This Onion, It Smells: Inherent Hazards of the Tor Network

This week Pando Daily's Yasha Levine wrote a follow up to a post from this summer where Yasha documented many of the numerous and transparent connections between the Tor developers and the United States Government.  Nothing Yasha wrote in the original piece is particularly controversial, nearly all of it comes from public records, but still Yasha was able to write a follow up on all of the venom Yasha received from fans of Tor without any actual refutations of her points. The simple fact of the matter is that Tor was born of the needs of the United States Government's intelligence community, and continued funding to keep the main Tor developers fed, clothed, and sheltered largely comes from the coffers of those interests.

One constant in the world of the civilian use of Tor is that problems constantly emerge leading to all kinds of problems. Dan Egerstad who ran a Tor exit node and did little more than monitor plaintext returning to the normal Internet was arrested by Swedish Intelligence officials, because he happened to log diplomatic transmissions. Then there's the recurrence of vulnerabilities in the Tor browser bundle and the Tor oriented Tails Linux distribution. And still further there's the part where Tor nodes get to diddle all kinds of things that pass through them.

This is not to suggest that Tor was intentionally designed to pwn the individual user, but that Tor exists as a tool for a single actor of State scale to use with impunity. Tor however is more useful to the State actor holding the reigns if on the network there are also a stable population of mischief makers and dissidents. This isn't all that unlike the old Bohemian1 neighborhoods from the spy stories a la James Bond et al, where a certain amount of leeway was offered to rogues of various stripes with the caveat that at some future point the hammer could come down.

A Tor that actually delivered on the promises offered by the Tor foundation could be an actual great boon for the Internet and privacy. What the Tor foundation offers instead are apologia on why Tor hidden services don't really work, and you get the situation where multiple parties control the private keys for hidden services .onion addresses. You get attacks that leverage the peculiarities of Tor to adversely affect other services when they run over the Tor network.

One really peculiar thing about Tor as a service for promoting privacy and anonymity is that the Tor developers retain the ability to ban "misbehaving" nodes. The fact that a node can be banned ad hoc on a decentralized network, speaks to an actual effective centralization. Where in some other hypothetical network a fork might occur and consensus may be established to reunite the networks, the Tor developers are positioned to actively decide fork outcomes.2 Yes, diddling other people's traffic is malicious. The actual solution to the problem though is not retain the power to ban actors who do so. Actual solutions are either to preclude the possibility of tampering  or to advertise the possibility that traffic can be tampered with and how so that users can make informed risk calculations.

Educated users can make decisions that allow them to layer precautions. It's the alleged difference between Ulbrich arrested in 2013 who could conceivably walk from his charges if not for parallel construction and Blake Benthall who seems to lack the room for any credible defense in a court room. Still, Ulbricht appears to have lost his game of Judge roulette, and whatever broken promise in Tor lead him to handcuffs until another, still harder target for prosecution finds themselves in front of a more sympathetic judge who compels the United States Department of Justice to show its cards. Alternately at that point they may let the defendant walk in order to protect their own activities from similar discovery.

Everything about Tor and its history should scream to the inquiring reader as loudly as it does to Yasha Levine that Tor is far an unencumbered gift offered to civilian users. Perhaps for one of the Tor foundation's recommended scenarios, that of dissidents in a regime hostile to the United States seeking to maintain contact across the wire, Tor might work as part of a multi-layered solution. Otherwise anyone considering stepping in to Tor ought to consider that all evidence points towards the Tor network having an "owner" even if not everyone who passes through there gets bitten.

  1. But not actually Czech  

  2. This is in contrast to Bitcoin's form of decentralization where while nodes may operate on rules that are discordant, it takes events outside of the control of erstwhile "Bitcoin developers" to actually force a fork, much less ban any particular node.  

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>