The plan was actually to deprecate support this year (only <2% of websites support TLS < 1.2 as highest version), but then COVID-19 came and apparently many health related government websites use those old TLS versions :/, so they dropped their plans.
That's unfortunately so true. The thorough and strongly regulated engineering results in good quality for mechanical products, but is detrimental for the fast paced software world. SSL3.0 is from 1996. That's the life cycle of 2-3 cars and much less than a building, so "not a long time ago" in engineering terms "when it still works".
I joined a German engineering company and made the naive assumption that proficiency in engineering is correlated to proficiency in software engineering. I will not make that mistake again.
The reality is that the classical engineering disciplines (mechanical, civil, etc.) and software engineering are very different in practice. While waterfall/V model is discouraged in software, it's a very valid approach for physical goods with high iteration costs and nearly no option of upgrade after sale.
Having to deal with Siemens healthcare software - they take the very understandable risk aversion (some of which is a must when it comes to medical equipment) and take it so far that it seriously hampers their ability to keep up with the industry, and (ironically) to maintain a stable product. I think it's their North American software teams that keep them moving forward, otherwise they'd still to this day be selling new MR and CT scanners running Windows XP.
And we all know the problem with technical debt - it's not a problem until one day it's a huge fucking problem that paralyzes you and forces you to stop moving forward at all for some time, just so you can pay off the debt.
Oh god... The Siemens modalities that I work on are garbage.
Same for Phillips.
I have mixed feelings about GE as well.
Healthcare tech is definitely hampered by the speed at which software _should_ move forward. The cost of getting FDA approval is crazy, especially for simple changes/security updates.
Now that you mention it... many years ago I took a course on SAP. Mein Gott, what an abomination. All the tables and columns with four letters name were specially fun.
I don't disagree with you but you will be more shocked to know that there are plenty of webhosts that are running old outdated websites/web applications and will fail in TLS 1.2. That is not an excuse but still a reality.
For general day-to-day browser of random websites for amusement, is there a particular reason why we should care?
I'm not against more crypto generally to help reduce mass surveillance, but how many Wix / Square Space / free WP/Blogspot sites actually need to have TLS 1.2+?
My understanding is that the general argument is that if we all require security for comedy browsing, the traffic of the people who require better security is better because it’s less conspicuous? See also declaring your personal pronouns as someone who thinks they will never be misgendered, or using Tor for normal browsing
As I stated: I'm not against crypto in general (even for "comedy browsing") as it helps against mass surveillance. I'm just not sure as to what disabling 1.0 in the browser does.
People who really care can enable 1.2+ on their servers and the browser will use it, but someone who just has a site up 'for fun' could be cut off.
In some ways it motivates people to not even bother with HTTPS because it now because higher maintenance to keep up with all the settings. This could actually encourage just leaving HTTP, which could be worse.
Obviously your web browser doesn't know if this is "just" some Wix brochureware site where you don't actually care about security or if it's a bank or your webmail or the passport office.
So to keep browser users safe we need to deliver the security they expect all the time. The rule has to be consistent, either the rule is "TLS 1.0 is no good, stop that" or it's "TLS 1.0 is fine, First Bank of Springfield can keep right on using it".
There's not really space for nuance here because there's no sign of a capacity for nuance in the ordinary user's understanding of web security. If anything the continued existence of plaintext HTTP is already too much nuance for users, but unlike adding a special "Kinda sorta secure" TLS 1.0 mezzanine that's a legacy problem we're stuck with already.
Well that's fine, but banks and Gmail (and even Wix sites) will advertise TLS 1.2+ and be just dandy as the web browser will choose the latest and greatest.
But what harm does allowing 1.0 if you want to read a static HTML web page from 2001 about the Cowboy Bebop anime series?
The reason is that encrypted websites are a bit harder to hack and inject malicious code into. In particular MITM attacks are much harder to pull off - such as those by airport/mall free wifis.
Using the latest version of TLS makes us safe from hacking.
SHA-1 sucks, this hash is too short by modern standards and we know it's flawed even though collision (the exciting headline making flaw) isn't especially relevant to TLS. But in TLS 1.0 SHA-1 is either the only hash permitted (in some places) or it's the best option left (MD5 is allowed but that's worse).
