ul
Tilo Chopin
When I saw the coverage of the hidden services study that was presented at CCC today, I was reminded of the media fallout from that old study from the 1990s that "proved" that a ridiculously high fraction of the internet was pornography...by looking at Usenet*, and by counting newsgroups and bytes. (You might remember it; it was the basis of the delightful TIME Magazine "Cyberporn" cover.)
The 1990s researcher wasn't lying outright, but he and the press *were* conflating one question: "What fraction of Usenet groups are 'alt.sex' or 'alt.binaries' (file posting) groups" with two others: "What fraction of internet traffic is porn?" and "What fraction of internet-user hours are spent on porn?"
The presentation today focused on data about hidden service types and usage. Predictably, given the results from Biryukov, Pustogarov, Thill, and Weinmann, the researcher found that hidden services related to child abuse are only a small fraction of the total number of hidden service addresses on the network. And because of the way that hidden services work, traffic does not go through hidden service directories, but instead through rendezvous points (randomly chosen Tor nodes): so no relay that knows the hidden service's address will learn the actual amount of traffic transmitted. But, as previously documented, abusive services represent a disproportionate fraction of usage... if you're measuring usage with hidden service directory requests.
First, some background. Basically, a Tor client makes a hidden service directory request the first time it visits a hidden service that it has not been to in a while. (If you spend hours at one hidden service, you make about 1 hidden service directory request. But if you spend 1 second each at 100 hidden services, you make about 100 requests.) Therefore, obsessive users who visit many sites in a session account for many more of the requests that this study measures than users who visit a smaller number of sites with equal frequency.
There are other confounding factors as well. Due to bugs in older Tor implementations, a hidden service that is unreliable (or completely unavailable) will get many, many more hidden service directory requests than a reliable one. So if any abuse sites are unusually unreliable, we'd expect their users to create a disproportionately large number of hidden service directory requests.
Also, a very large number of hidden service directory requests are probably not made by humans! See bug 13287: We don't know what's up with that. Could this be caused by some kind of anti-abuse organization running an automated scanning tool?
In any case, a methodology that looks primarily at hidden service directory requests will over-rate services that are frequently accessed from a Tor client that hasn't been there recently, and under-rate services that are used via tor2web, and so on. It also depends a lot on how hidden services are configured, how frequently Tor hidden service directories go up and down, and what times of day they change introduction points in comparison to what time of day their users tend to be awake.
But suppose that the average cigar purchaser visits only one or two sites to make purchases, and the average chat user joins one or two networks, whereas the average conspiracy theorist needs to visit several dozen forums and wikis.
Suppose also that the average Cuban cigar purchaser makes about two purchases a month, the average chat user logs in once a day, and the average conspiracy theorist spends 3 hours a day crawling the hidden web.
In this analysis, even though there are far more people buying cigars, users who use it for obsessive behavior that spans multiple unreliable hidden services will be far overrepresented in the count of hidden service directory requests than users who use it for activities done less frequently and across fewer services. So any comparison of hidden service directory request counts will say more about the behavioral differences of different types of users than about their relative numbers, or the amount of traffic they generated.
In conclusion, let's spend a minute talking about freedom and philosophy. Any system that provides security on the Internet will inevitably see some use by bad people that we'd rather not help at all. After all, cars are used for getaways, and window shades conceal all kinds of criminality. The only way to make a privacy tool that nobody abuses is to make it so weak that people aren't willing to touch it, or so unusable that nobody can figure it out.
Up till now, many of the early adopters for Tor hidden services have been folks for whom the risk/effort calculations have been quite extreme, since--as I'd certainly acknowledge--the system isn't terribly usable for the average person as it stands. Roger noted earlier that hidden services amount to less than 2% of our total traffic today. Given their privacy potential, I think that's not even close to enough. We've got to work over the next year or more to develop hidden services to the point where their positive impact is felt by the average netizen, whether they're publishing a personal blog for their friends, using a novel communications protocol more secure than email, or reading a news article based on information that a journalist received through an anonymous submission system. Otherwise, they'll remain a target for every kind of speculation, and every misunderstanding about them will lead people to conclude the worst about privacy online. Come lend a hand?
