

Ask HN:  Can we have a discussion about Tor? - eof

I tried (https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=5843524) to do this before but it flopped.<p>I get that the government funds Tor; which doesn&#x27;t really matter to me.  The government also makes guns but I can still shoot a government official with it, if it came to that.  What I want to know is whether or not, if I am using Tor correctly, can I be identified.<p>By correctly I mean:<p>- Only use Tor from bootable live, generic distro.<p>- Never use plugins<p>- Never use any identifying information<p>- Always use PGP for sending any personally identifiable information<p>- Never access any of my &#x27;real&#x27; identities stuff.. like logging into my reddit account or gmail or something that I would do on the &#x27;clearnet&#x27;.<p>If I, hyopthetically speaking, were going to engage in an illegal activity, such as clicking a hypothetical felony button on a hypothetical Tor hidden service; and I did it from my home network which I pay for with a direct deposit out of my bank account; from a <i>technical</i> and <i>likely reality</i> situation (regarding who controls Tor nodes), what are the situations that would lead to me being able to be convicted of said crime.<p>Further, what if I add a VPN, and which VPN do I need to add?  I do get that a VPN is theoretically adding a layer of security, but it appears I have to trust the VPN itself; which is less than ideal, cus I may get unlucky and pick a honey pot.<p>It seems, in light of recent revelations, that some discussion surrounding this would be interesting and&#x2F;or beneficial to many people.
======
drostie
You could potentially affiliate with social networks in such a way as to leave
a clear fingerprint; that is, you could be, both in your 'anonymous' and
'real' life, the only person who connects 20 different social groups together.
This could be as simple as quoting song lyrics. If you tried to deliberately
avoid this, then you could potentially be identified simply based on that --
"these two people have too similar interests to _not_ know each other" or so.

Your very manner of speaking can reveal a lot about you. I vaguely remember
hearing a cold reader say something like, "the first thing I get to know about
someone is their hands." Similarly, your word and spelling choices can inform
others about your country of origin, and can potentially do much more than
that.

Tor could have security issues, especially if you don't keep it up-to-date.
Even if it doesn't have security issues, you could accidentally choose an
entrance and exit node which are in cahoots and can thereby de-anonymize you.
This applies less to hidden services, but still does apply. That is, the
government could have compromised the hidden server, and thus might be able to
correlate your activity.

Speaking of that, the times of day that you're active can already narrow down
what countries you may live in, and may reveal roughly when you go to work and
when you come back. So, for example, if you're using IRC over Tor, people
could probably get a lot of information about you. Supposing that law
enforcement has narrowed your real-life persona as a likely target, for
example, they might just see if you join and part only when you're home.

If you were, say, browsing Hacker News or some other site, this could possibly
be identified simply by looking at the size of the chunks of incoming traffic.
This would be more and more common for larger and larger files -- I would not
recommend downloading large videos over Tor, and images could probably offer a
similar fingerprint.

You could use an insecure application over Tor -- sending BitTorrent tracker
requests over Tor (while downloading in the clear) is one of the most common.
So, if you tried to start up your IRC client before the Tor proxy was up, and
your client happened to detect that its proxy wasn't working and tried to
connect without one, that could compromise your identity pretty fast. For that
matter, someone could potentially use an exploit against an out-of-date
browser or operating system to turn on your webcam and take some pictures. For
that matter, someone could hide a camera right behind you. You might consider
only using Tor from within a bedsheet fort if you're suitably paranoid.

