Re: Reduce hops when privacy level allows to save Tor network bandwidth
* on the Wed, Nov 18, 2009 at 12:08:10PM -0500, Marcus Griep wrote: Yes, they should. However, just because people shouldn't be doing something doesn't mean you should ignore the fact that they are. Responding to a deficiency in an area which Tor does not attempt to solve is a poor use of resources. That's fine, as long as you're assuming that people only use Tor when they need strong anonymity. As soon as you realise that people who don't need strong anonymity are using it as well, your point fails. Whether or not they *should* be doing so is irrelevant. The options are: 1.) Ignore that they're doing it 2.) Prevent them from doing it 3.) Make their impact smaller when they are doing it I choose 3. There are many use cases where that level of protection isn't required. -- In that case, use a tool better suited to your goals. Again. Whether or not people *should* be using Tor under these circumstances is irrelevant. The point is, they are, and how to deal with it. Now, if you were interested in coding this piece, and you felt it a good use of your resources, then it might be worthwhile. However, remember that every choice given to the end user is a chance for the end user to make a bad or misinformed decision. Tor has bandwidth issues that come with multiple routing hops. Many users just want Tor faster, but often are not savvy enough to understand that reducing the number of hops, even by one, severely limits the Tor's ability to hamper tracking efforts. As such many may choose to reduce their hops, and get faster usage, but falsely believe that just because it is still Tor, they can't be tracked. I prefer the concept of combining safe defaults with more choice. If people are afraid for their life, they're not going to reduce the number of hops from 3 to 2. -- Erilenz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
Tim Wilde wrote: On 11/18/2009 4:17 AM, Jim wrote: Google was actually the motivating factor in causing me to get serious about overcoming whatever problem I had when I first tried to use Tor. Although my concern at the time was more the ubiquity of google-analytics. But still concerned about using their search engine. My problem was that (for quite a while now), when I try to do a search on Google via Tor, more often than not Google calls me a virus and tells me to go away (unusual network activity or some such). My solution has been to connect to Scroogle via Tor. I am not nearly as anti-Google as the guy (people?) who run Scroogle and I don't mind the unobtrusive right column adds on Google search results. Its just my (usual) inability to use Google directly w/o dropping anonymity. There's another relatively easy solution to the Analytics part - surf with a plugin like Firefox's NoScript installed, and forbid google-analytics.com from ever running scripts. Boom, no more analytics, I believe NoScript won't even allow Firefox to fetch the code from the URL, so they don't even get the hit (note: I haven't actually confirmed that part explicitly). Plus you get a ton of other safety benefits from browsing the web with scripting off by default, and the various other nasty things like clickjacking and XSS that NoScript attempts to block. Yes. I've long recognized that one of the possible ironies in my story is that google-analytics motivated me to get off my duff and get Tor working. However, in the process of setting up Tor I found out that Privoxy could very nicely take care of google-analytics on its own. But as I've alluded to, while google-analytics was the top motivator for me, there is other motivation from Google (as search engine) and others wishing to track me. Others more knowledgeable than I may wish to comment on this, but I believe I have read that it is not a good idea to combine NoScript with Tor. I can't give you the gory details. While I don't know the details of how NoScript handles google-analytics, I do know (on the last version I checked) that by default Privoxy won't allow anything from google-analytics to load, including their script(s). Cheers, Jim *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
On 11/19/2009 04:47 AM, Erilenz wrote: That's fine, as long as you're assuming that people only use Tor when they need strong anonymity. As soon as you realise that people who don't need strong anonymity are using it as well, your point fails. Whether or not they *should* be doing so is irrelevant. The options are: 1.) Ignore that they're doing it 2.) Prevent them from doing it 3.) Make their impact smaller when they are doing it I choose 3. You are going to BMW asking them to include features from Ford, because you personally like some features found in Ford trucks. If only BMW cars would include these features, then you'd buy a BMW and stop complaining about the lack of Ford features. This is the borderline definition of trolling. Until the research shows less than three hops is as safe as the current three hops, we as the Tor Project are not changing the default number of hops. If you want simple circumvention without strong anonymity, there are ten thousand or so open proxies in the world, which are free. If you want strong anonymity, use Tor. The current research on anonymity networks is conveniently collected for you at http://freehaven.net/anonbib/. Cypherpunks write code. Feel free to write code so you can screw your own anonymity with the speed and efficiency you claim to want. Others have already done this; some even got talks at blackhat or defcon for changing a line of code or two. Google search has your answers. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
