Jump to content

Talk:Tor (network): Difference between revisions

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
Content deleted Content added
Line 146: Line 146:


I added a section related to the past decade of law enforcement agencies using a variety of technologies to deanonymize Tor. Recently 2019 and forward there has been some new form a attack that does not use a NIT, and has some greater than 50% reliablity. The law enforcement agencies only appear to be able to deanonymize a few IP addresses per day, so whatever the method, it's computationally intensive. I digress.....the point is, I added a section, but don't think it's necessarily in the correct place. It could be broken down by year in the '''Reception, impact, and legislation''' section, which doesn't seem to be the right title for the by-year section. We mention a government attack early on in the '''Firefox/Tor browser attack''' section, OR we have an entire section of attacks in '''weaknesses'''. It seems like we have different attacks and vulnerabilities scattered all over the place. Is this best? I'm opening the floor for a lengthy debate, since the organization seems a tad haphazard if the goal was to read the article and understand the history of vulnerabilities and attacks etc. [[User:PaladinOfDaedalus|eximo]] ([[User talk:PaladinOfDaedalus|talk]]) 00:32, 2 March 2024 (UTC)
I added a section related to the past decade of law enforcement agencies using a variety of technologies to deanonymize Tor. Recently 2019 and forward there has been some new form a attack that does not use a NIT, and has some greater than 50% reliablity. The law enforcement agencies only appear to be able to deanonymize a few IP addresses per day, so whatever the method, it's computationally intensive. I digress.....the point is, I added a section, but don't think it's necessarily in the correct place. It could be broken down by year in the '''Reception, impact, and legislation''' section, which doesn't seem to be the right title for the by-year section. We mention a government attack early on in the '''Firefox/Tor browser attack''' section, OR we have an entire section of attacks in '''weaknesses'''. It seems like we have different attacks and vulnerabilities scattered all over the place. Is this best? I'm opening the floor for a lengthy debate, since the organization seems a tad haphazard if the goal was to read the article and understand the history of vulnerabilities and attacks etc. [[User:PaladinOfDaedalus|eximo]] ([[User talk:PaladinOfDaedalus|talk]]) 00:32, 2 March 2024 (UTC)

:I deleted this section for now, for [[WP:OR]] and [[WP:PRIMARY]]. These attacks should likely be discussed where we have reliable information on them, but we can't rely on primary evidence like court documents, and we definitely can't conjecture on the nature of them using research papers. Speaking as a domain expert, I doubt that any of these attacks performed by law enforcement are related to that particular research. Website fingerprinting does not directly allow for IP deanonymization, it merely allows identifying the nature (or really, class in a classifier) of particular traffic; i.e., it would at best allow the attacker to know when and which site was being accessed, but when executed on a middle relay, it would not leak who was accessing it or where the site is hosted. There's a much larger body of research on doing these attacks from one of ends of the circuit (e.g., a guard relay or client ISP), but I've never heard of law enforcement using them (for many reasons too off topic to go into here).
:As to the more general discussion, the rule of thumb I think this page should use is:''' Do we have a reliable, non-primary source that the attack was performed on real, non-consenting Tor users, or did the attack affect the design or implementation of Tor in some way that affects how Tor itself is described in the rest of the article?''' If the answer to both of those questions is no, it's either not reliable or not notable enough to warrant discussion on the main Tor article.
:There are some changes I'd like to see made related to this, like moving "weaknesses" into the "operation" section and pared down to just the things that impact Tor's design, and restructuring the "Reception, impact, and legislation" section from a timeline into cleaner subsections on "attacks", "censorship", "awards", etc.. The article as a whole currently feels like a kludge of random facts (or "facts") that felt relevant when they were written, but haven't aged well. Ideally, the article should be something that someone can read though the article and come away understanding what Tor is, who uses it, why, and what its limitations are. [[User:Tga.D|Tga]] ([[User talk:Tga.D|talk]]) 05:34, 2 March 2024 (UTC)

Revision as of 05:34, 2 March 2024

Wiki Education Foundation-supported course assignment

This article is or was the subject of a Wiki Education Foundation-supported course assignment. Further details are available on the course page. Student editor(s): Atticusbixby.

Above undated message substituted from Template:Dashboard.wikiedu.org assignment by PrimeBOT (talk) 11:31, 17 January 2022 (UTC)[reply]

Partial impartiality

"An extract of a Top Secret appraisal by the National Security Agency (NSA) characterized Tor as "the King of high secure, low latency Internet anonymity" with "no contenders for the throne in waiting"."

"As of 2012, 80% of The Tor Project's $2M annual budget came from the United States government,"

hahaha. oh dear. — Preceding unsigned comment added by 220.233.16.6 (talk) 08:12, 7 October 2014

Hello,

I'm definitely late with my response, but I'm adding this comment for posterity, as this isn't the first time I've read something like this.

