back to article Inside the EYE of the TORnado: From Navy spooks to Silk Road

TOR is the most widely used system for the provision of anonymity for internet users. I'll look at how TOR came about: its beginnings in the US Navy; growth and use by both pro-democracy freedom fighters and the less savoury elements of the internet; and how the NSA may have managed to peel the onion router for the FBI to help …

  1. mythicalduck
    WTF?

    huh?

    "With every user functioning as both an entry and exit node and being on relatively modest connections,"

    "The conspiracy theorists would argue that most of the exit nodes are now controlled by the government, as are the hosts"

    So, are exit nodes any user? or specific ones?

    I don't really know much about Tor, but both can't be true

    1. Gordon 10 Silver badge

      Re: huh?

      For controlled - I read accessible - presumably because you should assume the Govt has your ISP penetrated or legally under the thumb.

    2. Old Handle

      Re: huh?

      I don't think the author is particularly well informed, especially with regard to terminology. Starting with the (admittedly trivial) fact that Tor is a name, and properly capitalized as such, despite its acronymic origins.

      But more importantly, exit node has a specific meaning, and it most definitely doesn't refer to "every user". It's also 100% incorrect that everyone using Tor automatically shares bandwidth, either as an exit node (i.e. a gateway to the normal internet) or otherwise. You have to specifically turn on sharing if you want to help out.

      The article seems confused about the JS exploit incident too. The exploit was specifically inserted in hidden service websites hosted by Freedom Hosting (which incidentally included legitimate sites like webmail service). So I'm not sure in what sense it could be "not aimed at Freedom Hosting". And then in the second paragraph down it starts talking about exit nodes again, when hidden services like these don't use exit nodes.

      1. Havin_it
        FAIL

        Re: huh?

        Yup, some screaming errors re exit nodes. It's not a very useful article on a subject like this if it misinforms this badly; in fact, it could be downright ruinous if taken as gospel. NOT going to be making a bee-line for the follow-up article if this is the standard.

      2. Wiretrip

        Re: huh?

        Yes, some terrible and fundamental factual errors here. I was going to ask if El Reg's favourite, Stephen Fry, had written it...

        1. gazthejourno (Written by Reg staff)

          Re: Re: huh?

          If you see factual cockups like this, please use the "send corrections link" at the bottom left of the article page. We'd rather edit it and have correct information up than duff info with everyone complaining about it underneath.

          1. Wiretrip

            Re: huh?

            Fair point! Will do

          2. auburnman

            Re: huh?

            Why don't you trial a flag/checkbox for the comments like "This comment contains corrections to the article?" and have those comments automatically emailed to the duty editor when posted? Much easier/more natural from a commentard standpoint. And having it linked to a profile means you could revoke the ability to submit corrections if you get nutters correcting every article with "9-11 WAS AN INSIDE JOB ORCHESTRATED BY ELVIS BECAUSE WALL STREET FOUND OUT THE TRUTH ABOUT THE MOON LANDINGS" or somesuch.

  2. Sir Runcible Spoon

    Guily of running a TOR node

    In relation to the comment about being culpable for traffic that exits via your node - if one is guilty - surely all are guilty - including the government agencies also running exit nodes.

    1. Graham Marsden
      Childcatcher

      Re: Guily of running a TOR node

      Ah, but it's always different when *they* do it.

      One law for us...

    2. Charles 9 Silver badge

      Re: Guily of running a TOR node

      The exit nodes would probably be legally covered under the auspices of a Sting Operation. Much as undercover cops are allowed to handle cases of drugs and even child porn so as to facilitate Sting Operations.

  3. TwistUrCapBack
    Thumb Up

    Great article - im looking forward to the TORplug one !

  4. emmanuel goldstein

    NICE ARTICLE...

    But might have been more accurate to say Silk Road was like eBay, rather than Walmart.

    Very interesting read though.

  5. I. Aproveofitspendingonspecificprojects

    Oh? Really?

    > As encryption and communication methods evolved, TOR was no longer required by the government.

    > The Navy let go of the technology in late 2002 and its support was taken over by famed US military

    > bonkers-boffinry bureau DARPA (the Defense Advanced Research Projects Agency).

    >

    > However, some have hooked onto this awesome technology and have taken to trying to torrent through

    > TOR. It exposes the IP addresses of all of the members of the BitTorrent swarm – which destroys the

    > security of users and jeopardises the people running the end node.

    Tell me again why it was ditched. Something to do with intelligence?

    Military intelligence?

    > I will shortly be reviewing the TORplug, a plug-in device that will allow you to browse the internet using

    > TOR without installing any software on your computer.

    I want one of those. Something I can take with me to the local library/school or college. Will you be showing us how to make sure it isn't made in China?