* on the Thu, Nov 19, 2009 at 07:43:01AM -0500, Andrew Lewman wrote: That's fine, as long as you're assuming that people only use Tor when they need strong anonymity. As soon as you realise that people who don't need strong anonymity are using it as well, your point fails. Whether or not they *should* be doing so is irrelevant. The options are: 1.) Ignore that they're doing it 2.) Prevent them from doing it 3.) Make their impact smaller when they are doing it I choose 3. You are going to BMW asking them to include features from Ford, because you personally like some features found in Ford trucks. If only BMW cars would include these features, then you'd buy a BMW and stop complaining about the lack of Ford features. That is the worse analogy I've ever seen. It's terribly constructed and doesn't bare even the slightest resemblance to what is being discussed. Please try again. Or don't. This is the borderline definition of trolling. No it's not. I've not done anything which would suggest I was trolling. Random claims that somebody is trolling in order to discredit what they're saying ... now *that's* trolling. Until the research shows less than three hops is as safe as the current three hops, we as the Tor Project are not changing the default number of hops. Are you suggesting that I said something about changing the default number of hops? I explicitly stated the *opposite* of that. Your first language is English right? If you want simple circumvention without strong anonymity, there are ten thousand or so open proxies in the world, which are free. If you want strong anonymity, use Tor. The current research on anonymity networks is conveniently collected for you at http://freehaven.net/anonbib/. Cypherpunks write code. Feel free to write code so you can screw your own anonymity with the speed and efficiency you claim to want. Others have already done this; some even got talks at blackhat or defcon for changing a line of code or two. Google search has your answers. You keep talking as though it is *me* who wants this capability. For myself, I want a 3 hop circuit, but I want more bandwidth available to me. In order to get more bandwidth, I want those who *can* use a 2 hop circuit to do so. This is one of those ideal/practical arguments. Idealistically, Tor would only have 3 hop circuits and those who want simple circumvention wouldn't use it. That doesn't make it the practical truth of what is happening though. -- Erilenz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
On Thu, Nov 19, 2009 at 11:46 AM, Erilenz eril...@gmail.com wrote: * on the Thu, Nov 19, 2009 at 07:43:01AM -0500, Andrew Lewman wrote: That's fine, as long as you're assuming that people only use Tor when they need strong anonymity. As soon as you realise that people who don't need strong anonymity are using it as well, your point fails. Whether or not they *should* be doing so is irrelevant. The options are: 1.) Ignore that they're doing it 2.) Prevent them from doing it 3.) Make their impact smaller when they are doing it I choos3. You are going to BMW asking them to include features from Ford, because you personally like some features found in Ford trucks. If only BMW cars would include these features, then you'd buy a BMW and stop complaining about the lack of Ford features. That is the worse analogy I've ever seen. It's terribly constructed and doesn't bare even the slightest resemblance to what is being discussed. Please try again. Or don't. This is the borderline definition of trolling. No it's not. I've not done anything which would suggest I was trolling. Random claims that somebody is trolling in order to discredit what they're saying ... now *that's* trolling. Until the research shows less than three hops is as safe as the current three hops, we as the Tor Project are not changing the default number of hops. Are you suggesting that I said something about changing the default number of hops? I explicitly stated the *opposite* of that. Your first language is English right? If you want simple circumvention without strong anonymity, there are ten thousand or so open proxies in the world, which are free. If you want strong anonymity, use Tor. The current research on anonymity networks is conveniently collected for you at http://freehaven.net/anonbib/. Cypherpunks write code. Feel free to write code so you can screw your own anonymity with the speed and efficiency you claim to want. Others have already done this; some even got talks at blackhat or defcon for changing a line of code or two. Google search has your answers. You keep talking as though it is *me* who wants