Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Tor Project Experiments With Funding Fast Exit Nodes

Unknown Lamer posted more than 2 years ago | from the cash-for-secrets dept.

Privacy 96

mask.of.sanity writes "The Tor Project is considering paying exit relay hosts to make the network faster and more secure. The project has called for discussion on the idea, notably from relay hosts. Its founder has suggested $100 a month would attract fast and diverse nodes. Exit nodes are the last hopping point on the Tor network and are critical to its performance and safety." The problem: "But lately the Tor network has become noticeably faster, and I think it has a lot to do with the growing amount of excess relay capacity relative to network load ... on today's network, clients choose one of the fastest 5 exit relays around 25-30% of the time, and 80% of their choices come from a pool of 40-50 relays. ... Since we're not doing particularly well at diversity with the current approach, we're going to try an experiment: we'll connect funding to exit relay operators so they can run bigger and/or better exit relays." As to funding: "We've lined up our first funder (BBG, ...), and they're excited to have us start as soon as we can. They want to sponsor 125+ fast exits."

cancel ×

96 comments

Sorry! There are no comments related to the filter you selected.

Great Idea (2)

seeker_1us (1203072) | more than 2 years ago | (#40763069)

I always want to be able to make a fast exit from whereever I am.

Re:Great Idea (-1)

Anonymous Coward | more than 2 years ago | (#40763115)

And that's why when your girlfriend wants a real man to fuck her that she goes down the street to visit 'Nigga Tyrone'.

Why would anyone ever want to run a Tor exit node? (4, Insightful)

Anonymous Coward | more than 2 years ago | (#40763133)

I mean, even if you are paid much more than $100 a month, being legally and financially responsible for the shit that goes on through your server (since you are the EXIT node) could get you sent to jail for life and cost you huge amounts of money. Sounds completely insane for anyone to willingly run such a thing.

Re:Why would anyone ever want to run a Tor exit no (0)

Anonymous Coward | more than 2 years ago | (#40763195)

Nobody uses exit nodes for illegal stuff anymore.

Re:Why would anyone ever want to run a Tor exit no (5, Interesting)

MoonBuggy (611105) | more than 2 years ago | (#40763219)

It's a public service, helping to preserve people's ability to practice their right to free speech. Plenty of us believe extremely strongly in that, and I'd consider it at least as worthy as many other philanthropic causes. If I had a decent amount of money (i.e. enough to consult a lawyer beforehand, take reasonable legal precautions, and kick up a stink rather than just disappearing if I ever were taken to court) I'd do it like a shot.

Who protects the exit node operators? Anonymous? (1)

elucido (870205) | more than 2 years ago | (#40764811)

If you run an exit node and several intelligence agencies find out you're the guy behind the node what exactly can you do? I would say you're life would be ruined. So is there a way to run exit nodes completely anonymously?

Re:Who protects the exit node operators? Anonymous (1)

MoonBuggy (611105) | more than 2 years ago | (#40767063)

I don't know that there is a method to do it completely anonymously, but the fact we're even treating the mere operation of an exit node as a crime, and something to be hidden at all costs, is a rather depressing indictment of the current state of our legal systems. Ideally one should be able to proudly and publicly make a stand for anonymity - that's where my comment about a decent amount of money comes in. A higher profile name who sets up a (charitable?) organisation with limited liability (not a perfect protection, but something) and loudly announces to the world how they're standing up for the First Amendment rights of all Americans (or some local equivalent) makes for, at worst, a protracted and public case in which the government can easily come out looking like the bully.

It's imperfect, certainly, but plenty of people have made the world a better place in the process of being fucked over making a stand against their governments. Many others have won. Some have disappeared into the legal system for all eternity. Sometimes the sacrifice is in vain, sometimes it isn't, but it almost always packs a better punch if you have the money and publicity to manage it well.

Re:Who protects the exit node operators? Anonymous (1)

slashrio (2584709) | more than 2 years ago | (#40767851)

What you are basically saying, is that you live in a state ruled by tyranny instead of democracy. I mean, where else would a law-abiding citizen say that doing something legal could have him put in jail and/or his life ruined if 'they' might 'find out'.

Re:Why would anyone ever want to run a Tor exit no (4, Interesting)

crazyjj (2598719) | more than 2 years ago | (#40763275)

It would be nice to think that everyone would all do it, making it basically impossible to harass individual exit nodes. That's certainly the theory behind Tor. And it's a noble idea.

But then again, let's face it, most people are leechers. And unless you could find a way to encourage mass adoption of Tor, combined with a default (perhaps even mandatory) setting of "allow exit node", it's probably not going to work.

Maybe they could bundle it in with some really popular apps or games. Offer "This game $10 for the regular version/free with Tor" specials.

Re:Why would anyone ever want to run a Tor exit no (4, Insightful)

betterunixthanunix (980855) | more than 2 years ago | (#40763303)

It would be nice to think that everyone would all do it, making it basically impossible to harass individual exit nodes

Like how it is impossible to harass individual pot smokers? Even if there were millions of exit nodes, the police would be harassing exit node operators, just to keep everyone afraid.

Re:Why would anyone ever want to run a Tor exit no (0)

Anonymous Coward | more than 2 years ago | (#40769491)

To give a hypothetical example to explain it, if everybody used Tor, and everybody also acted as an exit node, and thus if all traffic on Internet where routed through other computers, then it would be well understood that nobody was responsible for traffic leaving their nodes, and no judge would be willing to allow the police to harass somebody based on traffic that left their node.

