Hacker News new | comments | show | ask | jobs | submit login
Tor Exit Nodes Mapped and Located (hackertarget.com)
129 points by the_wanderer 1607 days ago | hide | past | web | 61 comments | favorite

Any background on who "Conformal Systems" are and why they would operate exit nodes ? I'm not really familiar with who they are and what they do, but they seem to be the only one in the top-25 that isn't either a hosting company or a residential ISP.

(apart from Formless Networking, but that one is a bit more well known)

Not that it's not nice of them, but it seems a bit out of place.

Conformal is a startup run by a group of former OpenBSD developers including Marco Peereboom (marco@), Owain Ainsworth (oga@), and others. I've met most of them in person, and I've interacted with them on mailing lists for nearly a decade and a half. They are all good people in my book, and they're very talented. On many occasions, both Marco and Owain have helped me debug problems while adding support for new hardware. I can think of one time when Marco asked for both root and serial access to one of my boxes so he could debug a HBA. I gave him root on the system, root on the serial concentrator box, and root access to the network enabled power strip for hard reboots. Yes, I trust him.

Very nice answer. Qualified, thoughtful with no loose ends.

Heck, he knows I can't outrun him, and he knows where I live, so it had better be a nice answer. ;-)

Ha! If only it were only that ;-). (I know you are being faceticious).

No, really it was a genuinely thoughtful and respectful description of the person. I only hope that at my own level, and at some point in life, people I am associated with think of me in (somewhat) similar terms ;-)

hi there jcr, this is jy-p, thanks for the kind words :)

You're welcome jy-p. I just realized that I left out something important that nearly everyone on HN could relate with and appreciate. Conformal is comprised of some of the same people who helped to give the world OpenSSH which absolutely everybody uses. Of course they don't get all the credit, but they helped, and it probably wouldn't take too long to search the commit logs and find some of your names committing/OK'ing patches.

Knowingly or not, anyone running OpenSSH is already trusting the work of the people at Conformal.

There's also their Xombrero browser, of which I am quite a fan. Many thanks to Conformal from a FreeBSD aficionado.

we have more bandwidth than we use and we donate this bandwidth to the tor project. we are fans of the tor project and care about protecting personal privacy and individual expression.

we have 3 nodes running up to 4 processes on each node. each node is capable of pushing out up to ~600 Mbps with 4 processes on it. the nodes run bitrig, a fork of openbsd that several of our developers hack on.

EDIT: i just read the linked article and i see why we are listed - we have our own ASN and run openbgpd from our colo space.

Can you guys write up about your exit nodes, like how they are setup and whatnot? Maybe even post images of the software setup on the machines. This would make it easier for others to run an exit node, since they wouldn't have to worry about setting anything up.

Conformal is primarily a group of former OpenBSD developers.


Seems to me like it fits in with what else they do.

Government contractor. Feel free to guess what they're being paid to do...

Casting doubts and aspersions when you don't know anything and haven't bothered to read up on what they do is extremely unfair.

They do some very impressive cryptographic deduplication. Essentially it's a method to deduplicate already encrypted data reliably. If you don't realize how amazingly cool that is, you need to do some reading. It's a really tough problem, and it solves a major pain point for anyone with large volumes of encrypted data (i.e. governments).

EDIT: Links



"cryptographic deduplication"

How is that even possible? Surely a custom crypto scheme is needed?

cyphertite uses a private (per-user) deduplication pool, not a global deduplication pool like dropbox and many other online storage providers.

Example 1 - user1 uploads file1, then at a later time user1 tries to upload file1 again. the 2nd occurrence of the data in file1 is recognized as a duplicate of what has already been stored, so the service does not re-upload the bulk data of file1. this saves bandwidth, time, cpu cycles etc.

Example 2 - user1 uploads file1, then at a later time user2 uploads file1. in a private (per-user) deduplication pool, both user1 and user2 would need to separately upload a copy of file1, but in a global deduplication pool, user2 would not need to actually upload the bulk file data since it can reference data that user1 uploaded earlier.

the upshot here is that each user has their own separate crypto keys that are used client-side, similar to spideroak, tarsnap, etc.

i could get into the details here, but it's pretty well summarized in our infographic and crypto whitepaper

https://www.cyphertite.com/papers/CT_InfoGraphic.pdf https://www.cyphertite.com/papers/WP_Crypto.pdf

Yes, it's possible with certain kinds of algorithms. A while back IBM found a way to do general computation on data without decrypting it, like adding encrypted dollar amounts together etc. But it's about a million times slower than normal data processing.