TLS 1.0 doesn't explain the necessity of guarding against padding oracles or how to do so. Now, of course it also doesn't ban you from guarding against them. But wait, if you're going back to upgrade your software to mitigate padding oracle attacks on TLS 1.0 why aren't you just upgrading to TLS 1.2 ? The stacks we're confident have effective mitigations all... offer TLS 1.2 anyway.
TLS 1.0 specifically requires you can do 3DES (in the terminology it's "Mandatory to implement" or MTI). But 3DES sucks, it's very slow and not as secure as a modern cipher. So you would never want to actually use 3DES, but it's mandatory in TLS 1.0 so now you're implementing a cipher that's very bad and you never want to use, just so you can support an obsolete protocol version. Or we can deprecate that protocol version and tell people to just use a newer protocol.
If anything, websites made with drag-and-drop website builders should always use the latest TLS standard because it’s just a single change for the hosting provider to make for all of the customers. I think the hosting provider generates a certificate anyway.
For users wanting to prevent their ISP from sniffing around then tor works as intended. Against advertisers it also work decently as a self cleaning browsers that constantly change its IP address.
For developers and sysadmins that want to get an outside look at their own services or investigate third party websites (like fraudulent lookalike) it work pretty effective with some caveats.
It also works mostly fine against national and ISP firewalls that is intended to censor citizens and lead people away from places which the state has declared unsuited for its population.
Against police force it seem to mostly work as a free tool that get used by criminals as something better than nothing, but with some larger caveats and the police have cases from time to time where they have identified criminals (from either good investigations or parallel constructions depending on who you ask). The tor browsers has also not been immune to malware.
Against national-level intelligence agency, "citizen scores", and whistleblowers employed within such agencies, the protection granted by tor may be very far from 100%. It is not recommended by anyone to depend on tor against that threat model.
>> It is not recommended by anyone to depend on tor against that threat model.
That depends as much on the use case as the threat. Traffic analysis attacks require traffic. Short burst communication via tor (chat/email/bot control commands etc) are not traced as easily as large file downloads or random web browsing. Attacks on the client (malware) are also very hardware dependant. A target using the same Tor client on the same hardware regularly is a softer target than someone connecting randomly via a variety of devices.
The NSA (Or FSB/FBI/CIA et al) are not SHIELD. They operate in the realworld with realworld physics/math. If they did have reliable and simple backdoors into Tor we would have heard about them by now.
How you figure we would heard about it? I mean the only reason we know they can break RSA 50% of the time was because of Snownden and that was like 10 years ago or so.
I mean these people are really good at keeping things secret, I remember reading books written in the late 80's that still said the first use of computers was calculating artillery tables, not codebreaking.
> I mean the only reason we know they can break RSA 50% of the time was because of Snownden and that was like 10 years ago or so.
Edward Snowden's revelations were about seven years ago, and did not include anything about the NSA breaking RSA encryption or signatures 50% of the time or any other amount. Who knows where you got that from, but not Edward Snowden.
> I remember reading books written in the late 80's that still said the first use of computers was calculating artillery tables, not codebreaking.
That would be because it was true. The purpose of the Difference Engine and of early mechanical calculating machines that were actually built at the time was construction of tables.
Colossus (which was used for breaking Lorenz) is an early electronic computer, but certainly not the first such computer and it isn't a stored program computer (to change what Colossus does it's necessary to physically disassemble it) so it's not actually part of the lineage of stored program computers we use today.
The Ultra Secret was published in 1974 - after that point the fact that Colossus existed and everything else about war work at Bletchley was not a secret. So Ultra was kept secret for just over thirty years.
> Against national-level intelligence agency, "citizen scores", and whistleblowers employed within such agencies, the protection granted by tor may be very far from 100%. It is not recommended by anyone to depend on tor against that threat model.
Are there any alternatives then, that do work against this threat model? It seems like a lot of the real need for such a tool is for journalists and activists who do need protection against national-level threat actors.
I think you misunderstand. For such adversaries, Tor is good enough for what it does, but not sufficient. You probably want something like TAILS as part of a whole package of serious real-world OpSec.
>It also works mostly fine against national and ISP firewalls that is intended to censor citizens and lead people away from places which the state has declared unsuited for its population.
Can't most countries just block all Tor traffic? Russia does this as far as I know. If you're the kind of state that would have a national firewall, why would you let your citizens use Tor at all?
Sort of. There are transports that make Tor traffic look identical to generic HTTPS traffic etc. So you can filter based on endpoints, but that's hard to do for unlisted bridges and the like. In terms of exits, most countries prefer not to block them.