Re:Why would anyone ever want to run a Tor exit no (1)

Mister_Stoopid (1222674) | more than 2 years ago | (#40785307)

I think that's an overly optimistic appraisal of the situation. Laws are selectively enforced all the time. Mostly they'll leave people alone, but when election time rolls around I think judges and DAs all over the place will be more than happy to bust a few random exit node operators for trafficking in child pornography. Bonus: if you lead protests, or run for office against the incumbent DA, or start a business that competes with a business owned by a local judge's son, all they have to do is watch your exit node traffic until some unmentionables slip by and they've got you.

Re:Why would anyone ever want to run a Tor exit no (3, Interesting)

Lincolnshire Poacher (1205798) | more than 2 years ago | (#40763647)

But then again, let's face it, most people are leechers.

I have a reasonably fast business ADSL connection which is genuinely unmetered with no "fair-usage", no throttling, no DPI. It is literally a packet-shifting Internet connection through my ISP which is fairly rare in the UK these days!

I'd love to open it up to the benefit of society, but I just can't accept the risks of running something like a Tor node. Even running a secondary channel with open wifi makes me nervous.

I suppose this makes me cowardly.... and means they are winning.

Okay, how can we make Anonymous exit nodes? (1)

elucido (870205) | more than 2 years ago | (#40764857)

Is there a way to make it impossible to determine who is running the node? Such as someone drops the node in a park and walks away?

As things are right now, anyone caught running an exit node in any country could face harassment by hostile intelligence agencies. As a result no one really wants to run them. What can you do if you run a node and you get a knock on your door from the Secret Service or FBI? You'll be forced to cooperate.

Re:Okay, how can we make Anonymous exit nodes? (2, Informative)

Anonymous Coward | more than 2 years ago | (#40765451)

Buy a server using an anonymous payment method, run the exit node on it, pay no more than monthly in case it gets taken down (ISP is uncomfortable, etc.), accept donations using an anonymous payment method. You can spend the received money anonymously, or otherwise carefully clean them before accessing with your personal identity.

I do something like this for I2P and Freenet and never tried running a TOR exit node this way, but I don't see why it wouldn't work.

Re:Okay, how can we make Anonymous exit nodes? (0)

Anonymous Coward | more than 2 years ago | (#40766173)

Could you or anyone else please recommend some hosting providers which allow anonymous payment, i.e. bitcoins?

Re:Okay, how can we make Anonymous exit nodes? (0)

Anonymous Coward | more than 2 years ago | (#40766201)

How do you do all of this anonymously? Are you using Bitcoins or something?

Re:Okay, how can we make Anonymous exit nodes? (0)

Anonymous Coward | more than 2 years ago | (#40775445)

Bitcoin is not the only anonymous payment solution, though it's by far the most convenient. The system doesn't specify anonymity as a feature, so you have to figure out how to keep your identities separate before using it for such purposes. Though if you are planning to run a TOR exit node, you are probably savvy enough to reason about these matters pretty easily.

Re:Okay, how can we make Anonymous exit nodes? (1)

crazyjj (2598719) | more than 2 years ago | (#40776131)

I'm pretty sure no ISP in their right mind is going to rent servers to anonymous buyers. That's pretty much begging for an FBI/Interpol/whoever raid. A Tor exit node would be the LEAST illegal thing such a service would be used for.

Re:Okay, how can we make Anonymous exit nodes? (0)

Anonymous Coward | more than 2 years ago | (#40787897)

Oh boy... I must be dreaming when I ssh to my servers then.

You know, they can still monitor their users. There are thousands of places on the net which you can use to host content anonymously. How do you think they function? Do you think operating a VPS somehow makes you more liable than an image host? Which laws of which jurisdiction are we talking about? And what is the MOST illegal thing you think one can host? Goatse? It's pure information, and it is viewed more as such in many parts of the world than others.

Re:Why would anyone ever want to run a Tor exit no (1)

Rich0 (548339) | more than 2 years ago | (#40768803)

By that line of argument you don't even need Tor, since as long as there are millions of dissidents in China there is nothing the government can do to get rid of all of them.

The problem is that for any individual the concern isn't whether the government will ruin the lives of all the exit node operators, but whether their own life will be ruined.

Re:Why would anyone ever want to run a Tor exit no (0)

Anonymous Coward | more than 2 years ago | (#40769063)

There is a tool that does this. I hope you like it:
http://sourceforge.net/projects/blackbeltpriv/ [sourceforge.net]

Re:Why would anyone ever want to run a Tor exit no (2, Interesting)

Anonymous Coward | more than 2 years ago | (#40763277)

I mean, even if you are paid much more than $100 a month, being legally and financially responsible for the shit that goes on through your server (since you are the EXIT node) could get you sent to jail for life and cost you huge amounts of money. Sounds completely insane for anyone to willingly run such a thing.

It's great for FBI,CIA,MI5 etc. It concentrates a lot of questionable traffic to very few nodes and make anyone connecting to these nodes immediately suspicious. Running a node for money would make it a more serious offense in court which is great for the DA: winning more years in prison means a better career for the DA.