General computation on encrypted data was discovered by a graduate student at Stanford named Craig Gentry. He now works for IBM, and has been pretty active in that field, along with a handful of other experts. It's very slow, sure, but over the past 4 years speeds have increased to the point where it is reasonable to start talking about practical applications.

It is also worth pointing out that systems supported restricted classes of functions preceded Gentry's work. If you are willing to limit yourself to NC1 functions (i.e. those that can be represented as boolean circuits with depth that is the logarithm of the input size), you can use oblivious transfer or the SYY construction (cannot recall their names off the top of my head). If you only need products in certain groups, you can use ElGamal. If you only need an XOR, you can use the Goldwasser-Micali system.

Also, there are garbled circuits, which date back to the 1980s. That is a somewhat different notion of computing on encrypted data, since it requires messages to be sent every time the computation is performed. Garbled circuits are substantially faster than FHE right now, although that may change due to FHE's low communication overhead and the rate at which FHE speeds have been improving. Also in this category are multiparty protocols that use arithmetic circuits, which have seen at least one major real-world use:


I wish I could tell you. I understand some of the parts involved but do not understand the method completely, so it's best for everyone that I don't speculate blindly. The Ciphertite web site is a far better reference than I could ever be.

I'll go to the top of the building and light up the tptacek bat signal.

    We changed our logo.
    It no longer looks like a vagina

That was an hilarious blog title I've encountered for a long time.

Everything I can find on them indicates that they are simply an open source company who takes privacy and data security very seriously [1] -- which would explain why they are running tor exit nodes.

What information do you have that they are government contractors?

[1] https://www.conformal.com/

that's a pretty definite statement that is definitely false. Conformal Systems LLC has no government contracts at this time.

Interesting, all the Berlin exit nodes are in a place that is a huge construction area on the Museum Island. Based on this I suppose they were only able to do city-level positioning (GeoIP or something similar).

It's worth noting that the statistics may be skewed because e.g. of US-based operators run their nodes at foreign ISPs due to fear of US law enforcement. Countries with more "liberal" policies probably have more nodes because of this, but it doesn't necessarily mean there are more operators based in those countries.

I'm curious: what are the specific laws that we should be concerned about?

(Obviously the US has many draconian laws regarding cyber-anything, but I'm curious what specific lines we cross with Tor Exit Node operation. Does it include something like ownership and responsibility of the data that passes through a node that we operate?)

Yes, exactly. There's never been any case law on the issue, but in the ideal theoretical world, exit node operators would get the same protections from what their users do that ISPs do.

Unfortunately, since we're often a single guy with no legal entity, we are not afforded such protections by default. I've been running an exit node since 2005, and I've had to switch ISPs numerous times because of abuse coming out of the node. I've even had my hardware physically confiscated when network administrators couldn't figure out what kind of traffic was coming out of it.

While I believe in the goals of the Tor project, I am not really interested in being the guy who has to set the precedent here, so I don't run my exit node in the US any more. If history is any indication it would be a long legal battle to set such a precedent.

See https://www.torproject.org/eff/tor-legal-faq.html.en for more discussion on the topic.

I would think that in any decent courtroom, then eventually would, since those same protections apply to forum operators, chat rooms, picture sharing sites, etc. But I don't blame you at all for not wanting to be the test case, since that would probably be rather expensive and likely to disrupt your personal life.

Your ISP is obviously an ISP, and most law enforcement agencies understand that and that it means that if something dirty comes through there, then an employee of the ISP most likely didn't do it. But if you're using your home PC as an exit node... most agencies probably have no idea what Tor is, and would assume that you personally were doing whatever came through it, and would commence with the whole search, seizure, and media circus before they figured it out.

Ah, I see the distinction you're making: this is a map of exit nodes, not exit node operators. The operators can of course be anywhere in the world. For all we know based on just this map, all the tor exit node operators live in Antarctica.

The article clearly states that they're using GeoIP:

"Geolocation was performed against the IP addresses using the Free GeoIP API"

That quote even contained a hyperlink to Free GeoIP's website.

He notes just above the map, that they used freegeoip.net. So it is indeed city level.

I agree. Majority of Central London ones are right in the middle of the financial district.

And Edinburgh's are smack-bang in the middle of Princes Street Gardens, which is staggeringly unlikely unless they're subterranean...

Yes, obviously city-level GeoIP lookups.