this capability. For myself, I want a 3 hop circuit, but I want more bandwidth available to me. In order to get more bandwidth, I want those who *can* use a 2 hop circuit to do so. This is one of those ideal/practical arguments. Idealistically, Tor would only have 3 hop circuits and those who want simple circumvention wouldn't use it. That doesn't make it the practical truth of what is happening though. -- Erilenz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ My question is: do you really think it would help? If people are using Tor inappropriately (meaning they could get what they want with a simple anonymous proxy), what are the chances they're going to have it configured appropriately to reduce the bandwidth they use? Also, is the number of relay's really the limiting factor? It seems to me that the number of exit-nodes would be a bigger bottle neck, and cutting down hop counts wouldn't help in this regard. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
My question is: do you really think it would help? If people are using Tor inappropriately (meaning they could get what they want with a simple anonymous proxy), what are the chances they're going to have it configured appropriately to reduce the bandwidth they use? I don't want to weigh in on the more substantive issues here, but I do think that this specific question can be answered without too much difficulty. For those who require a lower level of anonymity than that which Tor provides, but choose to use Tor anyway, Tor's poor performance is probably a major complaint. If they had the opportunity to change a setting from 'high security' to `one-hop proxy', and got better performance from the latter, I think that many of this group would change that setting. This would make Tor more useful to them, and decrease the network load per person in this group. This is not to say that more use wouldn't immediately crop up to fill this gap, nor that more `one hop' users wouldn't start using Tor likewise. I don't want to say whether building one-hop functionality is a good idea, but I certainly think that some people would use it.
Re: Reduce hops when privacy level allows to save Tor network bandwidth
On Thu, Nov 19, 2009 at 11:46:12AM -0500, Erilenz wrote: This is one of those ideal/practical arguments. Idealistically, Tor would only have 3 hop circuits and those who want simple circumvention wouldn't use it. That doesn't make it the practical truth of what is happening though. Even if your theory about overall traffic savings is correct, will the number of exit nodes rise to handle increased usage? If that happens, Tor exit nodes will lose whatever reputation we have built for them so far as being fruitless to seize. It is hard enough to get people to run them now. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
Gregory Maxwell wrote: There are a great many people who have merely encountered one too many examples of the ubiquitious tracking on the Internet. For example, Google's abuse of JS fake out the link target display and intercept outbound links on search has been driving me nuts lately as it makes it impossible to copy and paste links from the search results. This makes me aware of and irritated by Google's surveillance. You might want to look into using something like Scroogle ( http://www.scroogle.org ). I thnk Scroogle scrubs those redirects. Google was actually the motivating factor in causing me to get serious about overcoming whatever problem I had when I first tried to use Tor. Although my concern at the time was more the ubiquity of google-analytics. But still concerned about using their search engine. My problem was that (for quite a while now), when I try to do a search on Google via Tor, more often than not Google calls me a virus and tells me to go away (unusual network activity or some such). My solution has been to connect to Scroogle via Tor. I am not nearly as anti-Google as the guy (people?) who run Scroogle and I don't mind the unobtrusive right column adds on Google search results. Its just my (usual) inability to use Google directly w/o dropping anonymity. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
* on the Tue, Nov 17, 2009 at 03:26:10PM +0100, Georg Sluyterman wrote: The following occured to me. Tor is designed to protect users from traffic analysis by very technical adversaries. There are many use cases where that level of protection isn't required. In those cases, if there was a config option to reduce the number of hops in a circuit to 2 (or possibly even 1), then users would be able to get themselves a more responsive circuit, whilst saving the Tor network overall bandwidth. In a three hop circuit, when x contacts y, the Tor network ends up having to transfer 4X the data: x -(1) Entry -(2) Middle -(3) Exit -(4) y In a 2 hop circuit it only has to transfer 75% of that: x -(1) Entry -(2) Exit -(3) y If you send a 1 kByte packet through a Tor node (lets forget the overhead for now), the Tor node has to download the packet and upload it to the next node (or endpoint) which equals 2 kByte traffic on the internetconnection for the specific Tor node. If you send