Re:Why would anyone ever want to run a Tor exit no (2)

rtfa-troll (1340807) | more than 2 years ago | (#40764101)

Most connections from exit nodes are perfectly legal. For example a Chinese guy wants to access Slashdot. The traffic in the US is legal and it's just his traffic which is encrypted and going to a different node which is where he has a problem if it's discovered.

Let's be clear. The mere fact that you aren't doing anything doesn't make you immune from the police. There are so many laws and regulations set up for corporate interests that it's likely that you are breaking something; merely not running an exit node will not protect you. Filtering the traffic on exit nodes can very much reduce anti-social (potentially illegal) traffic. As long as you are only accepting a partial contribution and your costs are more than $100 you can treat this as an expense payment rather than a profit. This is likely to be seen very differently in court than profiting from an activity. Furthermore, the explicit involvement with the Tor project could help make it clear you did things for political reasons rather than in order to facilitate illegal activities. Overall, bearing in mind INAL, INAL in your country and, ICNYL (certainly not your lawyer), I don't see that this much increases the risk of a person running an exit node.

There's plenty of reasonable FUD to spread about tor; it could be very risky to use tor from China since the traffic isn't that well hidden; you have to be very careful about your end point security; in less-democratic / less free countries you may be arrested for running an exit node even if you had no intention of supporting illegal activities. There's no need to make up extra FUD

Re:Why would anyone ever want to run a Tor exit no (1)

elucido (870205) | more than 2 years ago | (#40764913)

Most connections from exit nodes are perfectly legal. For example a Chinese guy wants to access Slashdot. The traffic in the US is legal and it's just his traffic which is encrypted and going to a different node which is where he has a problem if it's discovered.

Let's be clear. The mere fact that you aren't doing anything doesn't make you immune from the police. There are so many laws and regulations set up for corporate interests that it's likely that you are breaking something; merely not running an exit node will not protect you. Filtering the traffic on exit nodes can very much reduce anti-social (potentially illegal) traffic. As long as you are only accepting a partial contribution and your costs are more than $100 you can treat this as an expense payment rather than a profit. This is likely to be seen very differently in court than profiting from an activity. Furthermore, the explicit involvement with the Tor project could help make it clear you did things for political reasons rather than in order to facilitate illegal activities. Overall, bearing in mind INAL, INAL in your country and, ICNYL (certainly not your lawyer), I don't see that this much increases the risk of a person running an exit node.

There's plenty of reasonable FUD to spread about tor; it could be very risky to use tor from China since the traffic isn't that well hidden; you have to be very careful about your end point security; in less-democratic / less free countries you may be arrested for running an exit node even if you had no intention of supporting illegal activities. There's no need to make up extra FUD

But it would still make you a target of China. Do you want to deal with that? If it's illegal in China then the Chinese government will eventually figure out who is running the exit node.

Re:Why would anyone ever want to run a Tor exit no (1)

elucido (870205) | more than 2 years ago | (#40764885)

Why would they care about who is connecting those nodes? They would just target the node operators and watch them to determine who connects and what goes on.

Once again I don't see how being a node operator for Tor can possibly be good in this environment. If there is another scandal and something goes forwarded through your node anyone from Putin to Obama could want to make you comply.

Re:Why would anyone ever want to run a Tor exit no (2)

betterunixthanunix (980855) | more than 2 years ago | (#40763289)

Sounds completely insane for anyone to willingly run such a thing.

Some people are brave enough to run servers that will help political dissidents in China, Africa, and elsewhere.

Re:Why would anyone ever want to run a Tor exit no (0)

shentino (1139071) | more than 2 years ago | (#40763419)

That's not brave unless you yourself live in those areas.

Re:Why would anyone ever want to run a Tor exit no (0)

Anonymous Coward | more than 2 years ago | (#40763519)

True, except you can't know what will pass through your node. People can use it to access/buy illegal stuff in the country you're in, and that can get you into trouble. AFAIK no exit node operator was ever imprisoned over it, but many were threatened (some fight back, others give up).

Re:Why would anyone ever want to run a Tor exit no (0)

Anonymous Coward | more than 2 years ago | (#40766263)

the purpose of a DR (Disaster Recovery) site is to defeat the Geographical issue.

If a country/Gov. wants to shut you up and reign with dictatorial powers, all you can do is rely on other users outside THAT area... it doesn't matter how many users in Africa run it, if the gov. takes all their provider down.

Re:Why would anyone ever want to run a Tor exit no (1)

elucido (870205) | more than 2 years ago | (#40764933)

Sounds completely insane for anyone to willingly run such a thing.

Some people are brave enough to run servers that will help political dissidents in China, Africa, and elsewhere.

It's not a matter of being brave enough. How can it be done in a safe and effective way? If you want more people to do it then figure out how to make some best practices so it's safer. As things are right now Tor is the wild west and anything can happen to anyone "brave" enough to run an exit node. If running an exit node produces bad luck for whoever runs it, no one will want to run exit nodes. So how can we disconnect the individual ownership from the exit node? Libraries? Universities? What?

Re:Why would anyone ever want to run a Tor exit no (1)

SuperQ (431) | more than 2 years ago | (#40765493)

And if you're not brave enough to run it yourself, you can donate to exit nodes like NoiseTor - http://noisetor.net/ [noisetor.net] or to Tor itself.