Sponsors are publicly listed: https://www.torproject.org/about/sponsors/

Here is an excerpt from the text of this page:

The variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected.

If you develop something especially for "covert" operations, it will be quickly fingerprinted and attributed to that group. What they need is repudiation, so it makes sense that the more users have access to that tool, the easier it is to blend in. The same argument can be made for Ghidra (originally developed by the NSA) or even SELinux. I do remember reading about this somewhere, but can't figure out where at the moment.

Anything can devolve into conspiracy territory, but at some point in the (digital) world someone has to be trusted, there is no other way around it. Personally, while nothing is perfect, I trust the Tor Project and what they are doing.

Kind regards,

IrrationalBeing (talk) 20:03, 20 April 2022 (UTC)[reply]

Requested move 26 May 2021

The following is a closed discussion of a requested move. Please do not modify it. Subsequent comments should be made in a new section on the talk page. Editors desiring to contest the closing decision should consider a move review after discussing it on the closer's talk page. No further edits should be made to this discussion.

The result of the move request was: Moved (non-admin closure) (t · c) buidhe 15:50, 2 June 2021 (UTC)[reply]



Tor (anonymity network)Tor (network) – simpler disambiguation term Deku-shrub (talk) 22:01, 25 May 2021 (UTC)[reply]

This is a contested technical request (permalink). Anthony Appleyard (talk) 14:47, 26 May 2021 (UTC)[reply]
I took another look and I am not even sure that "tor" article passes WP:GNG to be a stand alone article. I started a merge discussion at Talk:Tor_(rock_formation)#Requested_move_31_May_2021. Blue Rasberry (talk) 13:45, 31 May 2021 (UTC)[reply]
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

First the trivial: As of this day, link [41] (Cox, Joseph (1 February 2016). "Study Claims Dark Web Sites Are Most Commonly Used for Crimes". Retrieved 20 March 2016.) referring to the graph to Tor usage is broken, and thus the traffic statistics presented are called into question.

So far as I can tell, there are now numerous claims being made about the utility and cost of ToR. One of the best papers I've seen that isn't cited yet is a 2020 work by Jardine et al: The potential harms of the Tor anonymity network cluster disproportionately in free countries; Eric Jardine, Andrew M. Lindner, Gareth Owenson; Proceedings of the National Academy of Sciences Dec 2020, 117 (50) 31716-31721; DOI: 10.1073/pnas.2011893117

On the other hand, there is a well known quote from a blog from the CEO of Cloudflare indicating that some 94% of requests they were seeing in 2016 was malware. See https://blog.cloudflare.com/the-trouble-with-tor/. That quote is a bit long in the tooth as well.

These claims are not completely out of alignment with one another, because of the methodologies used. The Jardine work in particular compares in network versus out of network access, while of course Cloudflare is looking only at its clear site access.

My suggestion is that the controversy over benefits versus drawbacks be called out in a bit more articulate fashion, a'la "here are purported benefits... here are purported risks..." That would also more clearly demonstrate balance to the reader. Pigdog234 (talk) 09:54, 31 May 2021 (UTC)[reply]

Why there was no info of Onionoo API in the article!?

This needs to be investigated. Wikipedia is seriously abusing this API, and I suppose even logs ips, considering somehow only less protected ips are blocked by real people, and others are just blocked by Tor Block extension of wikimedia engine on github. I will propose to stop Onionoo to Tor Project. Valery Zapolodov (talk) 18:05, 6 June 2021 (UTC)[reply]

Tor Project doesn't make a habit of reading the Tor Wikipedia page, much less the talk, and this isn't the place to discuss it. Opinions on policy decisions, unless part of a public debate between notable parties with verifiable secondary sources, doesn't have any place in a Wikipedia article, nor in the talk page. As for mentioning the existence of the API in the article, I suppose there's no real reason not to, but there also hasn't been a compelling reason for it, since it's just an API for information that can mostly be gotten elsewhere―most notably, the public consensus files (Tor clients wouldn't be able to choose their circuits if there wasn't a publicly available consensus; there's research into reducing the fraction of the network that an individual client must know, for performance reasons, but there's no way to prevent enumeration―particularly when there's only a thousand or so exit relays at any given time anyway, which is what sites like Wikipedia care about for blocking). --Tga (talk) 19:26, 6 June 2021 (UTC)[reply]
You did not age well, we now have Snowflake, so anyone will be able to be an exit node, even mobile, and consensus is now more vague, P2P style. The fact that Onionoo can see both relays and exit nodes and reading phabricator of wikipedia https://phabricator.wikimedia.org/T49626 you can turn off relays (which you did), since those are not what your AS sees when one accesses Wikipedia. This is disgusting behavioir from Wikimedia foundation and we all certainly will do anything so that even humans will not be able to enumerate Tor. Now that we see Cloudflare and even Google search abusing it, we finally can vote to turn that thing off. Valery Zapolodov (talk) 05:28, 18 September 2022 (UTC)[reply]
Snowflakes aren't exits, they're actually not even relays (they're proxies to a couple designated bridges, so someone connecting to a website via the Snowflake PT connects to their ISP->snowflake proxy->snowflake Tor bridge->middle Tor relay->exit Tor relay). The same amount of information is available as has always been, there's just now a larger pool of bridge IPs from Snowflake proxy volunteers. Bridge IPs, so the IP addresses of the first hop used for censorship circumvention, have always been secret, other than the default bridges that ship with Tor Browser.
Again, if you have problems with how some organizations operate, a Wikipedia article talk page is not the place to discuss those issues, though before discussing such issues in more appropriate forums, it might be worthwhile spending some time reading the documentation to understand the underlying technology first (you can read more at the snowflake docs, the Tor manual, and the tor spec). -- Tga (talk) 04:04, 19 September 2022 (UTC)[reply]

Merger proposal

The following discussion is closed. Please do not modify it. Subsequent comments should be made in a new section. A summary of the conclusions reached follows.
Not merged. czar 02:41, 10 September 2021 (UTC)[reply]

Formal request has been received to merge: Tor Phone into Tor (network); dated: August 2021. Proposer's Rationale: Tor Browser is already merged there, and Tor Phone isn't relevant enough to have another article. Also it(tor phone) has lots of [unneccessary text](https://en.wikipedia.org/w/index.php?title=Tor_Phone&action=history) --Greatder Discuss here. GenQuest "scribble" 14:41, 19 August 2021 (UTC)[reply]
I oppose combining the articles. If anything, a new Tor Browser article should be spun off from Tor_(network)#Implementations. Tor Phone should be added to the list of tools at The_Tor_Project#Tools; note Orbot there also has its own article, which needs improvement. Spending some time on those would be more useful. -- ~~~~ Yae4 (talk) 11:56, 19 August 2021 (UTC)[reply]
I have added all the important text of Tor Phone in Tor_project#tools. I didn't the related projects, what libraries it uses, or any guide on what people can use other than this. --Greatder (talk) 05:30, 20 August 2021 (UTC)[reply]
Noting your link called "Tor_project#tools" is actually a redirect to this page, Tor (network). That is confusing at best, or misleading at worst. -- Yae4 (talk) 13:24, 20 August 2021 (UTC)[reply]
@Bluerasberry: What does age of the information have to do with article improvement? This isn't wikinews. --Greatder (talk) 07:11, 21 August 2021 (UTC)[reply]
@Greatder: It is relevant because large organizations with long histories and which go through huge sums of money have many dead projects, and adding lots of text about them to the main organization page does not help anyone understand the organization today. Blue Rasberry (talk) 13:51, 21 August 2021 (UTC)[reply]
  • Oppose - Per Blue Rasberry. Nom's rationale in unconvincing. - Aoidh (talk) 13:15, 20 August 2021 (UTC)[reply]
  •  Comment:: First of all shouldn't this merge request be closed by now? Second, even adding a line referencing the project isn't allowed anymore? [1] --Greatder (talk) 10:21, 26 August 2021 (UTC)[reply]
    Objections to the sentence, and where placed: Tor Phone is not "a tor focused" mobile ROM or operating system, so the sentence was mis-placed, and is basically nonsense. Also, what source describes the Tor Phone project as "attempted" or "abandoned"? So the language is biased. -- Yae4 (talk) 19:25, 26 August 2021 (UTC)[reply]
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

About Tor's acronym

Saw this reverted edit: https://en.wikipedia.org/w/index.php?title=Tor_(network)&diff=1092140671&oldid=1092139313

About this--back in the day, pre-2015 I believe, Tor was written as TOR and did stand for "The Onion Router". Today, it is spelled "Tor", but the acronym is still valid. M4sugared (talk) 22:30, 10 June 2022 (UTC)[reply]

Tor was never written as TOR, even though it did come from "the onion router". You can see a greatly abridged version on the Tor FAQ, and can check the original paper to confirm the capitalization has always been that way. My interpretation, even though it slightly differs from the wording in the FAQ, is that Tor is and always has been a name, not an acronym, and that "the onion router" is just the etymology of that name, not what Tor stands for. E.g., if you were at an academic conference today, and you said "the onion router", people would probably have the same reaction as mentioned in the FAQ (which onion router?), but would understand Tor as a proper noun perfectly fine. Tga (talk) 23:35, 10 June 2022 (UTC)[reply]
Regardless of how the Tor team officially spelled it, it was called TOR at some point in time by some people as the Tor Project posted a notice suggesting that users say "Tor" versus TOR.
https://www.facebook.com/TorProject/posts/10160801361629951
Either way, I'll look into how valid Tor standing for The Onion Router is, but based on some reading and what you noted, it seems the acronym has failed out of use. Perhaps it should be removed from the introduction of the article and moved to the history section. M4sugared (talk) 00:34, 11 June 2022 (UTC)[reply]
@M4sugared: In this paper by Paul Syverson (page 7 on the PDF, page 129 on the paper) there's an entire section describing how the word "Tor" came about; emphasizing that it's neither an acronym nor is it ever spelled "TOR". It's worth noting that Syverson is a primary source as he invented onion routing. Flycatchr 10:33, 11 June 2022 (UTC)[reply]
To provide a bit of additional context to the cited Facebook post: The FAQ entry I linked has included "In fact, we can usually spot people who haven't read any of our website (and have instead learned everything they know about Tor from news articles) by the fact that they spell it wrong" since at least 2011. Nothing fell out of use, there's just been a common mistake over the years, one that the Tor Project has consistently tried to correct. Tga (talk) 16:46, 11 June 2022 (UTC)[reply]
IMO The article should explain the naming history some more, based on what "reliable" sources can be found. The lead should give one or two more "popular" uses of "Tor" (also known as). Tor is sometimes known as The Onion Router, sometimes The Onion Routing network, or apparently not as popular: Tor's onion routing. I don't think there is a one and only "correct" definition, so what "reliable" sources can be found should be followed (for wikipedia), and statements attributed to the authors.
  • "Reliable" sources (i.e. popular usage) wins at wikipedia, IIUC.
  • Facebook is an unreliable source WP:RSPFACEBOOK.
  • Current usage of the terms is inconsistent by arguably reliable, independent sources,[2] and at places that should know better.[3]
  • We will find numerous "reliable", or at least independent, sources saying Tor is, or was originally, called "The Onion Router" and other things.
  • Syverson's 2011 explanation may be correct, or could be wishful thinking and faulty memory. See inconsistent terminology used early at onion-router dot net in archive: "Onion Routing Network" and "The Onion Router Prototype Network".[4]
That said, I do enjoy "a recursive acronym, ‘Tor’s onion routing’" as much as anyone. -- Yae4 (talk) 01:01, 15 June 2022 (UTC)[reply]

Goverment Law enforcement mediated Deanonymization

I added a section related to the past decade of law enforcement agencies using a variety of technologies to deanonymize Tor. Recently 2019 and forward there has been some new form a attack that does not use a NIT, and has some greater than 50% reliablity. The law enforcement agencies only appear to be able to deanonymize a few IP addresses per day, so whatever the method, it's computationally intensive. I digress.....the point is, I added a section, but don't think it's necessarily in the correct place. It could be broken down by year in the Reception, impact, and legislation section, which doesn't seem to be the right title for the by-year section. We mention a government attack early on in the Firefox/Tor browser attack section, OR we have an entire section of attacks in weaknesses. It seems like we have different attacks and vulnerabilities scattered all over the place. Is this best? I'm opening the floor for a lengthy debate, since the organization seems a tad haphazard if the goal was to read the article and understand the history of vulnerabilities and attacks etc. eximo (talk) 00:32, 2 March 2024 (UTC)[reply]

I deleted this section for now, for WP:OR and WP:PRIMARY. These attacks should likely be discussed where we have reliable information on them, but we can't rely on primary evidence like court documents, and we definitely can't conjecture on the nature of them using research papers. Speaking as a domain expert, I doubt that any of these attacks performed by law enforcement are related to that particular research. Website fingerprinting does not directly allow for IP deanonymization, it merely allows identifying the nature (or really, class in a classifier) of particular traffic; i.e., it would at best allow the attacker to know when and which site was being accessed, but when executed on a middle relay, it would not leak who was accessing it or where the site is hosted. There's a much larger body of research on doing these attacks from one of ends of the circuit (e.g., a guard relay or client ISP), but I've never heard of law enforcement using them (for many reasons too off topic to go into here).
As to the more general discussion, the rule of thumb I think this page should use is: Do we have a reliable, non-primary source that the attack was performed on real, non-consenting Tor users, or did the attack affect the design or implementation of Tor in some way that affects how Tor itself is described in the rest of the article? If the answer to both of those questions is no, it's either not reliable or not notable enough to warrant discussion on the main Tor article.
There are some changes I'd like to see made related to this, like moving "weaknesses" into the "operation" section and pared down to just the things that impact Tor's design, and restructuring the "Reception, impact, and legislation" section from a timeline into cleaner subsections on "attacks", "censorship", "awards", etc.. The article as a whole currently feels like a kludge of random facts (or "facts") that felt relevant when they were written, but haven't aged well. Ideally, the article should be something that someone can read though the article and come away understanding what Tor is, who uses it, why, and what its limitations are. Tga (talk) 05:34, 2 March 2024 (UTC)[reply]