Ultimatest super-goal: make anonymity the default stance and socially accepted norm. Do with anonymous browsing what WhatsApp did with E2E encryption. Force big data suckers to invent new business models for exploiting our data without breaching our privacy.
I can't read this article because I'm at work, but unless they managed to solve the problem of Tor being very, very, very slow, this will never happen. End users will definitely notice a difference and likely won't care about their privacy. They'll just see Firefox being way slower than Chrome and switch.
This would be a privacy option for Firefox, not the default. But yes, Tor introduces latency and reduces bandwidth. For traffic to the open Internet, traffic uses circuits through three relays: entry guard, middle and exit. So there are four hops between users and websites, instead of one. The Earth's circumference is about 40 thousand km. So the longest path is arguably ~20 thousand km. And rtt for that would be about 300-500 msec, according to my measurements.[0] It's only ~130 msec at lightspeed, but there are some copper links, plus switching time and caching.
So with four hops, rtt would at most be 1200-2000 msec, if every hop were the maximum length. In practice, rtt for Tor is at most half that, and often even less. But latency is actually good if your goal is anonymity. Because it reduces the accuracy of traffic analysis.
With traditional onion sites, there are two three-relay circuits, one for the user and one for the site, plus a rendezvous relay. So rtt is much greater. However, sites can opt for one-relay circuits, sacrificing anonymity, so overall rtt isn't that bad.
Bandwidth is also reduced with Tor. Increased latency is part of that. But also, many relays have low-bandwidth uplinks, especially ones that people run at home. The Tor client does pick faster relays, but there's a tradeoff, in that doing so reduces anonymity. Increased investment in high-bandwidth relays would help a lot.
Also, with more relays, it would be workable to implement multipath circuits. Especially for onion sites, where precious exit relays aren't needed. Using MPTCP, I managed ~50 Mbps throughput for bbcp transfers between onion sites (with gigabit uplinks).[1] I was getting ~36 subflows per tcp connection.
Is it even worth talking about speed without at least considering client network conditions? A lot of people have poor internet connections, many places world-over are basically mobile-internet only already, shared internet spaces with variable QoS (campuses), etc etc. Most people aren't using engineer-priced laptops/workstations or backed by enterprise-grade routing equipment, after all.
Yes it is. I can't speak for everyone, but in Brazil, it's virtually impossible to use Tor even for HTML-only websites. And I can say most people have a slower bandwidth than I.
So long as Tor depends on volunteers to maintain exit nodes, and with that the risk of being arrested for all sorts of criminal activity by non-tech-savvy law enforcement, this is how it'll be.
Tor is slow because every packet has to be routed through several random servers distributed all over the world with multiple layers of crypto at every pass. Even with plenty of top-of-the-line inner and exit nodes you will still see substantially more latency than just sending packets directly.
The "distributed all over the world" part would still be just as much of an issue; the speed of light puts a substantial lower bound on the total latency.
True, but pinging from one hub to another is way faster than someone's cable modem in Mumbai to someone's in Australia to someone's in Peru and back again. Those last miles add up in a huge way.
No, IPSec tunnels to remote headquarters have indistinguishable latency impacts for normal users browsing (<150ms). The bad latency is because of congestion, not crypto and multiple hops.
Mirimir typically uses a three-VPN nested chain. Just now, rtt to google.com was ~260 msec. That's four hops. Just not with servers on the far side of the planet.
Also get on the tor-relays@lists.torproject.org mail list.
But the sad truth is that there aren't that many hosting providers that allow Tor relays. Especially exit relays, because of abuse complaints.
Also, as you might expect, Tor relays can use lots of bandwidth. It's more common to get flat-rate bandwidth for 100 Mbps uplinks, and metered bandwidth for 1 Gbps uplinks. Digital Ocean, for example, just switched to metered bandwidth, and that has killed some relays.
However, all this could arguably change, if Tor became mainstream, as part of Firefox.
That has no relation to the cases above which were of people running Tor exit nodes from their home. If one wants to hide their Tor usage then that's something else and there are pluggable transports that are already built-in the Tor Browser to obfuscate Tor traffic to look like something else--no need for a VPN.
If you're worried that law enforcement will knock on your door because somebody used your exit node for illegal internet activity, a VPN service (that does not log traffic) will give you additional protection by exposing their IP address, not yours.
They sometimes are. Not always. And they walk out free, except for that Jewish guy who lived in Austria (I can’t remember his name but he was the only one to get in real trouble for running an exit node).
Why take that trouble when they can do it directly using Tor without running any exit at home? Also for instance Bogatov had an alibi when that happened.