Re:Why would anyone ever want to run a Tor exit no (1)

Trepidity (597) | more than 2 years ago | (#40763297)

Yeah, I would probably only run such a thing if I had a solid institutional arrangement that would back me up on it and divert any liability to the institution rather than me personally. A university may be able to get away with running an exit node, for example. But it's not clear this level of funding would incentivize those kinds of operators. Is a university's decision to run or not run an exit node going to turn on whether they get $100/mo funding?

Re:Why would anyone ever want to run a Tor exit no (3, Interesting)

Anonymous Coward | more than 2 years ago | (#40763653)

Tor has been out for ten years. Could you post some links to articles where people were held legally and/or financially responsible for what passed through their exit node?

Re:Why would anyone ever want to run a Tor exit no (4, Informative)

rbrausse (1319883) | more than 2 years ago | (#40765399)

[anecdote]

I had legal troubles* as someone used my exit node for downloading child pornography. after nearly 2 years the prosecutor closed the proceedings as he found nothing punishable.

*) including some officers searching my flat at 7 am and all my hardware was confiscated

Re:Why would anyone ever want to run a Tor exit no (1)

allo (1728082) | more than 2 years ago | (#40774179)

> *) including some officers searching my flat at 7 am and all my hardware was confiscated
and this is how it works.
Now you're afraid to run a node, because this can happen again. And a lot of others reading your message are afraid and do not even start.

We need so many nodes, that its infeasable to search every flat of a node-owner. Something like tor included into the default-config of a popular adsl-modem or something like this.

Re:Why would anyone ever want to run a Tor exit no (1)

rbrausse (1319883) | more than 2 years ago | (#40774371)

Now you're afraid to run a node, because this can happen again.

yes. I knew something like this could happen (and was in a way prepared - the police visit was surprising but not completely unexpected), but lawyer and new computers were expensive...

Sure, it is cowardly - blame me as I blame myself :)

Re:Why would anyone ever want to run a Tor exit no (1)

allo (1728082) | more than 2 years ago | (#40774469)

blame the system.

Re:Why would anyone ever want to run a Tor exit no (1)

Anonymous Coward | more than 2 years ago | (#40763707)

Luckily not all countries have a judicial system as fucked up beyond all recognition like the US has.

the government will run the exit nodes (1)

circletimessquare (444983) | more than 2 years ago | (#40763953)

they can aid dissidents in China, Syria, Iran, Cuba, etc.

and they can keep an eye on kiddie porn assholes

sound like an exotic weird idea? Tor was started by the government, specifically the US Naval Research Laboratory

heck, i can see the Chinese government running their own exit nodes for keeping an eye on political dissidents

all your Tor is belong to government

Re:the government will run the exit nodes (1)

elucido (870205) | more than 2 years ago | (#40764949)

they can aid dissidents in China, Syria, Iran, Cuba, etc.

and they can keep an eye on kiddie porn assholes

sound like an exotic weird idea? Tor was started by the government, specifically the US Naval Research Laboratory

heck, i can see the Chinese government running their own exit nodes for keeping an eye on political dissidents

all your Tor is belong to government

That might be true but what about all the innocent civilians who think they can run exit nodes too? They all get brutalized by pissed off governments?

Re:the government will run the exit nodes (1)

circletimessquare (444983) | more than 2 years ago | (#40765431)

son, if you are running a Tor exit node, you're not an "innocent civilian" according to any government

benign neglect is what you can hope for in the west. a knock on the door by nice policeman or worse in china or iran

Re:Why would anyone ever want to run a Tor exit no (0)

Anonymous Coward | more than 2 years ago | (#40764547)

I've always assumed the ones running fast exit nodes were the NSA/CIA and their counterparts for various countries.

I use tor to use stuff like facebook and slashdot while at work. Slashdot passwords are not encrypted for nonsubscribers, but I don't really care if the people running exit nodes figure out my Slashdot password.

How do we keep Tor exit node operators safe? (1)

elucido (870205) | more than 2 years ago | (#40764787)

I mean, even if you are paid much more than $100 a month, being legally and financially responsible for the shit that goes on through your server (since you are the EXIT node) could get you sent to jail for life and cost you huge amounts of money. Sounds completely insane for anyone to willingly run such a thing.

Even if you aren't held legally responsible some vigilante types will hold you morally responsible. Once again it's a bad idea to run a Tor exit node. So who exactly is running them and how do they keep themselves safe?

Re:Why would anyone ever want to run a Tor exit no (5, Informative)

SuperQ (431) | more than 2 years ago | (#40765449)

Hi, I help run an exit node. Specifically NoiseTor - http://noisetor.net/ [noisetor.net] Yes, we do get police/FBI/etc calls regularly. Most of the time it takes a few min of explaining what tor is, we have no logs, and there's nothing we can do to help track down where the traffic came from.

It's invaluable to run exit nodes, and the risks are fairly minor.

Re:Why would anyone ever want to run a Tor exit no (3, Interesting)

Anonymous Coward | more than 2 years ago | (#40766621)

How is it that they let you get away with just saying that? Then what stops me from distributing terrorist child porn warez from my home PC and then saying it was a Tor exit node when they call? In fact, they probably would never call me. They would contact my ISP, which would cut me off and tell them my home address and all information about me and then the police would come straight to my house without any warning. Why are they so kind to you?

Re:Why would anyone ever want to run a Tor exit no (1)

flok (24996) | more than 2 years ago | (#40768455)

Fairly minor? Not if you live in the Netherlands where they bring you a visit taking with them all your hardware and never returning it.

Re:Why would anyone ever want to run a Tor exit no (1)

Rich0 (548339) | more than 2 years ago | (#40768877)

I note that your exit node configuration is based on whitelisting specific ports and is not simply open. That probably is greatly reducing the kinds of run-ins you're going to get with the usual suspects - I doubt many people have their bittorrent clients and such set to run on port 80.

Re:Why would anyone ever want to run a Tor exit no (0)

Anonymous Coward | more than 2 years ago | (#40769785)

People who use Bittorrent over Tor deserve all the punishment they get.

Re:Why would anyone ever want to run a Tor exit no (1)

Rich0 (548339) | more than 2 years ago | (#40772849)

What punishment would that be? The only people likely to be punished are the exit node operators (assuming it is being used to transfer content that is not legal to distribute), unless the person running bittorrent has no idea what they're doing. While most bittorrent clients leak information, they can only leak information they have, and only to hosts they can connect to.

Re:Why would anyone ever want to run a Tor exit no (0)

Anonymous Coward | more than 2 years ago | (#40769823)

I run 5 tor nodes in the low Mbps speed range, but I'm not brave enough to allow exit on any of them. I can't afford the legal cost associated with fighting for my rights if a problem comes up.

Legal until you take/make money? (1)

Dareth (47614) | more than 2 years ago | (#40767799)

Is it "legal" until you take/make money to provide the service?

Re:Why would anyone ever want to run a Tor exit no (1)

gilgongo (57446) | more than 2 years ago | (#40768179)

For the last few years, I've run one of the faster exit nodes in the UK. I think I've had two, maybe three, complaint emails forwarded by my ISP in that time. I just send them to my standard boilerplate [62.197.40.155] , CC the ISP, and never hear back.

Bottom line: anyone wanting to do something really nasty won't use Tor - they'll use something much more suitable for their task, like a botnet for one thing.

Re:Why would anyone ever want to run a Tor exit no (1)

zoloto (586738) | more than 2 years ago | (#40768279)

The amount of FUD is amazing in this post and it's modded to +4 Insightful?

What's wrong with people and modpoints lately? This is garbage!

I've been running an exit node FROM MY HOME for the last 3 years with ZERO problems from both police AND my isp.

You sir are talking SHIT.

Re:Why would anyone ever want to run a Tor exit no (0)

Anonymous Coward | more than 2 years ago | (#40769339)

Because clearly, you are everyone on the planet.

Re:Why would anyone ever want to run a Tor exit no (1)

lister king of smeg (2481612) | more than 2 years ago | (#40772873)

um no you ar prtected by safe harbor laws the same reason your isp and the back bone are not liable for your copyright infringement, a tor node is simply a dumb pipe system with a shit ton of encryption and obfuscation.

Not worth it... (0)

Anonymous Coward | more than 2 years ago | (#40763167)

$100 is not worth spending time in jail because your IP address has been recorded going to pirate or porn sites with highly illegal content.

Re:Not worth it... (1)

oakgrove (845019) | more than 2 years ago | (#40763391)

If you're already connected to the tor network anyway, why would you need to go to a regular web page to surf porn or pirated content when you can just make an end to end encrypted connection to any of the multitude of .onion [wikipedia.org] pseudo-domains that serve that particular kind of media and not worry about it?

Re:Not worth it... (1)

betterunixthanunix (980855) | more than 2 years ago | (#40763565)

Sometimes you just want to read an article on Hackaday, but your authoritarian school district blocks any website about hacking...

Re:Not worth it... (1)

oakgrove (845019) | more than 2 years ago | (#40763591)

Very true but that is legal in most jurisdictions and won't compromise the exit node provider. I was more referring to the porn and pirating.

Re:Not worth it... (3, Insightful)

betterunixthanunix (980855) | more than 2 years ago | (#40763859)

Pornography and copying files are not universally illegal either. For the purposes of a high school student, the school's rules basically are the law; circumventing a school firewall to read hackaday is only differentiated from a Saudi Arabian citizen accessing Naughty Nurses 2 by the punishment that offender can receive.

The two goals of Tor are censorship busting and privacy enhancement; why focus on controversial things, when there are so many non-controversial things that people are unable to access?

Re:Not worth it... (1)

oakgrove (845019) | more than 2 years ago | (#40763987)

I think we are having a misunderstanding here. I get what tor is all about. My only point was that anybody whose porn and piracy habits are compromised because they are caught going through an exit node aren't doing it right. That's what the .onion sites are for. Basically, you can surf to your hearts content all the porn and warez you could ever hope to consume and never touch an exit node. As far as checking out hackaday through a firewall or even slashdot, I've done both of those and tor is great for that as well.

Re:Not worth it... (2)

betterunixthanunix (980855) | more than 2 years ago | (#40764083)

OK, sure, but there are a large number of child molester forums that are not hidden services (e.g. the recent "dreamboard" bust), and some people want to access those. It would be great for Tor if the pedophiles would just use hidden services and not put the exit node operators at risk, but that is an unrealistic expectation. Hidden services have always been a somewhat secondary feature for Tor; the primary reason people use Tor is to browse the (not-hidden) web.

freelance (-1)

Anonymous Coward | more than 2 years ago | (#40763185)

as Robin replied I'm surprised that a single mom can make $9107 in 1 month on the internet. did you look at this web page http://zapit.nu/23a

BBG = Broadcast Board of Governors (3, Informative)

Anonymous Coward | more than 2 years ago | (#40763223)

From wiki:
"The Broadcasting Board of Governors (BBG), a bipartisan panel of eight private citizens appointed by the President of the United States and confirmed by the U.S. Senate (the U.S. Secretary of State is an ex officio member of the Board), is the oversight body for official U.S. international broadcasts by both federal agencies and government-funded corporations. In addition to VOA, these include the Office of Cuba Broadcasting (OCB, which includes Radio and TV Marti) and grantee corporations: the Middle East Broadcasting Network (MBN, which includes Radio Sawa and Al Hurra television in Arabic); Radio Farda (in Persian) for Iran; Radio Free Europe / Radio Liberty and Radio Free Asia, which are aimed at the ex-communist states and countries under oppressive regimes in Asia. In recent years, VOA has expanded its television coverage to many areas of the world. This governing body was established in 1993 to replace the Board for International Broadcasters, which was created in 1973 to manage broadcasting companies previously funded by the CIA."

More from Cryptome: http://cryptome.org/2012/07/tor-exits-usg-funds.htm

Re:BBG = Broadcast Board of Governors (2, Interesting)

Anonymous Coward | more than 2 years ago | (#40763309)

VOA = Voice Of America
Essentially the propaganda arm of the US Government wants to fund exit nodes, tread lightly folks.

Re:BBG = Broadcast Board of Governors (1)

Trepidity (597) | more than 2 years ago | (#40763315)

That's pretty interesting. I would've guessed the U.S. government is overall against Tor, as a complication for its law enforcement, and would be more likely to harass it than support it. Either it means that the "good" parts of Tor from the US govt's point of view, its potential usefulness to Iran/Chinese/etc. dissidents, is overriding the "bad' parts, or else it's different branches of the government working at odds (not impossible either).

Re:BBG = Broadcast Board of Governors (2)

betterunixthanunix (980855) | more than 2 years ago | (#40763447)

I would've guessed the U.S. government is overall against Tor

The project was started by the US government, as a way to help covert agents hide their activities.

a complication for its law enforcement,

Only shallow-minded cops think that; cops who actually specialize in investigating criminals over the Internet know better than to leave a police IP address in a server log. To put it another way, if the police are investigating a child sex abuse forum where most of the participants are using proxy servers or Tor, the police need to use Tor as well, or they will be detected before any useful evidence can be gathered.

it's different branches of the government working at odds

I think that is practically guaranteed to be the case.

Re:BBG = Broadcast Board of Governors (2)

oakgrove (845019) | more than 2 years ago | (#40763939)

You bring up a good point about the cops hanging out in pedo forums etc. The way I see it, that's where the real action is for law enforcement. You will never nab the sickos by poaching exit nodes and putting people in jail because some kiddy porn or whatever went through it. That would be stupid as the real criminals are the ones actually consuming and creating that content. The government should be happy that tor exists. It gives them a honeypot where they can do real police work. Go to a pedo forum and blend in. Get people to trust you and get some pics with identifying exif data, or whatever and make a bust. Rinse and repeat. You'd be a fool to go after the exit nodes. It would be like busting your informants. The bottom line is many criminals are stupid and despite using tor they will fuck up. Old fashioned police work does not mean being stupid and taking down the exits. I hope I haven't been unclear.

Re:BBG = Broadcast Board of Governors (1)

Brannoncyll (894648) | more than 2 years ago | (#40766507)

You bring up a good point about the cops hanging out in pedo forums etc. The way I see it, that's where the real action is for law enforcement. You will never nab the sickos by poaching exit nodes and putting people in jail because some kiddy porn or whatever went through it. That would be stupid as the real criminals are the ones actually consuming and creating that content. The government should be happy that tor exists. It gives them a honeypot where they can do real police work. Go to a pedo forum and blend in. Get people to trust you and get some pics with identifying exif data, or whatever and make a bust. Rinse and repeat. You'd be a fool to go after the exit nodes. It would be like busting your informants. The bottom line is many criminals are stupid and despite using tor they will fuck up. Old fashioned police work does not mean being stupid and taking down the exits. I hope I haven't been unclear.

It's true that you will not nab the sickos by poaching exit nodes. However if you make people scared enough that they are afraid to host exit nodes for fear of being thrown in jail for trafficking kiddie porn then the Tor network becomes less usable and the sickos are forced out into the open where it is much easier to find them. This is a much easier strategy than the elaborate tactics you describe.

Re:BBG = Broadcast Board of Governors (1)

oakgrove (845019) | more than 2 years ago | (#40766987)

The government created Tor specifically for dissidents to communicate so they aren't going to try to shut it down. This is a case of idiots down the totem pole not "getting it".

Re:BBG = Broadcast Board of Governors (0)

Anonymous Coward | more than 2 years ago | (#40768227)

You both are assuming the goal of the police is to catch criminals.

Re:BBG = Broadcast Board of Governors (1)

allo (1728082) | more than 2 years ago | (#40774201)

i think you're wrong. on tor the sickos think they're safe, on the open net you will not find any sites of them, because they're well hidden. There they are much more paranoid as on the "safe" network tor.