In case its not already obvious, most Geo-IP data is not particularly correct. In my experience its often off by 50-100 miles, and lucky if it even says the correct city. I've actually had Google say my IPs were in Singapore, when they were obviously not, and its a big pain to get Google to change that. Some of the other Geo-IP providers are better, but not by a whole lot in my experience.

If its also not obvious, most large TOR exit nodes are in datacenters and not in people's houses, for a variety of reasons.

I concur with your statements, as I've seen my own GeoIP resolve to someplace 3,000 miles away from my actual physical location.

Bravo for the data center mention as well. As someone who lives in a rural area, without access to high-speed connections, the idea of running a home based server just doesn't make sense.

There's nothing new here. The exit nodes are public knowledge.

Sure, but public knowledge represented in a nice synthetic graphic way is more informative and more efficient at getting a point across.

It's already out of date though. You'd be better looking at the live list the author used.


It'd be cool if someone made one that updates regularly.

Just as I thought, the Kimsufi line is really popular (at least for these kinds of things)! :)

I'm a strong advocate of the Tor project, but man would I ever be afraid to be an exit node

It is worth noting that you can run Tor in non-exit mode, but still route (secure, encrypted) tunnels around for other Tor users. This is (ideally) how every Tor user should act, if at all possible.

True. In fact I personally do this. I really want to run an exit node, but I'm also terrified of having my apartment raided and turned upside down for traffic flowing out of my place.

Being pedantic, but if EVERYONE did that surely you'd never reach the actual internet right? :-)

You are being pedantic, as it's pretty obvious that mburns meant TOR end-users, as distinct from those donating exit node bandwidth.

I thought that Tor was hard-coded to always use 3 nodes between you and the internet, no matter how many there are in the system.

Fair point. :)

To take your pedant to its extreme, though, using Tor Hidden Services entirely inside the Tor network is more secure than using a Tor exit node to access web sites outside of Tor.

If you hear about sites like the Silk Road, those exist only inside the Tor network, you can't (directly) reach them the 'actual internet' / the Web.

Only 3 exit Tor nodes in the Bay Area? I'm surprised, I would have expected a lot more.

15 exit nodes in the kyrgyz republic hospital area alone? Can that be correct?

Thats just an error, if you check the IPs they all belong to EuroVPS who in turn seem to lease their lines from Leaseweb(Netherlands). Maybe Eurovps office used to be in Kyrgyzstan and the whois data was stale at the time this was mapped. (e.g. http://whois.domaintools.com/ Same thing for the one in Almaty, Kazakhstan which is actually located in Belgium (http://whois.domaintools.com/ Another example maps to Vladivostok, but it actually belongs to BurstNET London.

IP geolocalisation sucks badly. For example OVH got only 1 DC (well to be precise one big room) in Paris. Kimsufi are hosted in their DC in Roubaix (north of France). They also got another one located in the east (near Strasbourg). You can also buy an IP located in somewhere else in Europe but linked to your server in Roubaix.

I'm with OVH, and I have various IP's with them. Some Geo-IP to the US, some Geo-IP to Canada ... always fun :-)

Perhaps simply multiple network interfaces / assigned IP addresses - all could actually reside in the same physical machine. (That's probably not good practice Tor-wise, of course - the nodes should be as dispersed as possible..)

edit now that I think about it, placing Tor exits in a hospital area might be a clever tactic to avoid them being raided (e.g. to freeze memory and attempt to extract some data about other nodes etc)..

And just by coincidence they are placed at the center of the capital.

That's an uncomfortably small number of exits, in my opinion.

I think it's interesting that the vast majority are in Europe. I would have expected more in Asia and South America.

Interesting map, zooming into Utah (where I live) shows that the local ISP Xmission is running 3 exit nodes. The map shows 4, but two of them have the same IP address.

Two exit nodes near Washington DC. The NSA's headquarters are within the error tolerance of GeoIP. Coincidence?!

Zooming in and clicking on the arrows:

> IP: Location: Netblock: AS Name: ISP: Reverse DNS: Ashburn, United States AMAZON-AES AMAZON.COM INC. ec2-50-16-161-238.compute-1.amazonaws.com

So, not a coincidence, but also not suspicious - it's just Amazon's data center.

The map puts them in Ashburn, VA, which makes sense as there are massive commercial data centers there. If you have a server or VPS whose location is "east," there's a good chance that it is in an Ashburn data center.

It's very sad that Europe has many times the number of exit nodes as the US has.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact