Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring
-
Upload
iscienceeu -
Category
Education
-
view
1.952 -
download
0
Transcript of Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring
![Page 1: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/1.jpg)
Online AnonymityBefore and After the Arab Spring
A talk by Runa A. Sandvik, [email protected], on August 14, 2012,at the first Network of Excellence Internet Science Summer School
![Page 2: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/2.jpg)
I am
• From Oslo, Norway, based in London, UK
• A developer, researcher, project coordinator, community manager, support assistant, and translation coordinator
• Worked for and with the Tor Project since Google Summer of Code in 2009
![Page 3: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/3.jpg)
This is
• A talk about what Tor is, how it works, the increase in users over the past two years, blocking events, and work in progress
• Will look at blocking events from 2006 to 2009 and compare these with the events we have seen since the beginning of 2011
![Page 4: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/4.jpg)
Before the Arab Spring
![Page 5: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/5.jpg)
“Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.”
![Page 6: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/6.jpg)
How Tor works
![Page 7: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/7.jpg)
Tor is open source
• The code was released in 2002
• The design paper published in 2004
• Tor was (and still is) an anonymity tool, but no one had thought about circumvention/anti-censorship
![Page 8: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/8.jpg)
The arms race begins
• Thailand (2006): DNS filtering of our website
• Smartfilter/Websense (2006): Tor used HTTP for fetching directory info, cut all HTTP GET requests for “/tor/...”
• Iran (2009): throttled SSL traffic, got Tor for free because it looked like Firefox+Apache
• Tunisia (2009): blocked all but port 80+443
• China (2009): blocked all public relays and enumerated one of the bridge buckets
![Page 9: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/9.jpg)
![Page 10: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/10.jpg)
The Arab Spring
![Page 11: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/11.jpg)
Use of social media
• In the months following the first protests in December 2010, videos, pictures, and stories from activists spread quickly via the Internet
• Use of social media helped activists organize protests and spread awareness, that changed when authorities started to censor more and more websites
![Page 12: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/12.jpg)
![Page 13: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/13.jpg)
Hacktivism
• Griffin Boyce at HOPE Number Nine: Information distribution in the Arab Spring
• Shortwave and pirate radio to communicate with other activists and the rest of the world
• A few ISPs around the world set up dial-up services for people in Egypt
• Speak To Tweet, Bluetooth local networks to share and spread videos, word of mouth
• Free proxies, VPN services, RetroShare, Tor
![Page 14: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/14.jpg)
![Page 15: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/15.jpg)
Between 2010 and 2012
• Tunisia: from 800 to 1,000
• Egypt: from 600 to 1,500
• Syria: from 600 to 15,000
• Iran: from 7,000 to 40,000
• All countries: from 200,000 to 500,000
![Page 16: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/16.jpg)
Since then...
![Page 17: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/17.jpg)
A quick reminder
• DNS filtering of our website
• Cut all HTTP GET requests for “/tor/...”
• Throttle SSL traffic
• Block all but port 80 and 443
• Block all public relays and bridges
![Page 18: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/18.jpg)
The arms race continues
• DigiNotar and Comodo (2011): incorrectly issued certificates for our website to a malicious party
• China (2011): use of DPI, follow-up scanning to determine what the connection is and if it should be blocked
• Iran (2011): use of DPI on SSL in 2011, general SSL block in February 2012, “halal” Internet
• Kazakhstan, Ethiopia, UAE (2012): use of DPI
![Page 19: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/19.jpg)
Public key pinning
• We pinned the certificate for our website in Google Chrome, the certificate chain must now include a whitelisted public key
• A self-signed certificate will display a warning and ask the user if she wants to continue, an incorrect certificate will fail hard
• Users with XP prior to SP3 will have some issues with SHA256 signed certificates, including the one for torproject.org
![Page 20: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/20.jpg)
Obfsproxy
• A new tool to make it easier to change how Tor traffic looks on the network
• Rolled out in February 2012 when Iran started using DPI to filter all SSL connections
• Requires volunteers to set up special bridges
• We are working on automating builds of the Tor Browser Bundle with Obfsproxy
• Different pluggable transports available; FlashProxy, StegoTorus, SkypeMorph, Dust
![Page 21: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/21.jpg)
![Page 22: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/22.jpg)
Manual blocking analysis
• Requires in-country contacts with patience, access to Wireshark, the Tor Browser Bundle, and a private Tor bridge
• We spend a lot of time analyzing captured network data, try to determine the fingerprint that is being used to block Tor, and then set up special bridges for affected users
![Page 23: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/23.jpg)
Tor censorship events
• An anomaly-based censorship-detection system for Tor on https://metrics.torproject.org/, also includes the Tor censorship events mailing list
• Censorship Wiki with details about blocking events, research, tools: https://trac.torproject.org/projects/tor/wiki/doc/OONI/censorshipwiki
![Page 24: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/24.jpg)
ooni-probe
• A part of the Open Observatory of Network Interference project
• Can be used to collect high-quality data about Internet censorship and surveillance
• Runs a set of tests on your local Internet connection to check for blocked or modified content
• Will eventually be able to determine how different DPI devices are blocking Tor
![Page 25: Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After the Spring](https://reader031.fdocuments.us/reader031/viewer/2022030212/589ec5fb1a28ab47138b4d8b/html5/thumbnails/25.jpg)
Questions?
• Support: [email protected]
• Development: [email protected]
• IRC: #tor and #tor-dev on irc.oftc.net
• Twitter: @torproject
• Twitter: @runasand