Money Maker (1)

Anonymous Coward | more than 2 years ago | (#40763231)

I am sure the NSA would love to run an exit node or two since they will be facing some looming funding cuts soon. In this soft economy, a gals gotta make a buck...

It doubles the speed at which the FBI notices you (4, Interesting)

crazyjj (2598719) | more than 2 years ago | (#40763233)

This new version also features 2-3 times more harassment [wikipedia.org] from the government.

Re:It doubles the speed at which the FBI notices y (3, Interesting)

Chrisq (894406) | more than 2 years ago | (#40763307)

This new version also features 2-3 times more harassment [wikipedia.org] from the government.

Or maybe the government will be providing the exit nodes (via proxy companies). I am sure that the ability to add delays at exit would aid traffic identification [wikipedia.org]

Re:It doubles the speed at which the FBI notices y (1)

oakgrove (845019) | more than 2 years ago | (#40763821)

Reading your link I see it's mostly talking about sending personally identifying information unencrypted through the network that just gets sniffed when it leaves the exit node. Torrenting through tor is really dumb since many torrenting programs send your ip address to the tracker unencrypted, so duh, the exit node sniffers get that and if you send other traffic through the same node, then, yes, that other traffic can easily be linked to you. The other issue is in your link is pretty much the same thing. If you log in to your email or whatever through tor and those credentials aren't going through https then, again, yes you will have those credentials stolen. It's the same problem with doing that sitting in Starbucks and using the wi-fi. Of course, tor has been warning people over and over and over not to use bittorrent through tor as it is an insecure protocol by design. The bittorrent creators will tell you that. It is just incidental that people use torrents to trade infringing media. To sum it up, Newsflash: don't torrent through tor as your ip address will show up to the exit node. Newsflash #2: don't send your login credentials through the onion because if an attacker can link those to your real identity, they can link other things going through the same exit node to your real identity which depending on what you're using tor for can be a real problem.

Re:It doubles the speed at which the FBI notices y (1)

twotailakitsune (1229480) | more than 2 years ago | (#40765605)

To help Chrisq (894406) out, here is a cite:

Ryan Pries, Wei Yu, Xinwen Fu, and Wei Zhao, “A New Replay Attack against Tor Anonymous Communication Network", in Proc. of IEEE International Conference on Communications (ICC) (Best Paper Award of Information and Network Security Symposium), May 2008.

Re:It doubles the speed at which the FBI notices y (1)

allisia (2694413) | more than 2 years ago | (#40784815)

flying cars good for go holyday in Thailand..haha..this is fantastic car i think...good idea! thank you! Thailand [squidoo.com]

Go directly to jail (4, Funny)

Revotron (1115029) | more than 2 years ago | (#40763325)

Do not pass go. Collect $100.

Cloud services (1)

Anonymous Coward | more than 2 years ago | (#40763379)

Couldn't they take that $100 and use it to host exit nodes at various cloud hosting facilities around the world? That would take out some of the liability since only the Tor Project or their sponsors would be on the hook (and they already are for paying the $100)

Re:Cloud services (1)

Revotron (1115029) | more than 2 years ago | (#40763479)

But that means they would be legally responsible when the authorities show up asking questions. The idea here is to pawn legal responsibility off on other people, who will then have to fight to stay out of Federal PMITA prison for being an accessory, or harboring, or whatever charges the DA's dart happens to land on that day.

Re:Cloud services (0)

Anonymous Coward | more than 2 years ago | (#40763583)

I guess you set up a small "webhost" type company that then rents a few dedicated servers from you, and then that company sells the servers as tor nodes. When the feds come knocking, you claim network neutrality and say you never interfere with what your clients do with their servers, but thank you for the DMCA takedown and you'll deal with it appropriately.

then you set up another little company that rents the servers from you and repeat. If the feds ever ask who was renting the servers, and eventually get a court order for you to release the info, they find the sub company gave you false information on their identity.

Or you just run the servers in a country with good network connectivity and no incestuous relationship with the USA.

Re:Cloud services (0)

Anonymous Coward | more than 2 years ago | (#40774211)

mod parent up

Bandwidth costs $100/mo (1)

mveloso (325617) | more than 2 years ago | (#40763539)

$100 won't get you a lot of bandwidth. What they need to do is buy fios for a whole lot of people and pay for it with the $100 - sort of like FoN. That'll make the number of exit nodes large enough that it'll be hard to monitor all the nodes.

40-50 preferred exit nodes means that someone sneaky can look at around 2% of the TOR traffic at any given time. As the intercepts in the past have shown, you can get a lot of interesting stuff from that 2%. They need to grow that pool tremendously...and paying for people's connection & bandwidth is the easiest way.

Is there a TOR dd-wrt port? They could provide that (or a pogoplug, etc) with the connection, and monitor the node so if the node goes offline the payments stop.

Re:Bandwidth costs $100/mo (0)

Anonymous Coward | more than 2 years ago | (#40763619)

If you end up having 30% of your exit nodes shifting to FIOS, couldn't it be argued that Verizon could reconstruct a good amount of the packets one their way out of the Tor exit nodes (which still on Verizon's network)?

Re:Bandwidth costs $100/mo (1)

twotailakitsune (1229480) | more than 2 years ago | (#40765365)

The way Nodes are picked tries to prevent that. IP address that are to close to each other (without looking it up I would say 2 octects), or IP address that are from the same area can't be used together.