  6. phuzz Silver badge
    Unhappy

    Tor Relays

    If you're in the UK and you run a tor relay node, then you might get blocked from BBC iPlayer (and all the other bbc.co.uk sites). We did, and after two months, we're still blocked :(

    On the other hand, it's interesting to see the difference in bias between news.bbc.co.uk and bbc.com

    1. ZSn

      Re: Tor Relays

      Funny enough five years ago when I first discovered TOR I experimented by streaming BBC iPlayer across it. It worked remarkably well, the bandwidth was more than sufficient. I guess that wouldn't work anymore from what you say (also that is antisocial to the TOR network).

    2. GrumpyOldMan

      Re: Tor Relays

      Depends where your exit relay is. If you end up with a Spanish IP for example, then don't be surprised you're blocked. I use a VPN set to a UK server when I'm abroad with work and want to watch iPlayer or do any UK banking.

  7. Anonymous Coward
    Anonymous Coward

    Love the article

    Thanks for bringing this all together, I would like to know more, particularly the risks - I can see that an early mistake will blow your cover for ever. What is the deal with regard to getting involved?

    I feel bound to make an attempt to "seed" rather than just leech, to contribute to the network - but then I really don't want child porn to get any help from me. I certainly don't want anyone having good reason to knock on my door.

    Like many Reg readers, I know of people, ahem, that might occasionally be interested in Silk Road sorts of produce. In any case I'm strongly of the opinion that consenting adults in private can consume whatever they want, it's not a decision for the Daily Mail, or their government lickspittles to make.

    In many ways Silk Road takes the organised criminals out of the system, like eBay makes it's easy to be a small player.

    So, my friend wants to know how to set-up an untraceable bitcoin account, how to set-up a Tor node without being traced to the original download, and how to help it along with minimum risk.

    Thanks :)

    1. Old Handle

      Re: Love the article

      If you only run a relay node (not an exit node) the chance of getting a knock at your door is pretty much zero. It has never happened as far as I'm aware. (Obviously I'm assuming you don't live in China, that wouldn't be a a different situation.)

      You do risk getting blocked from certain websites though, since apparently they can't be bothered to distinguish between exit and relay nodes despite the Tor Project publishing a list of which is which.

    2. Anonymous Coward
      Anonymous Coward

      To contribute to the network without risk:

      Configure your Tor installation to act as a middle-man relay only. Exit nodes are at risk because plaintext sniffable traffic emerges from them to the net-at-large. Middle-man nodes contribute to the overall bandwidth of the network, but handle only entirely opaque blobs of encrypted data.

      1. Mark 65

        Re: To contribute to the network without risk:

        Yeah, I was going to say in light of the article that acting as a middleman relay and shuffling already encrypted traffic will likely leave you immune from the door knock as

        1. You are receiving from one node and passing to another like pass-the-parcel

        2. You cannot know what the nature of said traffic is by design.

        3. Caveat, they're arsehats so never say never.

  8. JimWin

    Tor Relays

    "On the other hand, it's interesting to see the difference in bias between news.bbc.co.uk and bbc.com"

    You can read both news channels on any network. Like BBC news v BBC World, they sre targetting different markets (UK v RotW).

  9. RobHib
    Thumb Down

    It's unlikely Tor can ever be fully secure.

    I've always assumed that using Tor would bring attention to oneself in the same way that sending encrypted emails flags attention.

    This story only seems to confirm that fact. Why wouldn't it? Given the Government's original involvement in Tor together with Snowden's revelations etc., it's obvious to me that Tor would be carefully monitored by any and every available means.

    Frankly, I just don't believe that one's privacy can ever be truly secure on the net whilst source and destination IP addresses exist in their current form—irrespective of what obfuscation system one uses in the middle.

    Seems to me that these days only the stupid and the desperate would be sufficiently foolhardy to transmit incriminating data across the net, irrespective of the means by which it is done.

    1. Anonymous Coward
      Anonymous Coward

      Re: It's unlikely Tor can ever be fully secure.

      True, but Tor is currently the most common way of accessing piratebay for people in the UK - that's a lot of people using it.

      1. D 13
        Pirate

        Re: the most common way of accessing piratebay

        I don't think that's gong to last for long. Piratebay is blocked by most ISPs but it's very easy to find a proxy now. Much faster than starting up Tor.

      2. gsk

        Re: It's unlikely Tor can ever be fully secure.

        Really, I can't believe that most people using TPBare using TOR rather than a VPN or just using a proxy site??

  10. Vociferous

    So what the world needs is more TOR exit nodes.

    Much more. Lots.

    1. Charles 9 Silver badge

      Re: So what the world needs is more TOR exit nodes.

      Trouble is, just about any place you could put a TOR exit node has a snoopy government ready to demand access. If it isn't the US or UK, it's Russia, China, or whomever else is in charge.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like