The TorProject for anonymity online

Started by CrackSmokeRepublican, August 14, 2008, 10:13:14 PM

Previous topic - Next topic

CrackSmokeRepublican

An interesting OpenSource tool...if you want to get away from any snoopers. Check it out. Give a good check out if you are doubly paranoid.
-CSR
-----
Tor: anonymity online

Tor is a software project that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

Hundreds of thousands of people around the world use Tor for a wide variety of reasons: journalists and bloggers, human rights workers, law enforcement officers, soldiers, corporations, citizens of repressive regimes, and just ordinary citizens. See the Who Uses Tor? page for examples of typical Tor users. See the overview page for a more detailed explanation of what Tor does, why this diversity of users is important, and how Tor works.

There are three pieces of fine print you need to know about.

   1. Tor does not protect you if you do not use it correctly. Read our list of warnings and make sure to follow the instructions for your platform carefully.
   2. Even if you configure and use Tor correctly, there are still potential attacks that could compromise Tor's ability to protect you.
   3. No anonymity system is perfect these days, and Tor is no exception: you should not rely solely on the current Tor network if you really need strong anonymity.

Tor's security improves as its user base grows and as more people volunteer to run relays. (It isn't nearly as hard to set up as you might think, and can significantly enhance your own security against some attacks.) If running a relay isn't for you, we need help with many other aspects of the project, and we need funds to continue making the Tor network faster and easier to use while maintaining good security. Please donate.
After the Revolution of 1905, the Czar had prudently prepared for further outbreaks by transferring some $400 million in cash to the New York banks, Chase, National City, Guaranty Trust, J.P.Morgan Co., and Hanover Trust. In 1914, these same banks bought the controlling number of shares in the newly organized Federal Reserve Bank of New York, paying for the stock with the Czar\'s sequestered funds. In November 1917,  Red Guards drove a truck to the Imperial Bank and removed the Romanoff gold and jewels. The gold was later shipped directly to Kuhn, Loeb Co. in New York.-- Curse of Canaan

Anonymous

ToR is currently banned here, as a trouble maker was coming in on one so an admin blocked all the Ips ;)  Maybe we can unblock them now....

sullivan

TOR is a nice idea, but it is flawed in a number of vital areas. First of all, because traffic is being routed through multiple nodes, which can render even the most mundane surfing tasks ridiculously slow. The second and far more important flaw is that your traffic can be snooped at any exit node.

From The Register

QuoteThe presence of rogue nodes on the network was recently highlighted by security researcher Dan Egerstad, who controversially posted details of login credentials of about 1,000 email addresses, including at least 100 accounts belonging to foreign embassies, obtained by listening to traffic passing through five exit nodes under his control. Abuse of the system is far from isolated, other research suggests.

Members of the Teamfurry community discovered TOR exit-nodes that only forwards traffic association with ports used for unencrypted versions of protocols including IMAP and POP email (TCP ports 143 and 110), and IM traffic. Other nodes only relay traffic associated with MySpace or Google searches. The malign purposes behind such a system are fairly easy to guess, while their legitimate use is far trickier to imagine.

"Even though just a suspicious configuration isn't enough to tag an exit-node evil, I wouldn't touch these with a ten-foot long toothpick," Teamfurry warns.

Another Tor exit node used fake SSL certificates to run man-in-the-middle phishing attacks.

The use of TOR not simply to provide anonymity to those who badly need it, but also as a tool for those who want to disrupt and defame with impunity, gives an indication as to why many community sites simply ban known TOR exit nodes.
"The real menace of our Republic is the invisible government which like a giant octopus sprawls its slimy legs over our cities, states and nation. At the head is a small group of banking houses generally referred to as \'international bankers.\' This little coterie... run our government for their own selfish ends. It operates under cover of a self-created screen, seizes our executive officers, legislative bodies, schools, courts, newspapers and every agency created for the public protection."
John F. Hylan (1868-1936) - Former Mayor of New York City

Ognir

I remember seeing a docu on this Tor project,  lots of interest from the CIA if I remember correctly
Most zionists don't believe that God exists, but they do believe he promised them Palestine

- Ilan Pappe

sullivan

Quote from: "Ognir"I remember seeing a docu on this Tor project,  lots of interest from the CIA if I remember correctly
It was originally developed by the US Naval Research Laboratory.  Enough said? ;)
"The real menace of our Republic is the invisible government which like a giant octopus sprawls its slimy legs over our cities, states and nation. At the head is a small group of banking houses generally referred to as \'international bankers.\' This little coterie... run our government for their own selfish ends. It operates under cover of a self-created screen, seizes our executive officers, legislative bodies, schools, courts, newspapers and every agency created for the public protection."
John F. Hylan (1868-1936) - Former Mayor of New York City

K-Sensor

Yeah Tor was originally designed for troops to talk back to their families without anyone eves dropping.   The problem is it's so easy to spoof a server and read everything that passes.

CrackSmokeRepublican

Well...final words on this:

1. Thanks for passing the Register articles. Yeah, things can get hacked. Use encryption.
2. This is open source stuff. Open it,  Compile the code and look it over.  Use a good sniffer to see what is going on. It can channel information flows and it can be used for snooping apparently. Encryption and Randomization is your friend.  Most of the Tor Relays are in Germany.  Like most of the net, it can be used as a private communication channel.
3. Read items 1-3 above in the original post.  If barely know how to use your system or a server than this is probably not software you want to be working with.
4. The latest alpha version is actually a lot faster than previous versions.
5. I use this software for all websurfing on bulletin boards. Why? Well the fairly flimsy security around PHP bulletin boards/Forums/Websites etc. doesn't impress me. While I trust the capability of the admins at this site, I don't want my IP in a MySQL database that could be unpatched and that some goons could pickup with an orchestrated hack.  Like I said, do this if you are doubly paranoid. If you are paranoid about channeling your communication to a Tor Relay that can be compromised -- okay, THEN USE BETTER ENCRYPTION or DON'T USE IT AT ALL.  I alwyas use this when going to sites that may compromise my IP's identity. There is a fairly open source GeoIP tracker: http://www.maxmind.com/app/ip-location  that can be used for reverse lookups - Tor uses this.  If you just don't give a crap about these things and are far more worried about "WHAT" is sent rather than from "WHERE" you sent it then it may be too much of a risk for you to use it.      Tor marginally protects you from people finding "Where" you sent something from and doesn't guarantee protecting  "What" you sent.

Please remember the list above and if you can't read a line of code  of anything then maybe just forget about this tool. -- CSR  

"There are three pieces of fine print you need to know about.

1. Tor does not protect you if you do not use it correctly. Read our list of warnings and make sure to follow the instructions for your platform carefully.
2. Even if you configure and use Tor correctly, there are still potential attacks that could compromise Tor's ability to protect you.
3. No anonymity system is perfect these days, and Tor is no exception: you should not rely solely on the current Tor network if you really need strong anonymity.  "
After the Revolution of 1905, the Czar had prudently prepared for further outbreaks by transferring some $400 million in cash to the New York banks, Chase, National City, Guaranty Trust, J.P.Morgan Co., and Hanover Trust. In 1914, these same banks bought the controlling number of shares in the newly organized Federal Reserve Bank of New York, paying for the stock with the Czar\'s sequestered funds. In November 1917,  Red Guards drove a truck to the Imperial Bank and removed the Romanoff gold and jewels. The gold was later shipped directly to Kuhn, Loeb Co. in New York.-- Curse of Canaan