Fast exit nodes ? hum ? (1)

treuf (99331) | more than 2 years ago | (#40763729)

Don't worry, most of the fast exit nodes are for sure owned by the intelligence services.
(at least, they know what's being discussed, even if they don't have the origin)

As for fast exit nodes, one can get some boxes for cheap from OVH all around the world (they are opening in Canada soon) for example : http://www.ovh.co.uk/dedicated_servers/ [ovh.co.uk]
(low end dedicated boxes in France start at about 40 USD for 100Mb/s)

TOR has become faster lately? (1)

kheldan (1460303) | more than 2 years ago | (#40764777)

Here's one idea why this may be: Perhaps some governments are operating faster TOR nodes, knowing that they will attract a larger percentage of TOR users, hoping they can catch more of their own citizens that they want to arrest.

Good idea. (1)

twotailakitsune (1229480) | more than 2 years ago | (#40765281)

Right now most of the evil exit nodes would be people who have evil use for the data. They are willing to put out more money and have more money for making them faster (Evil governments, Org Crime, Ad companies). So right now, getting a faster connection could be a bad thing. This would help even the playing field a little.

Sill, they need to do a lot more. With the tor network you don't need to control any nodes if you have control of a few routers along the way (Governments). Look up: Wei Yu. Replay Attack still make it easy to know who sent information to who. If it is not End-to-End tor, they know what you send too.

Next up (1)

BigSlowTarget (325940) | more than 2 years ago | (#40765865)

Tor: now featuring exit nodes that wrap advertising around your browsing.

Would that cover fees? (1)

Anonymous Coward | more than 2 years ago | (#40765969)

Would 100 a month cover fees to:

    1) incorporate
    2) rent the cheapest local colo I could find in a shared cabinet
(years ago I used to know one for 35 a month, but that was a sweetheart deal)
    3) Properly have an accountant file the paperwork/taxes
    4) Pay myself $1 / month?

I'll donate a computer and hardware and maintain it. Might not be high end, but it'll have a gigE nic and whatever the colo will give me bandwidth wise.

System will be running a locked down, patched BSD jail with a firewall banning outbound access to SMTP/submission and probably nothing else.

I don't have much experience with the incorporation -- but as long as I could separate that node from my personnage and home, I'd be more than happy to do it.

The real thing is--I don't particularly want to be woken up at 0500 with people in baklavas and select-fire M4s teargassing my home... I don't want to deal with the fact that a court order might force me to decrypt my local linux system's hard drive.

It's the sad truth. I want to support this. I don't mind some reasonable and expected issues with ISPs... or the colo. Or the sysadmin/patching/maint side that comes with the territory, and isn't as easy as it should be.

But getting raided, thrown in the floor, having my dog shot, the kids panic, and all personal posessions confiscated while the FBI colludes to drive me out of business when they take six months to a year to search without returning my business materials...ever...

That's the problem.

What they really need to make is an 'exit node package'. Paperwork to incorporate, a list of friendly providers and ISPs, and a lawyer's phone number for use when something eventually hits the fan--be it feds, or you get lawyered by some asshole looking for someone to sue because a 4channer rickrolled their website.

For extra bonus, the EFF should get support of JAG or whatever naval lawyers are called onboard in advance -- US intel originally helped support the development. I'd like *them* on my side with the EFF running a node. The spooks can't have their untraceable spycomm system unless they have an onion to hide in.

CAPTCHA: fright.

So true

Pay for faster speeds? (1)

qemqemqem (2670007) | more than 2 years ago | (#40768643)

Would it be technically possible to have a system where people pay to get faster speeds on the Tor network? I would do that.

Those fastest nodes... (1)

GameboyRMH (1153867) | more than 2 years ago | (#40770135)

The ones that a huge fraction of all the traffic is going through? Those are the ones most likely to be sniffing traffic and doing MITMs.

Tor discussion forums! (0)

Anonymous Coward | more than 2 years ago | (#40783955)

We need an official Tor discussion forum.

        I didn't see this issue mentioned in Roger's *latest* notes post, so for now, mature adults should visit and post at one or both of these unofficial tor discussion forums, these tinyurl's will take you to:

        ** HackBB:
        http://www.tinyurl.com/hackbbonion [tinyurl.com]

        ** Onion Forum 2.0
        http://www.tinyurl.com/onionforum2 [tinyurl.com]

        Each tinyurl link will take you to a hidden service discussion forum. Tor is required to visit these links, even though they appear to be on the open web, they will lead you to .onion sites.

        I know the Tor developers can do better, but how many years are we to wait?

        Caution: some topics may be disturbing. You should be eighteen years or older. I recommend you disable images in your browser when viewing these two forums[1] and only enabling them if you are posting a message, but still be careful! Disable javascript and cookies, too.

        If you prefer to visit the hidden services directly, bypassing the tinyurl service:

        HackBB: (directly)
        http://clsvtzwzdgzkjda7.onion/ [clsvtzwzdgzkjda7.onion]

        Onion Forum 2.0: (directly)
        http://65bgvta7yos3sce5.onion/ [65bgvta7yos3sce5.onion]

        The tinyurl links are provided as a simple means of memorizing the hidden services via a link shortening service (tinyurl.com).

        [1]: Because any content can be posted! Think 4chan, for example. onionforum2 doesn't appear to be heavily moderated so be aware and take precautions.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>