from my actual physical location.

Bravo for the data center mention as well. As someone who lives in a rural
area, without access to high-speed connections, the idea of running a home
based server just doesn't make sense.

------
nwh
There's nothing new here. The exit nodes are public knowledge.

~~~
liotier
Sure, but public knowledge represented in a nice synthetic graphic way is more
informative and more efficient at getting a point across.

~~~
nwh
It's already out of date though. You'd be better looking at the live list the
author used.

<http://torstatus.blutmagie.de/>

~~~
saraid216
It'd be cool if someone made one that updates regularly.

------
wfn
Just as I thought, the Kimsufi line is _really_ popular (at least for these
kinds of things)! :)

------
lukejduncan
I'm a strong advocate of the Tor project, but man would I ever be afraid to be
an exit node

~~~
mburns
It is worth noting that you can run Tor in non-exit mode, but still route
(secure, encrypted) tunnels around for other Tor users. This is (ideally) how
every Tor user should act, if at all possible.

~~~
traskjd
Being pedantic, but if EVERYONE did that surely you'd never reach the actual
internet right? :-)

~~~
scoot
You are being pedantic, as it's pretty obvious that mburns meant TOR _end-
users_ , as distinct from those donating exit node bandwidth.

------
kjackson2012
Only 3 exit Tor nodes in the Bay Area? I'm surprised, I would have expected a
lot more.

------
dgesang
15 exit nodes in the kyrgyz republic hospital area alone? Can that be correct?

~~~
kl0nk
IP geolocalisation sucks badly. For example OVH got only 1 DC (well to be
precise one big room) in Paris. Kimsufi are hosted in their DC in Roubaix
(north of France). They also got another one located in the east (near
Strasbourg). You can also buy an IP located in somewhere else in Europe but
linked to your server in Roubaix.

~~~
X-Istence
I'm with OVH, and I have various IP's with them. Some Geo-IP to the US, some
Geo-IP to Canada ... always fun :-)

------
jes5199
That's an uncomfortably small number of exits, in my opinion.

------
reycharles
I think it's interesting that the vast majority are in Europe. I would have
expected more in Asia and South America.

------
josephscott
Interesting map, zooming into Utah (where I live) shows that the local ISP
Xmission is running 3 exit nodes. The map shows 4, but two of them have the
same IP address.

------
bcherry
Two exit nodes near Washington DC. The NSA's headquarters are within the error
tolerance of GeoIP. Coincidence?!

~~~
chimeracoder
Zooming in and clicking on the arrows:

> IP: Location: Netblock: AS Name: ISP: Reverse DNS: 50.16.161.238 Ashburn,
> United States 50.16.0.0/16 AMAZON-AES AMAZON.COM INC.
> ec2-50-16-161-238.compute-1.amazonaws.com

So, not a coincidence, but also not suspicious - it's just Amazon's data
center.

------
malandrew
It's very sad that Europe has many times the number of exit nodes as the US
has.