(Also, no offense to Andy on this: he is a fine tech reporter and apparently a fine person. And no offense to Dr. Owen, who explained his results a lot more carefully than they have been re-explained elsewhere. Now please forgive me, I'm off to write some more software and get some sleep. Please direct all media inquiries to the email of "press at torproject dot org".)
I thoroughly agree that an increased adoption of hidden services (though I very much dislike that term) is a key goal. It would provide both validation and increase diversity, which are valuable attributes. Given the recent expansion of the tor user base and network, that seems like a very achievable goal for the coming year.
PS: I think that a rebranding of "hidden services" may be a good idea too. May I suggest: tor service, tor site, tor website, tor web service, onion site, onion site service, and Tor Onion Site Service (TOSS). I prefer the last, as you can use free software at the site to have a FLOSS TOSS. :)
PPS: Happy new year to the tor community.
why is the tor project conflating this researcher with someone else who misinterpreted the data, if you watch his talk he was very clear what the figures meant. attempting to discredit someone who was honest - c'mon nick you're better than that.
Many non-technical citizens around the world are, I suspect, anxious to run Tor nodes. But the barriers for individuals with limited knowledge and resources always seem to be much too high. Can we try to work to change this situation?
1. Is it a bad idea for someone with no experience setting up or operating a publicly accessible server to try to configure and run a server (running Debian stable on an old PC) dedicated as a slow Tor node? Does updated Debian stable avoid the worst problems with TLS "out of the box", or is further knowledge and effort essential?
3. How much can an inexperienced operator do with little or no interaction with untrusted ISP staff? Does it matter much for a slow bridge node if the connection is residential class? Dynamic IP (but effectively unchanging for weeks or months)?
4. Would a SOHO router automatically take care of NAT? Is it too dangerous (to the operator? to users?) to try to put a Tor bridge behind a cheap SOHO router which one must assume (yes?) is shell-shocked or heart-bled or poodled?
5. Any advice on simple IDS or monitoring packages (nagios? arm? tripwire?) from Debian repositories which would be appropriate for modest attempts to secure a server configured as dedicated Tor node? Is it much easier if one anticipates monitoring from the console rather than using ssh? If one wants to try to maintain a healthy server, how important is it to either install X or not?
6. Is there a simple way for non technical individuals to use Tor Browser Bundle to make a useful dedicated Tor bridge running Debian stable behind a SOHO router on a residential connection? If so, what is the simple trick?
One problem with available documentation is that such tutorials as exist are mostly undated, but we all know that what seemed like a good idea 12 months ago might seem like a bad idea today. Another is that almost all tutorials assume the reader has prior experience operating servers. Educating inexperienced volunteers could be expensive in staff time and effort but could pay off in the long by increasing the number of volunteers with the minimal necessary skills.
Most useful would be a step by step RECENT tutorial for setting up a small slow Tor bridge which you think would work and be useful to some Tor users. Would it be absurd to argue that even if each one only works for a month before being discovered, if many people know how to set up a small slow Tor bridge from their residences, the bandwidth might add up to something useful to people trying to break through national firewalls?
Do you know Louise Mensch (look up her Twitter account)? She is very keen on slandering Tor as a tool that fosters child abuse. I am not a lawyer but some of Louise Mensch's statements seem to be libel in a legal sense. Is there a way to stop her? It is so obvious that Louise Mensch is an anti-privacy extremist. She abuses child pornography as a pretext for her total surveillance ideology.
The problem is that she slanders and libels Tor and the Tor Community being active supporters of child abuse. Freedom doesn't include the freedom to libel and slander other people with lies and wrong accusations.
It is clear that Louise Mensch's agenda aims to discredit and demonize Tor and every one involved in its community. She is an extremist because she doesn't respect privacy, anonymity and freedom of innocent people around the world. She wants innocent people to give up their natural human rights. So, she isn't moderate in her political positions. That's why she can be called an extremist who supports total surveillance.
795a8134c1