The forum I run only bans IP addresses caught posting link-spam. Which, admittedly, asymptotically approached 100% of Tor exit nodes before I instituted more rapid ban-expiration. I added faster ban-expiration after hearing from some of my privacy-conscious users that Tor had become unusable for my forum.
If you use tor and only visit onion sites, the sites don't know who visited them.
If you use tor and visit the regular web sites (like, say, HN), the last computer that does the actual request to the website is an exit node, as far as that site is concerned, the exit node made the http request. If you run an exit node, your computer is going to be doing tons of requests to all kinds of websites, this may include sites that deal in illegal stuff like drugs, child prostitution, human trafficking, terrorism, etc.
edit: Forgot to say, you must explicit be running an exit node. Not every tor node is an exit node.
I think Tor will get faster, now new protocols like TLS/1.3, HTTP/2 and QUIC are being developed.
Currently Tor looks like HTTPS done with TLS/1.2 on TCP (like regular HTTPS). As these newer protocols get more and more delpoyed Tor can start using them too which will help make Tor faster.
Not immediately, but I feel that as those protocols become more ubiquitous, _maybe_ the base Tor transport protocol (for nodes which aren't bridges) might be able to benefit from some of the same upgrades by using them?
I don't know how much (if at all) it might help—but other, similar overlay networks have previously noticed that (intuitively) inefficiency in the transport protocol is likely to be (broadly speaking) multiplied by the number of hops; so any improvements in that might be useful in improving the user experience by using the same available resources more efficiently.
What that might mean for Tor's perceived speed is a somewhat murky issue, as that's a function of the complex interaction of latency and bandwidth and crypto and routing overhead of all the involved nodes in a tunnel put together; which of course is also shared with other tunnels; not to mention it will _also_ be particularly affected by exit node outproxy bandwidth; _and_ any possible packet loss and delay caused by both incidental _and_ deliberate adverse network conditions…
There are in fact some vague ideas floating around about using QUIC as a transport protocol for Tor. However, there is so much work to do and so few people that have the necessary skills (solid cryptography -- not at a "build the next AES" level, but "implement AES with no side channels" is already incredibly difficult -- plus low-level networking, C, and so on...) that in my view it is a minimum of 2-3 years from being mainstream available (look at how long HSv3 took).
Tor circuits tend to be rather high latency, so anything that reduces the number of round trips needed for page loads is likely to have a significant impact on Tor's effective speed.
WhatsApp is not perfect and certainly its code not being available for inspection is one of its flaws. However, it did bring security to the masses. I mean I am pretty sure the security it offers is enough for 95% of people. I would not use it for sending documents stolen from NSA, but for the rest of cases - it gets you covered.
Security very often need to be balanced with convenience - with WhatsApp you get immense boost of protection without sacrificing much convenience. One could argue, that you could get better security with Signal - true, but first you'd need to convince all your family and friends to install it.
They need to solve the issue of speed, altough maybe for sensitive queries(assuming that's enough, a very big assumption,), people may be willing to use a slow "super private browsing mode". another option is to make people pay for faster speeds ?
And if i recall correctly, a "global passive attacker" listening to internet traffic around can de-anonimize TOR using ML. Seems like something that would be possible and profitable for a Google and internet infra companies.
Google isn't a GPA. Also having a low-latency anonymity system that isn't affected by a GPA is an open problem. The important thing here is that using Tor is better than not.
Likely actual result: Firefox will become increasingly irrelevant.
If Tor is going to be a built-in feature of Firefox, most employers are going to flag it as malware. This is a ridiculously dumb thing on so many levels -- promote privacy by directing your network traffic to "volunteer" proxy services?
You already don't know what proxies your traffic is going through. Using Tor might increase the odds of a bad actor a bit but end-to-end security is something the web is getting better at right now.
The risk now is that some bad actor is replacing TLS certificates, which is an uncommon and tamper-evident event. Tor is handing your traffic to an unknown 3rd party.
Plus, users do not understand what Tor is or how to use it.
Fighting political battles with software is dumb — the end result is going to be a permanent loss of freedom, as governments force the use of platforms with trusted app stores.
The risk now is BGP hijacking. Or really just normal operation of BGP. You data could go anywhere on the planet on its way to the destination and you're not going to know ahead of time what path any particular packet will take.
If you're using TLS, it doesn't matter so much if the exit node is malicious because they still won't be able to read it.
It's been my understanding that Firefox has been soft splitting its consumer and business versions of the product for a while. This would presumably just be another step down that road.