It seems that a lot of such blocking are done with a lower kind of effort by those who are tasked to implement it. An example is the UK porn and piracy filters,but also a bunch of east state countries with the "whoops, you entered a bad place" firewalls.
I would speculate that the purpose of those are not to be a perfect blocks but rather a methods to mold and redirect citizens towards what the state want.
I think it remains the best in class for private browsing. They have to make difficult trade-offs that achieve acceptable levels of performance while not leaking metadata like a sieve. They do also have a good track record of handling security vulnerabilities.
For the average user, the greatest threat is actually everything outside the Tor browser. For example, downloading certain files using Tor, then opening it in another application that leaks your address to other parties (e.g. certain video players). The chance of this happening might be a lot higher on a Windows system. Another big mistake is funneling unsanitized traffic through a Tor SOCKS proxy, because many applications leak their addresses.
It's also worth mentioning that Tor still allows plain HTTP between the exit node and the destination website, so an ordinary user may not realize that they might be sending plaintext data.
For people who may be targeted by governments, those scenarios are vastly more complicated and depend on how much of a prize you are. Tor's strength relies in numbers and on the uncooperative nature between certain countries. There will certainly be more traffic analysis based attacks.
There are some ways to mitigate some of the threats that you mention. Using Qubes or Whonix could prevent network access to other programs. The unencrypted requests can be blocked by turning on the EASE option in the HTTPS-Everywhere preferences. Tor doesn't have any way to protect against global adversaries performing timing analysis or attacks though.
It is though. Add HTTPSEverywhere to the toolbar using customize, and you will get the option to enable "Encrypt All Sites Eligible". Working as of Tor Browser 10.0 (ESR 78.3)
Version: 2020.8.13
Rulesets version for EFF (Full): 2020.9.14
Rulesets version for SecureDropTorOnion: 2020.7.30
It depends on how you use Tor. For browsing you will essentially remain anonymous forever unless you do something that can connect you between sessions, like logging into some user account. This excludes side-channel attacks and an adverse which controls a large number of nodes, or is able to listen to a lot of the global network traffic.
It's different for people who operates hidden services. They are always online, and it is easy to tie one session to another, because the session will always be tied to the service they are running. This means that over time, you will be able to identify the service even with control over a small subset of services. You can read more about the different ways this can be done here: https://www.hackerfactor.com/blog/index.php?/archives/896-To...
A huge caveat regarding the comment that said general browsing is ok
Browsing with JavaScript disabled (not just for some sites via the use of No-Script etc) is considered generally safe if browsing hidden services (ignoring traffic correlation attacks, adversary knocking nodes off line to increase the chances that your Tor circuit will use a guard and a relay node that they own and other tricks).
Browsing the clear web however is a rather different matter. Because exit nodes are a mixture of honeypots, servers run by kind hearted volunteers, servers run by three letter agencies and corporately sponsored servers, “Exit traffic” to the web should be considered at a 'roll the dice' level of probability.
Consider the example of person XYZ who is under an active investigation or there is a need for parallel construction. At (timestamp), Person XYZ activated a new Tor connection. This sort of info can be gotten from logs obtained from either your ISP or from any data centre or any point the connection that exited your building and connected to the guard node. Ok, so what, right? Agreed. However when correlated with Person XYZ also logged in to (or Googled ‘bad stuff keyword’, went to visit a site and was using a DNS server that logs queries, logged in to social media, sent an email, connected to IRC etc, etc) at (timestamp) then the ‘so what’ rapidly risks becoming rather more than a face-palm level of problem.
Let’s take a look at a real life example of someone that emailed a fake bomb threat at a US University https://nakedsecurity.sophos.com/2013/12/20/use-of-tor-point... Spoiler alert, the fact that it made the news sort of tells you already that it didn’t end well for him.
Bear in mind that as soon as you turn off JavaScript then you begin to stand out from the crowd (the Tor FAQ has a whole section on browser fingerprinting)
It seems to me that most de-anonymizing attacks used human operating errors, physical attacks like snatching a laptop with an open tor browser window from a user, or side-channel attacks based on malware like Finfisher.
Running it from Tails seems pretty secure...but, in the end, who does that consistently?
Also, it just doesn't seem very likely that the US DoD would fund a network which defeats their own surveillance efforts.
