The article keeps making reference to the types of users on the Tor network:
> The majority of Tor traffic is legitimate users accessing the web anonymously, through insecure networks like Public WiFi, etc.
> Finally, just like with everything else, we have malicious users. [...] That last, tiny portion of users is the primary reason people don't run more Exit Nodes.
> Despite malicious users being the minority of Tor users, as an absolute number, there are many of them.
Where are the facts that form the basis of these statements? I've seen studies about geographic and network demographics, and there was the disputed study about how much Tor traffic was related to child-porn, but has someone done a study on how many users are engaging in abusive behavior through Tor exit nodes?
Regardless of the number of users, a better question may what percentage of the traffic is abusive? It doesn't matter if a minority of the users are abusive if the majority of the traffic is abusive.
Tor administrator's tendency to dismiss abusive conducted through their exit nodes as "that's just the way it is to protect anonymity" reminds me of Twitter's early lack of action against abusive verbal attacks on its service. Tor's anonymity is analogous to Twitter's free speech, but in both cases, abuse of those freedoms defines the need for some practical protections in order to maintain them.
> It doesn't matter if a minority of the users are abusive if the majority of the traffic is abusive.
It doesn't? From my view it is exactly the opposite.
Let say that a bridge between Sweden and Denmark is heavily trafficked by smugglers who drives trucks, while law abiding citizen normally drive cars. The relative amount of drivers that are smugglers will then be much smaller than the relative amount of cargo being smuggled, as cars carries less cargo than trucks.
From a ethical view point, should the bridge then be judged as tool for criminals or a tool for law abiding citizens? Is the quantity of people less valuable measurement than the quantity of tons going over the bridge, and what would the argument be for that?
The online "trucks" of malicious users can be (and likely are) several order times larger in traffic than non-malicious users. Even if there was 1 million non-malicious users for every malicious user, you could still get >90% malicious traffic in the network. The only realistic way to fix that statistical problem would be to get heavy traffic on the network like video, system updates, and P2P, which are all things that a low latency anonymity network is not designed for.
A huge fraction of tor usage is illegal. Drugs, and other illicit sales mostly. Some pornography. None of this is relevant to an exit node operator because the servers for these people are using hidden services, and as such their traffic never exits the for network, and never passes through an exit node.
The illegitimate uses of tor that require exiting the network are fairly limited, and tor isn't great since the list of exit nodes is public, and blocked many places. Mostly those users are trying to bypass a firewall or browse anonymously for one of the reasons that for advocates claim.
Humm yeah a huge fraction of it is illegal. In fact in some countries it is illegal to circumvent the restrictions imposed by the State on the internet. I am non trying to start an argument, but the concept of illegality depends on the laws and very often is completely disjointed from the concept of justice.
Is it illegal to buy drugs? Yes, in a lot of countries. Is it immoral? A lot of people think it isn't.
So, don't use the metric of the US judicial system to establish what should be considered illegal/immoral on TOR. TOR is a worldwide network and shouldn't be judged based on the laws of a specific country.
Tor really sucks for sending abusive traffic, it's slow and blacklisted by everyone (IME mostly due to problematic users, rather than "hacking" and such).
Luminati for example offers a much better service, as do the hundreds of thousands of routers offering unauthenticated SSH tunneling around the world. Way better speeds, and no blacklists.
> Tor's anonymity is analogous to Twitter's free speech, but in both cases, abuse of those freedoms defines the need for some practical protections in order to maintain them.
This sounds worryingly like a call to weaken Tor, I really hope it's not.
It's not in any way a call to weaken Tor, but I think that response is indicative of an ideological viewpoint that will achieve the same result.
A perfectly secure, perfectly anonymous network that no network-neutral party will service because of the levels of abuse which come from it is no stronger a solution than an insecure, de-anonymized solution. The parent blog post implicitly acknowledges this -- the poster disables exit handling for SMTP and BGP traffic because of that traffic's likelihood for abuse and the resulting effect on the exit node, even though such traffic might have legitimate uses. Practical requirements of node functionality trump ideology, in the case of SMTP and BGP traffic at least.
While Tor operators may accept abusive traffic as a result of their greater goal, the upstream providers of their nodes may not. The ability to reliably deliver traffic for all customers, Tor and non-Tor is key to their business. If that ability becomes compromised, they take action to preserve their business.
Wow Luminati is expensive but sounds like a very premium platform for on-demand proxies. Are they running this in a shady manner where a P2P application is also serving as a web proxy for Luminati?
I never really tracked down what exactly causes the vulnerability, but it's a rather common bug in various SSH implementations (millions of affected devices). Dropbear is the most commonly affected.
I guess easiest way to demonstrate it is like this:
debug1: Next authentication method: password
root@117.243.179.217's password:
debug1: Authentication succeeded (password).
Authenticated to 117.243.179.217 ([117.243.179.217]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_CTYPE = en_US.UTF-8
login failed: please enter correct username and password
Login:
Notice how for the initial login attempt the SSH server itself will accept any password, but subsequently the login is handled by the binary set as the login shell? After the initial "failed" login attempt you can freely open as many SSH tunnels as you please. You can most likely get RCE from here
I'm also wondering about that. The only recent statement I know of is from Cloudflare, where they say that 94% of the Tor traffic they see is malicious.[1]
It's good to protect anonymous way to use the internet, but it shouldn't be ignored that Tor is probably primarily used for illegal purposes.
But, also, cloudflare has made the malicious / non-malicious ratio so much worse. A staggering amount of web content has become practically inaccessible on TOR because of them. This makes TOR very difficult to use for the average law-abiding person who just wants more privacy.
They have a shitty reputation because they funnel a higher-than-normal number of users through a single IP.
And apparently cloudflare is much more aggressive on this front than anybody else in this business, including google - when I get a captcha it's always cloudflare (or hacker news). On those sites I can practically rely on getting one.
To turn it around, every time I see a cloudflare captcha they obviously have failed.
Really? I'd say there's a need to implement ever stronger successors to the likes of Tor, Ethereum, and Bitcoin, until people finally stop hand-wringing over taking action about "abuses", because it's clearly mathematically impossible.
> The majority of Tor traffic is legitimate users accessing the web anonymously, through insecure networks like Public WiFi, etc.
> Finally, just like with everything else, we have malicious users. [...] That last, tiny portion of users is the primary reason people don't run more Exit Nodes.
> Despite malicious users being the minority of Tor users, as an absolute number, there are many of them.
Where are the facts that form the basis of these statements? I've seen studies about geographic and network demographics, and there was the disputed study about how much Tor traffic was related to child-porn, but has someone done a study on how many users are engaging in abusive behavior through Tor exit nodes?
Regardless of the number of users, a better question may what percentage of the traffic is abusive? It doesn't matter if a minority of the users are abusive if the majority of the traffic is abusive.
Tor administrator's tendency to dismiss abusive conducted through their exit nodes as "that's just the way it is to protect anonymity" reminds me of Twitter's early lack of action against abusive verbal attacks on its service. Tor's anonymity is analogous to Twitter's free speech, but in both cases, abuse of those freedoms defines the need for some practical protections in order to maintain them.