This document provides an overview of anonymity systems like Tor, I2P, and Freenet. It describes how Tor works by passing data through proxies to provide anonymity. It also discusses who uses Tor, such as whistleblowers and journalists seeking privacy. The document outlines the Tor project's finances and how it is funded by various organizations. It concludes by covering some attacks against Tor like traffic analysis and compromising relay nodes.
4. Freenet Storage network p2p based Shares files on your system to other nodes Plausabile Deniability
5. I2P Opposing design of Tor UDP based Darknet design Java, Python, and C API’s Mixed routing based on packets Splits tunneling between upstream and downstream “Garlic Routing” – mix streams together to prevent traffic analysis Variable latency design
6. Tor Tor (not TOR) – previously stood for The Onion Router Provides a method of anonymity by passing data between proxies
8. Terminology Cell – your message Circuit – tunnel made up of relays Entry Node: first hop into the Tor network Exit Node: last hop before destination Relay Node: middle hop Bridge Node: nodes not listed in the Tor directory to evade filtering
9. Who’s Using Tor? Whistleblowers Wikileaks – runs hidden service Militaries field ops command and control using hidden services Chinese journalists and dissidents
12. Current Project Sponsors Federal Grant: International Program to Support Democracy Human Rights and Labor $632,189 International Broadcasting Bureau Voice of America, Radio Free Europe/Radio Liberty, Radio and TV Martí, Radio Free Asia, Radio Sawa/Alhurra TV $270,000 Stichting.Net Association of NFP’s in the Netherlands $38,279 Google: $29,083 ITT: $27,000 Other: $9,997 https://www.torproject.org/about/sponsors.html.en
13. Past Funders DARPA and Naval Research Labratory 2001-2006 EFF – 2004-2005
17. Tor Tools Torbutton Tor Browser Bundle Vidalia TorCheck Arm Tor-ramdisk Anthony G. Basile from Buffalo
18.
19. Tor Control Port authenticate "“ extendcircuit 0 a,b,c,… extendcircuit 0 a,b seteventscirc setconfconfitem Mapaddress google.com=a.b Getconfconfitem Telnet to the control port Create custom circuits (long or short) Show live circuit information Change configuration on the fly Map a site to an exit node Reload a configuration
21. Tor Passive Attack Vectors Traffic profiling – entry and exit analysis Cleartext exit node transmission Fingerprinting - OS, browser, configuration, activity Timing correlation Network partitioning End to end Size correlation
22. Tor Active Attack Vectors Compromised keys Malicious web servers Malicious Exit/Relay nodes DoS non-controlled nodes Timestamping and tagging Injecting or replacing unencrypted info Malicious Tor client
23. Tor Client Side Attacks DNS rebinding Disbanding attack – javascript, java, flash History disclosure Timezone information (partitioning)
24. Social Engineering Attacks Getting more traffic “Use my relay. I have huge tubes!” “Nick’s relay sucks” “I’ve added a feature to my node.” Replacement 687474703a2f2f7777772e726f63686573746572323630302e636f6d2f6861782f Partitioning “Don’t use servers from this country” “These servers are amazing!”