Being "anonymous" online is more a question of being anonymous from who's perspective. Fooling a sysadmin is easy. Fooling an ISP is hard. Fooling an NSA contractor is probably near impossible. I think you can achieve reasonable plausible deniability with enough inconvenience, though. Get rid of your smartphone, compartmentalize your activity, never enable JS, use public wifi, spoof your MAC, make a tinfoil hat, etc.
I adapted a user.js template [1] that hardens Firefox by disabling a lot of features, including disabling Mozilla products like Pocket.
By default it is very strict though, so you will probably want to go through the config setting by setting and relax it a bit. Like enabling Webassembly and the search engine integration of the URL bar.
Most settings have inline comments explaining what they do and why they are chosen.
I use GNU Icecat [1]. It is Firefox ESR rebranded, without Mozilla, tracking, pocket, etc. Please note that it does come with some fairly opinionated addons. LibreJS blocks all nonfree javascript for example. You can of course disable these addons if you find them too cumbersome.
I'm not sure where you got the idea that it's out of date. It's based on Firefox ESR and is kept up to date with upstream patches. I'm also not sure how you came to the conclusion that it's "hacked up", considering many of its privacy enhancing patches made it into Firefox.
ESR is basically a stripped and reconfigured browser for organizational deployments where the trade-offs and defaults are geared towards organizational efficiency and management issues, not individual security and privacy. It pretty much says so right on the tin. It's a weird thing to use that as a starting point for a supposedly security and privacy-focused browser. That's before they add their own cruft.
Tor Browser is the browser equivalent of adding sparklers around the gas tank of a Ford Pinto and then claiming you've now got a vehicle uniquely suited for demolition derbies and bank robberies.
"The Telemetry feature provides this capability by sending performance and usage info to Mozilla. As you use Firefox, Telemetry measures and collects non-personal information, such as performance, hardware, usage and customizations. It then sends this information to Mozilla on a daily basis and we use it to improve Firefox. "
Why is this not disabled in a supposed privacy browser?
no because Tor browser bills itself as privacy orientated. Sending any kind of telemetry data compromised that.
Telemetry data is made up of two data sets: interaction data and technical data.
Interaction data includes information about your interactions with Firefox such as number of open tabs and windows, number of webpages visited, number and type of installed Firefox Add-ons and session length, as well as Firefox features offered by Mozilla or our partners such as interaction with Firefox search features and search partner referrals.
Technical data includes information about your Firefox version and language, device operating system and hardware configuration, memory, basic information about crashes and errors, outcome of automated processes like updates and safebrowsing. When Firefox sends data to us, your IP address is temporarily collected as part of our server logs.
You can use pluggable transports to camouflage your traffic (they're already built into the Tor Browser, e.g. meek, snowflake, ...).
To get Tor in the first place in a censored/risky place you can get it from the official GetTorBrowser repository on Github: https://github.com/TheTorProject/gettorbrowser (There are additional links to GitLab, Archive.Org, Google Drive)
Also the length of the response, which is significantly more 'helpful', although probably not enough for a working attack unless you're willing to harrass a significant fraction of your intellectual workforce over false positives.
with or without downloading Tor I say its safe to assume everyone here is already under some kind of monitoring like we're all potential customers/criminals
Maybe in the west that'd be true- since we can freely trade information over the public internet, TOR doesn't have much utility. Let's say you're in a more totalitarian government that censors more information- TOR might look like a practical solution there, and might have people using it for more practical purposes.
He's right, it is a pretty big if, since storage space and compute power are basically free for NSA/CIA (and they have shown they don't care about privacy laws or the 4th amendment) you can safely assume all your traffic and data is stored away somewhere for future usage against you. If you're in Europe you are probably a bit safer.
All of them at once, for some reason, or is Google just covering their ass? I heard there was some boring lawyer standoff between Google and KODA, the danish music cartel, but the Google blockade goes way beyond danish music. I've seen Russian music blocked even. [1]
But I see your point, though I'm not sure who is more unlikeable, Google or the music industry. Actually, let it never be said that I'm not fair: They can all get bent.
Fellow Dane here and someone who used to work with Danish musicians: KODA is the enemy. It'd be a more worthy initiative to go yell at them: they are literally the mafia of music in Denmark.
I don't think this is related to script blocking or frames at all, its a long standing bug in the tor project site that anyone can trigger by just refreshing. Check other comments in this thread.
I'm still a little shocked by this. It's 2020 and we were still allowing these old protocols?