"onion router"

Happy Data Privacy Day! A turning point for anonymity, privacy, and the tools that deliver them

Last week, we celebrated Data Privacy day. Everything we do online—whether on a computer or on a mobile device—is being tracked, traced, compiled, crunched, bought and sold by familiar tech-titans like Google, Facebook, Verizon and hundreds of lesser known data brokers who help advertisers build frighteningly detailed digital profiles of users by harvesting data from a variety of sources, including customer databases and online platforms. After I lecture to my students on this topic, rattling off a dozen mechanisms by which corporations and governments can spy and pry on us, threating both anonymity and privacy, their reaction is usually either indifference (because, you know, they think they have nothing to hide) or for those that I’ve convinced they should care, some measure of despair.

DoJ to judges: use Tor to protect your internet connection

This summer, DoJ Cybercrime Lab director Ovie Carroll presented at a Federal Judicial Seminar in San Diego, attended by over 100 US federal judges, where he recommended that the judges should use Tor -- The Onion Router, subject of much handwringing and serious technological assaults from the US government, but which is also primarily funded by the USG -- to protect their personal information while using their home and work computers. Read the rest

How libraries can save the Internet of Things from the Web's centralized fate

Everyone thinks libraries have a positive role to play in the world, but that role differs greatly based on whether you’re talking to a librarian or a patron. Ask a patron what libraries have in common and they’d probably answer: they share books with people. Librarians give a different answer: they share a set of values. It’s time for libraries to step up to those values by supporting access to the Internet and taking the lead in fighting to keep the Internet open, free, and unowned.

What happened when we got subpoenaed over our Tor exit node

We've run a Tor exit-node for years. In June, we got the nightmare Tor operator scenario: a federal subpoena (don't worry, it ended surprisingly well!)

The Tor Project is hiring a new executive director

So, an EFF activist gig isn't for you and neither is deputy director of the Free Software Foundation: how about executive director of the Tor Project, which maintains The Onion Router, a crucial piece of anonymity and privacy technology? Read the rest

Which crowdfunded privacy routers are worthy of your trust?

After the spectacular rise and fall of Anonabox, a kickstarted $45 router that was supposed to protect your privacy but had its campaign yanked for not being entirely forthright with backers, a spate of shady, silly, and even serious projects have sprung up to fill the demand that Anonabox's $615,000 Kickstarter near-win demonstrated. Read the rest

Honorable spies anonymously leak NSA/GHCQ-discovered flaws in Tor

Andrew Lewman, head of operations for The Onion Router (TOR), an anonymity and privacy tool that is particularly loathed by the spy agencies' capos, credits Tor's anonymous bug-reporting system for giving spies a safe way to report bugs in Tor that would otherwise be weaponized to attack Tor's users. Read the rest

If you read Boing Boing, the NSA considers you a target for deep surveillance

The NSA says it only banks the communications of "targeted" individuals. Guess what? If you follow a search-engine link to Boing Boing's articles about Tor and Tails, you've been targeted. Cory Doctorow digs into Xkeyscore and the NSA's deep packet inspection rules.

Seven things you should know about Tor

Tor (The Onion Router) is a military-grade, secure tool for increasing the privacy and anonymity of your communications; but it's been the subject of plenty of fear, uncertainty and doubt.

The Electronic Frontier Foundation's 7 Things You Should Know About Tor debunks some of the most common myths about the service (which even the NSA can't break) and raises some important points about Tor's limitations.

7 Things You Should Know About Tor [Cooper Quintin/EFF] Read the rest

Against the instrumental argument for surveillance

In my latest Guardian column, 'Cybersecurity' begins with integrity, not surveillance, I try to make sense of the argument against surveillance. Is mass surveillance bad because it doesn't catch "bad guys" or because it is immoral? There's a parallel to torture -- even if you can find places where torture would work to get you some useful information, it would still be immoral. Likewise, I've come to realize that the "it doesn't work" argument isn't one that I want to support anymore, because even if mass surveillance did work, it would still be bad.