a 1 kByte packet through Tor (again forget about overhead) the traffic used in the network will be ~6 kByte (packetsize * 2 * number_of_hops). If you send through two hops instead of three, you will genereate 4 kByte traffic instead of 6 kByte. Thats 67% not 75%. You are forgetting that between nodes, the packet has to be uploaded _and_ downloaded again (both things cost bandwidth). All of that is wrong. You're assuming that Node1 transmitting to Node2 and Node2 receiving from Node1 are two separate streams. My diagram has numbers where each transfer takes place. The first diagram has 4 transfers and the second diagram has 3 transfers. With regards to reducing the number of hops i agree with Andrew about using something else than Tor. People are going to use Tor even if they don't need strong anonymity because it is free, and because it has certain desirable attributes that other things such as VPNs don't give you. Given that they're going to use Tor, why not minimise the amount of bandwidth they're using in the process of doing so. -- Erilenz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
On 11/18/2009 4:17 AM, Jim wrote: Google was actually the motivating factor in causing me to get serious about overcoming whatever problem I had when I first tried to use Tor. Although my concern at the time was more the ubiquity of google-analytics. But still concerned about using their search engine. My problem was that (for quite a while now), when I try to do a search on Google via Tor, more often than not Google calls me a virus and tells me to go away (unusual network activity or some such). My solution has been to connect to Scroogle via Tor. I am not nearly as anti-Google as the guy (people?) who run Scroogle and I don't mind the unobtrusive right column adds on Google search results. Its just my (usual) inability to use Google directly w/o dropping anonymity. There's another relatively easy solution to the Analytics part - surf with a plugin like Firefox's NoScript installed, and forbid google-analytics.com from ever running scripts. Boom, no more analytics, I believe NoScript won't even allow Firefox to fetch the code from the URL, so they don't even get the hit (note: I haven't actually confirmed that part explicitly). Plus you get a ton of other safety benefits from browsing the web with scripting off by default, and the various other nasty things like clickjacking and XSS that NoScript attempts to block. Regards, Tim *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
* on the Tue, Nov 17, 2009 at 09:03:42AM -0500, Andrew Lewman wrote: On 11/17/2009 08:57 AM, Erilenz wrote: The following occured to me. Tor is designed to protect users from traffic analysis by very technical adversaries. There are many use cases where that level of protection isn't required. In those cases, if there was a config option to reduce the number of hops in a circuit to 2 (or possibly even 1), then users would be able to get themselves a more responsive circuit, whilst saving the Tor network overall bandwidth. People who don't want strong anonymity should use VPNS, single-hop proxy providers, or setup an ssh tunnel somewhere. Yes, they should. However, just because people shouldn't be doing something doesn't mean you should ignore the fact that they are. -- Erilenz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
On Wed, Nov 18, 2009 at 11:48 AM, Erilenz eril...@gmail.com wrote: * on the Tue, Nov 17, 2009 at 09:03:42AM -0500, Andrew Lewman wrote: On 11/17/2009 08:57 AM, Erilenz wrote: The following occured to me. Tor is designed to protect users from traffic analysis by very technical adversaries. There are many use cases where that level of protection isn't required. In those cases, if there was a config option to reduce the number of hops in a circuit to 2 (or possibly even 1), then users would be able to get themselves a more responsive circuit, whilst saving the Tor network overall bandwidth. People who don't want strong anonymity should use VPNS, single-hop proxy providers, or setup an ssh tunnel somewhere. Yes, they should. However, just because people shouldn't be doing something doesn't mean you should ignore the fact that they are. -- Erilenz Responding to a deficiency in an area which Tor does not attempt to solve is a poor use of resources. Tor is a strong-anonymizing proxy. Three hops is the minimum necessary to ensure a proper degree of anonymity. There are severe deficiencies with only using one or two hops insofar as anonymity is concerned. Using more than 3 is problematic from a network utilization standpoint. Thus the magic number, three. There are many use cases where that level of protection isn't required. -- In that case, use a tool better suited to your goals. Now, if you were interested in coding this piece, and you felt it a good use of your resources, then it might be worthwhile. However, remember that every choice given to the end user is a chance for the end user to make a bad or misinformed decision. Tor has bandwidth issues that come with multiple routing hops. Many users just want Tor faster, but often are not savvy enough to understand that reducing the number of hops, even by one, severely limits the Tor's ability to hamper tracking efforts. As such many may choose to reduce their hops, and get faster usage, but falsely believe that just because it is still Tor, they can't be tracked. -- Marcus Griep —— Ακακια את.ψο´, 3°
