Tor is not as secure as it is often thought. It needs to be redesigned and/or adopt some modifications from I2P's "garlic routing".
I suggest a complete end-to-end rethink of how anonymous Internet services are done. Instead of it being a tunnel for generic traffic, think of a specialised private protocol for input/output of information. Throw away the highly complex, insecure HTML5 that most hidden services are interacted through. Instead of slow, bloated HTTP requests, think of sockets that stay alive meaning traffic can be high bandwidth and low latency. We could even throw in some modern cryptography like ED25519 which would give some performance benefit. I had an idea for 'heartbeat groups' too which would prevent timing attacks at the ISP/wider Internet level.
If it weren't for the fact that I have a full time job and don't want the Five Eyes on me, I'd build it myself.
And what exactly qualifies you to make those statements? Especially since what follows IMO reads rather bizarre.
> I had an idea for 'heartbeat groups' too which would prevent timing attacks...
Great! What is this supposed to be? Is it some kind of mixing scheme? How does this prevent timing attacks? How did you model this to verify those claims you make? Do you have a publication on that somewhere?
> If it weren't for the fact that I have a full time job and don't want the Five Eyes on me, I'd build it myself.
In other words, you know better than the people who did the existing implementation, but really can't be bothered right now?
You got me a bit curious, but since you have no description or website link in your profile and a Google search for your nick only leads me back here, I started browsing through your comments, trying to find some details on your background in IT-security. Besides a bunch of strong opinions on practically every topic thrown at you, I didn't manage to dig up anything interesting so far.
Somewhere in your early comments, you said, your work entails managing bare metal machines. Somewhere else you said your job is basically skim reading docs. There are some other references to systems administration topics as well. Are you by any chance some kind of data center sysadmin?
I'm sorry and I'll gladly stand corrected, but for now there are simply too many red flags here for my taste.
What qualifies me? It's my opinion, I don't need qualification to have an opinion and you don't need to care about it. But since you asked, I'm a privacy enthusiast with a good understanding of cryptography (not PhD level and I would never claim it to be). I don't see why my job is relevant.
I've wanted to reinvent hidden services for years and you're wrong about it being a matter of motivation. It really is a matter of both time and not wanting to bring attention to myself.
You were not attacked, your response was simply taken apart and questioned. If having someone be skeptical of you is an attack, that would make talking about subjects where everyone does not already agree very hard.
> What qualifies me?
> a good understanding of cryptography
> not PhD level
> I don't see why my job is relevant.
> It really is a matter of [...] time
Well, I think it is reasonable to ask why you feel like you know what changes to make to make something more secure. A reader now has to assume that you:
- Have not studied the subject in an academic way
- Do not have work experience to make up for that lack of study
- Do not have time to devote to the subject (for example, for self-study)
This would lead a naive reader to the conclusion that you are not academically suited, not professionally suited and not suited through self-study to comment on this subject in a capacity that means anyone should take your suggestions to heart (perhaps incorporating them into the software under discussion). The same would go for people that you would submit changes to (had you had any time for this). That leads me to believe the only point of your commentary is the commentary itself.
I guess it is fair to say I don't understand this. Perhaps GP was getting at that, perhaps not :)
Edit: To be clear, I wish to understand if there is an understanding to be had beyond "I just felt like it".
Not sure what you mean by heartbeat groups, but if I'm guessing correctly this sounds fairly similar to chaffing and winnowing https://en.wikipedia.org/wiki/Chaffing_and_winnowing which lets information from multiple senders (or even bogus, non-existent senders) to be clumped together and broadcast in such a way that every destination is able to pick out only the messages intended for them and cannot distinguish messages not meant for them from uniformly random garbage.
I have an acquaintance that's a mid-to-high level FBI agent. In casual conversation, he's eluded on more than one occasion that the government is able to track people using TOR. I believe his exact words were "we've gotten pretty good at it." At this point, I just assume the government knows about everything I do online.
I suspect they are exaggerating, or that the claims were misunderstood. Yes, the FBI can find criminals who use Tor, but with extremely few notable exceptions from many years ago now, that isn't done by breaking any of Tor's protections, but instead using more traditional police investigation methods (e.g., "we got a tip this person is up to something, and this account only ever posts when that person is at home..."). We know this because details of investigations are public once they go to court in the US. Yes, parallel construction is a thing, but the idea that they regularly make use of exploits and this information never gets leaked in any sort of verifiable way (even with FBI agents who are apparently willing to speak of such secret programs with mere acquaintances ;)) means we can be relatively confident that, if such exploits do exist, they are rare enough to be too expensive to waste on anything but the most extreme circumstances. In other words, no, the FBI does not know what you're doing on Tor (assuming you're not at the far end of a bell curve, and ignoring everything other than what Tor protects).
Regular surfing via TOR is so painful (due to captchas from Cloudflare and others) that the proportion of "suspicious" traffic must be quite high in the network.
There have been studies that show this isn't true -- any particular session from a Tor exit relay is about as likely to be malicious as a session from a random IP, and the most popular sites accessed are things like Amazon and Facebook (the latter of which makes up approximately 50% of onion service traffic, as of ~4 years ago). I, for one, use Tor for most web browsing that doesn't involve logging in. (As a hint for people who dislike captchas: I don't actually see them as often any more, but for static content in particular, you can fall back to archive sites to circumvent them.)
It's really surprising to me that Tor is considered de facto the most secure by many, but whenever I review I2P my impression is always that it's better designed than Tor.
That's a reasonable default for 99% of Tor users. For that last 1%, there is the safe/safer/safest slider bar that is a single click away.
Javascript also has nothing to do with these attacks. Even if you turn off Javascript, KAX17 can still attempt end-to-end correlation attacks. This is much scarier than a Javascript browser exploit.
I suggest a complete end-to-end rethink of how anonymous Internet services are done. Instead of it being a tunnel for generic traffic, think of a specialised private protocol for input/output of information. Throw away the highly complex, insecure HTML5 that most hidden services are interacted through. Instead of slow, bloated HTTP requests, think of sockets that stay alive meaning traffic can be high bandwidth and low latency. We could even throw in some modern cryptography like ED25519 which would give some performance benefit. I had an idea for 'heartbeat groups' too which would prevent timing attacks at the ISP/wider Internet level.
If it weren't for the fact that I have a full time job and don't want the Five Eyes on me, I'd build it myself.