One thing that parenting has taught me is that surveillance and experimentation are hard to reconcile. My daughter is learning, and learning often consists of making mistakes constructively. There are times when she is working right at the limits of her abilities – drawing or dancing or writing or singing or building – and she catches me watching her and gets this look of mingled embarrassment and exasperation, and then she changes back to some task where she has more mastery. No one – not even a small child – likes to look foolish in front of other people.

Putting whole populations – the whole human species – under continuous, total surveillance is a profoundly immoral act, no matter whether it works or not. There no longer is a meaningful distinction between the digital world and the physical world. Your public transit rides, your love notes, your working notes and your letters home from your journeys are now part of the global mesh of electronic communications.

Read the rest

NSA and UK intel agency GCHQ target online anonymity tool Tor, according to leaked Snowden documents

Despite the fact that online anonymity tool Tor was developed with US government funds, the NSA really does not like Tor.

Top-secret documents leaked to the Guardian by former US intelligence contractor Edward Snowden reveal details of repeated attempts by the US and UK governments to crack Tor, the "onion router" that was originally funded in by the US government, and used widely by dissidents and activists around the world. Tor's core network security remains intact, but the NSA has had some success attacking users' computers, according to the report.

Who uses Tor? According to one of the slides in the leaked presentations, "Terrorists!" The NSA is fond of the generous use of exclamation points in these things. Read the rest

Iran blocks TOR, TOR unblocks itself later that day

On September 13th, the Iranian government began blocking The Onion Router (TOR), a system for evading network censorship. On September 14th, the TOR project changed its code so that it wasn't blocked anymore.

Yesterday morning (in our timezones — that evening, in Iran), Iran added a filter rule to their border routers that recognized Tor traffic and blocked it. Thanks to help from a variety of friends around the world, we quickly discovered how they were blocking it and released a new version of Tor that isn't blocked. Fortunately, the fix is on the relay side: that means once enough relays and bridges upgrade, the many tens of thousands of Tor users in Iran will resume being able to reach the Tor network, without needing to change their software.

How did the filter work technically? Tor tries to make its traffic look like a web browser talking to an https web server, but if you look carefully enough you can tell some differences. In this case, the characteristic of Tor's SSL handshake they looked at was the expiry time for our SSL session certificates: we rotate the session certificates every two hours, whereas normal SSL certificates you get from a certificate authority typically last a year or more. The fix was to simply write a larger expiration time on the certificates, so our certs have more plausible expiry times.

(via Schneier) Read the rest

RIP, Len Sassaman: cypherpunk and anonymity hacker

GuidoDavid sez, "Len Sassaman, a cryptographer, activist and biopunk died yesterday, he lost the battle against depression in Leuven, Belgium. He is survived by his widow, Meredith L. Patterson, also a hacker and biopunk. His work and actions inspired me and shaped the world we live in, as he was active during the Crypto Wars and designed and wrote anonymizing tools. He will be missed, but I hope that his legacy will go on and I am certain he will continue inspiring our efforts."
An obituary posted on Facebook by Sassaman's friend and fellow hacker Pablos Holman recounted the pair's early work on crypto-systems after they met in 1999.

"We were reimagining our world, riddled with cryptosystems that would mathematically enforce the freedoms that we treasured. Anonymous remailers to preserve speech without fear of retribution; onion routers to ensure nobody could censor the internet; digital cash to enable a radically free economy."

While much of their work was an academic "geek utopia exercise", Sassaman liked to "get his hands dirty", which led to numerous visits from Federal agencies over remailer abuse, according to Holman: "Len, you are, in fact, an inspiration to those of us who inspired you. You made something great of your life. You left a lot behind for us. Thanks for letting me be a part of it all."

Young cryptographer ends own life (Thanks, GuidoDavid.)

(Image: Codecon 2006, a Creative Commons Attribution Share-Alike (2.0) image from ioerror's photostream) Read the rest

TOR for Android: anonymize your phone's data-connection

TOR (The Onion Router, a technology for bouncing your traffic all over the net so that your ISP can't spy on you) is now available for Android phones. Just take a picture of the QR code on the right with your Barcode Scanner or Goggles app to install it.

Tor on Android (via O'Reilly Radar) Previously:HOWTO use TOR to enhance your privacy HOWTO Use TOR to protect yourself from censorship and snooping ... Intro to TOR: how you can be an anti-censorship activist in your ... EFF and TOR in Google's Summer of Code! Read the rest

Student programmers: Get paid to hack liberty-enhancing code with EFF this summer!