Reduce hops when privacy level allows to save Tor network bandwidth
The following occured to me. Tor is designed to protect users from traffic analysis by very technical adversaries. There are many use cases where that level of protection isn't required. In those cases, if there was a config option to reduce the number of hops in a circuit to 2 (or possibly even 1), then users would be able to get themselves a more responsive circuit, whilst saving the Tor network overall bandwidth. In a three hop circuit, when x contacts y, the Tor network ends up having to transfer 4X the data: x -(1) Entry -(2) Middle -(3) Exit -(4) y In a 2 hop circuit it only has to transfer 75% of that: x -(1) Entry -(2) Exit -(3) y -- Erilenz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
Erilenz wrote, On 2009-11-17 14:57: The following occured to me. Tor is designed to protect users from traffic analysis by very technical adversaries. There are many use cases where that level of protection isn't required. In those cases, if there was a config option to reduce the number of hops in a circuit to 2 (or possibly even 1), then users would be able to get themselves a more responsive circuit, whilst saving the Tor network overall bandwidth. In a three hop circuit, when x contacts y, the Tor network ends up having to transfer 4X the data: x -(1) Entry -(2) Middle -(3) Exit -(4) y In a 2 hop circuit it only has to transfer 75% of that: x -(1) Entry -(2) Exit -(3) y If you send a 1 kByte packet through a Tor node (lets forget the overhead for now), the Tor node has to download the packet and upload it to the next node (or endpoint) which equals 2 kByte traffic on the internetconnection for the specific Tor node. If you send a 1 kByte packet through Tor (again forget about overhead) the traffic used in the network will be ~6 kByte (packetsize * 2 * number_of_hops). If you send through two hops instead of three, you will genereate 4 kByte traffic instead of 6 kByte. Thats 67% not 75%. You are forgetting that between nodes, the packet has to be uploaded _and_ downloaded again (both things cost bandwidth). With regards to reducing the number of hops i agree with Andrew about using something else than Tor. -- Regards Georg Sluyterman *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
On Tue, Nov 17, 2009 at 9:03 AM, Andrew Lewman and...@torproject.org wrote: People who don't want strong anonymity should use VPNS, single-hop proxy providers, or setup an ssh tunnel somewhere. I thought there were plans to offer officially offer a length-two mode? In particular the current routing is annoying for hidden nodes and exit enclaves as they get an extra hop. The alternatives you suggest have advantages including improved performance, decreased probability of being blocked, less load on the TOR network, and possibly lower chances of funny business by unethical exit operators. But the user loses an opportunity to contribute to the TOR anonymity set and further pigeonholes TOR into niche, borderline, and outright socially harmful use cases. There are a great many people who have merely encountered one too many examples of the ubiquitious tracking on the Internet. For example, Google's abuse of JS fake out the link target display and intercept outbound links on search has been driving me nuts lately as it makes it impossible to copy and paste links from the search results. This makes me aware of and irritated by Google's surveillance. If I take up using TOR in response, I add to the anonymity set, I add to the justifiable use cases, and I add a voice against inhibiting TOR (either governmental inhibition or internet site operators blocking it because its a frequent source of problem users). I'd expect the performance impacts of casual users to be self-limiting: People who don't really need TOR's properties are the first to turn it off as it becomes slower. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
On Tue, Nov 17, 2009 at 8:57 AM, Erilenz eril...@gmail.com wrote: The following occured to me. Tor is designed to protect users from traffic analysis by very technical adversaries. There are many use cases where that level of protection isn't required. In those cases, if there was a config option to reduce the number of hops in a circuit to 2 (or possibly even 1), then users would be able to get themselves a more responsive circuit, whilst saving the Tor network overall bandwidth. In a three hop circuit, when x contacts y, the Tor network ends up having to transfer 4X the data: x -(1) Entry -(2) Middle -(3) Exit -(4) y In a 2 hop circuit it only has to transfer 75% of that: x -(1) Entry -(2) Exit -(3) y -- Erilenz [snip] Isn't an underloaded network a security concern anyway, since it makes it theoretically easier to track if there's not as much going on in the network? -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/