More realistically, the fact that you're using a bootable live distro could
potentially be used to identify you; there aren't so many people doing that
and your Referer string might well be unique. For that matter, the fonts
installed on your machine might be probed and unique. It's worth checking this
with EFF's Panopticlick. If your use of Tor hidden services reveals "he's a
Welsh male Debian and Tor user who likes this obscure band," you might be
identifiable solely based on that, and it's hard to be 100% sure that you have
masked the fact that you are Welsh or male.

~~~
s_baby
I can't recall the study but it claimed around 2 dozen bits of information are
all you need to identify any person in the world.

Sort of like a binary search on people with a Log(8,000,000,000) performance.

------
Tombar
From [http://grugq.github.io/blog/2013/06/10/good-luck-with-
that/](http://grugq.github.io/blog/2013/06/10/good-luck-with-that/)

The publicly available tools for making yourself anonymous and free from
surveillance are woefully ineffective when faced with a nationstate adversary.
We don’t even know how flawed our mental model is, let alone what our counter-
surveillance actions actually achieve. As an example, the Tor network has only
3000 nodes, of which 1000 are exit nodes. Over a 24hr time period a connection
will use approximately 10% of those exit nodes (under the default settings).
If I were a gambling man, I’d wager money that there are at least 100
malicious Tor exit nodes doing passive monitoring. A nation state could double
the number of Tor exit nodes for less than the cost of a smart bomb. A nation
state can compromise enough ISPs to have monitoring capability over the
majority of Tor entrance and exit nodes.

Other solutions are just as fragile, if not more so.

Basically, all I am trying to say is that the surveillance capability of the
adversary (if you pick a nationstate for an adversary) exceeds the evasion
capability of the existing public tools. And we don’t even know what we should
be doing to evade their surveillance.

------
rlpb
Here's one scenario:

You can be identified that you are using Tor, at your ISP end. If it is
acceptable for your ISP to provide information about the connections you are
making (the metadata) to the authorities without warrant, then the authorities
can gather a list of citizens who use Tor. They might then convince a kangaroo
court that using Tor is enough cause to suspect criminal activity such that
the court issues a warrant for further direct surveillance, or to seize your
computers. Then you could be jailed until you reveal your encryption keys, or
the direct surveillance could catch you in the act.

All this could happen even if you're doing nothing illegal on Tor.

Does this seem far fetched? Given recent events, it seems that potential
adversaries don't have a problem with:

1) Gathering data en-masse without warrant (eg. this recent event). 2)
Convincing courts that you're doing illegal things based on tenuous
information that they've gathered, without any further oversight (eg. IP
addresses participating in a BitTorrent stream). 3) Arranging for your
computer equipment to be seized on trumped up charges, even if you're in a
different jurisdiction (eg. Kim Dotcom). 4) Forcing you to reveal your
encryption keys, under threat of jail (law in the UK; precedent set in some
jurisdiction in the US, although AIUI the Supreme Court may eventually
overrule).

------
420365247
I think the biggest fear with using Tor, Onion Routing and the Darknet is that
it was all sort of developed by the Navy. I think it provides pockets of
government pretty easy access to treasure troves of data.

If you are doing everything bootable, javascript turned off, pgp, encrypted
hard drive...I would imagine you would be "okay"...I am no expert. However, I
have done a significant amount of research on Tor. It seems that as many here
mention, the Exit Node can potentially be identified. Also, if someone was
determined, had enough resources, they could also "possibly" "sort of" trace
the traffic route. But this is very very hard to do (according to what ive
read), and would require a vast amount of resources.

SWIM has been on Tor a few times and found it to be a neat, very useful tool,
in and of itself. The ability to essentially obscure your traffic on the
ClearNet (regular internet) has alot of potential uses, both good and bad.
That said, if you access the DarkNet, there is alot of things on there that
people should question who is putting it there. Seems like a very easy way to
find people who want to access that stuff, especially if you can only access
it using something like Tor. Makes it very clear who is seeking that stuff.

------
bifrost
Tor doesn't really help you a ton, but its useful for avoiding local
surveilance. It doesn't help you a ton if you go to a known endpoint a lot.
All you need to do is go to the known endpoint while not on Tor and you're
revealed.

As for VPN providers, there are YC companies who do security so they're known
and ideally trustable. Rather -> The chain of trust is easily verifiable.

------
mkautzm
A lot of Tor is filed deeply in 'Internet Black Magic™" for me, but my
understanding of it is such that if someone who wants to identify you happens
to have access to the exit node you are connected to, you can be identified.

That is about the best I can do.

I'm actually curious as to what others say about this as well though!

~~~
mike-cardwell
That's not quite true. The exit node is capable of seeing what the traffic
contains, and where it is destined for, but not where it came from. So as long
as the traffic it's self doesn't contain anything that identifies you, eg
posting your name on some non-https forum, then you're fine.

 _Unless_ the attacker is able to observe the entry node and exit node at the
same time, and perform a timing/correlation attack.