The Electronic Frontier Foundation is looking for student programmers to do paid work on various liberty-enhancing technologies this summer, paid for by Google, through its excellent Summer of Code project. This summer, there's funding for programmers to work on TOR (The Onion Router -- a system for evading censorwalls and enhancing online privacy by bouncing your traffic through several volunteers' computers), TOSBack (tracking changes to the terms of service of the Internet's most popular websites), OurVoteLive (tracking problems in elections with US polling places and voting machines) and Switzerland (a passive IP-layer network neutrality testing system).

Previous Summer of Code workers have had wonderful experiences working with EFF (as a former employee, I can testify to what a great workplace it is). Not only do you get to do paid, meaningful work, but you get to do it surrounded by some of the most astute, passionate and clever people in the technology world. For the right student, this is the chance of a lifetime.

Work With EFF and TOR for Google's Summer of Code Previously:EFF helping produce anonymizing software Intro to TOR: how you can be an anti-censorship activist in your ... Run a TOR node, help Iranians and others keep their privacy ... TOR: German police are *not* cracking down on Tor. EFF public meeting on anonymizing software in San Fran next Tues ... EFF releases Net Neutrality detector software TOSBack: EFF's real-time tracker for changes in terms of service ... EFF sets sights on abusive EULAs Tracking e-voting dangers: I VOTED? Read the rest

Intro to TOR: how you can be an anti-censorship activist in your sleep

Here's a nice little introductory article on TOR, The Onion Router, a privacy-enhancing technology that helps you to circumvent national, corporate and school firewalls and enhance your anonymity. Originally developed by the US military to help communications get in and out of countries that heavily filter their networks, TOR is free/open software and is maintained by many volunteers around the world, including the Electronic Frontier Foundation.

TOR works by passing your traffic through several (theoretically) unrelated computers all over the Internet, using cryptography to keep the origin, destination, and intermediary steps secret from each computer it passes through.

You can run TOR on your own computers and they'll become part of this array of intermediary hosts all over the net, making your network connection into a tool for privacy and free access to information.

Bill McGonigle, of Lebanon, New Hampshire, decided to become a Tor volunteer when he learned that people in Iran were protesting the results of their June Presidential election. They were using the Internet to organize their meetings. The Iranian government was trying to censor their messages to one another. "I have a soft-spot for people trying to gain liberty for themselves," he wrote in an email, "especially against tyrannical regimes. It became known that they were using Tor to get around the censorship, so at that point I put up a relay....The people I'd like to help are those living under violence-based oppression, most commonly orchestrated by dangerous and corrupt individuals posing as legitimate governments. I'd like to see an end to oppression wherever it exists."
Volunteer Your Computer for Global Privacy (Thanks, Rhona! Read the rest

Run a TOR node, help Iranians and others keep their privacy

Want to do something more meaningful for Iran's dissidents than turning your Twitter avatar green? EFF would like you to run a TOR bridge or relay, which will allow Iranians, and others around the world, to communicate with enhanced privacy and secrecy.
More sophisticated users can skip this paragraph, but for the rest, here's the basic outline. Tor (an acronym of "The Onion Router") is free and open source software that helps users remain anonymous on the Internet. Normally, when accessing websites, your computer asks for and receives a webpage out in the open, a process that exposes your IP address, the URL of the website, and the contents of the site, among other information to third parties. When accessing websites while using Tor, your computer essentially whispers its requests for a website, to another computer, which passes the request on to another computer, which passes it on to another computer, which passes it onto the computer where the website is hosted; the reply returns in the same, chain-message manner. The whispers are encrypted, so that neither outside authorities, nor the computers in the middle of the chain, can tell what is being said, and to whom. And the website itself does not have your IP address either.

Internet users in Iran are using Tor to both (a) circumvent censorship systems and (b) remain anonymous while reading and writing on the Internet. Both are critically important to the safety of protesters, many of whom fear retaliation from the government. Preliminary reports indicate that use of the Tor client in Iran has increased in the days after the contested election.

Read the rest

Next page