Gate (network)

from Wikipedia, the free encyclopedia
goal

logo
Basic data

developer Roger Dingledine and Nick Mathewson
Publishing year September 20, 2002
Current  version 0.4.3.6
(July 09, 2020)
Current preliminary version 0.4.4.4-rc
(August 13, 2020)
operating system cross-platform
programming language C , python
category Security software
License BSD license
German speaking Yes
www.torproject.org
expyuzz4wqqyqhjn.onionOnion Service , only accessible via the Tor network .Tor-logo-2011-flat.svg

Tor is a network for anonymity of connection data . It is used for TCP connections and can, for example, be used on the Internet for browsing , instant messaging , IRC , SSH , e-mail or P2P . Tor protects its users from analyzing the traffic . It is based on the idea of onion routing . "TOR" was originally an acronym for The Onion routing or The Onion Router ( english onion for onion ). Since the project no longer uses the name as an acronym, “Tor” is no longer written in capital letters . In January 2019, around 2 million users were using the Tor network every day.

history

The first ideas for Tor date back to 2000. Two years later, work on Tor was started by Matej Pfajfar at Cambridge University . This was followed by the release of the first alpha version on September 20, 2002.

In the initial period from 2001 to 2006, Tor was supported by the United States Naval Research Laboratory with support from the Office of Naval Research (ONR) and the Defense Advanced Research Projects Agency (DARPA), represented by Paul Syverson. Further development was supported by the Freehaven project . The Electronic Frontier Foundation (EFF) supported the development of Tor between the last quarter of 2004 and late 2005.

In December 2006, Dingledine, Mathewson, and others founded The Tor Project, The Tor Project, Inc , a non-profit research and education organization responsible for maintaining Tor.

In March 2011, the Tor project was awarded the “social benefit” award by the Free Software Foundation . The reason given was that Tor allowed approximately 36 million people worldwide uncensored access to the Internet with control over privacy and anonymity. Tor has proven to be very important for opposition movements in Iran and Egypt .

In 2011, approximately 60% of the project was funded by US government grants and 40% by private donations.

In June 2014, the case of the Erlangen student Sebastian Hahn drew the attention of the general public, and in particular the NSA investigative committee , which was just in session , to the fact that the NSA is monitoring the operator of a gateway in addition to the Federal Chancellor.

Since the end of October 2014, Facebook has been accessible via its own address in the Tor network ( https://facebookcorewwwi.onion/ ) in order to facilitate access for people in whose countries access to Facebook is made more difficult by censorship. DigiCert one of the first has for Facebook TLS - certificates for .onion address issued.

The previous Tor top management, the Board of Directors, elected six new members in July 2016 and resigned at the same time. The resigned include project co-founders Roger Dingledine and Nick Matthewson, who, however, continue to lead the technical development of the service. The new supervisory body includes the prominent cryptologist Bruce Schneier and the head of the Electronic Frontier Foundation , Cindy Cohn .

In 2019, the BBC and Deutsche Welle made their websites available via the Tor network in order to circumvent censorship measures by anti-democratic states.

Utilities

Tor Browser

The Tor Browser under Windows 10 shows the start page.

The Tor Browser (also Tor Browser Bundle ) contains a preconfigured combination of Tor (client) and a modified version of the Mozilla Firefox ESR browser (with NoScript , HTTPS Everywhere , Torbutton and TorLauncher). The package is portable and can therefore be started from a removable storage medium , as in the case of the PrivacyDongle , which makes it relatively independent of the operating system that is running. Thanks to the compatibility-oriented configuration of the components, even laypeople can quickly get started with the Tor network.

Tor Messenger

On October 29, 2015, the Tor project released Tor Messenger as a beta version. This instant messenger is based on Instantbird , but has built in OTR for encryption and Tor for anonymization. Similar to Instantbird, Pidgin and Adium , Tor Messenger supports several chat protocols, but it does not use libpurple for this , but implements all protocols itself in the memory-safe language JavaScript .

Orbot (Android version 2.0 or higher)

Orbot is an open source Tor proxy for Android that can route all Internet traffic through the Tor network on rooted Android devices. On devices without root permissions, Orbot only works in conjunction with the Orfox browser, which is also open source; the routing of network traffic from other apps is not possible unless they have the option of manual proxy setting. Orbot provides a local HTTP proxy itself on port 8118, which apps such as B. Twitter can be configured. An additional module ("Add-On") is available for Firefox Mobile with which Orbot's SOCKS proxy on port 9050 can be used. Some apps, e.g. B. ChatSecure or Xabber are preconfigured for use with Orbot. Another app called OrWall can block all data traffic that is not routed through Orbot (see also firewall and whitelisting ).

Orfox (Android)

Orfox is an open source browser for Android that has been specially optimized for the Tor network and that also places great value on the protection of privacy. It is used on devices without root permissions to surf anonymously with Orbot using a Tor proxy. To use Orfox, Orbot must be started and connected to the Tor network.

The Tor Browser for Android has been available as an alpha version since September 2018. The first stable version for Android was released on May 21, 2019.

The previously recommended Orfox browser is to be discontinued.

Onion Browser (Apple iOS from version 5.1)

The Onion Browser is a browser for Apple iOS that handles page views over the Tor network. It is available for free in the iOS App Store , the source files are available for free on GitHub .

Working method

Alice creates an anonymous connection to Bob through the Tor network

Anonymous surfing

The software is based on the principle of onion routing and has been implemented with a few modifications:

  1. The user installs a client on his computer , the so-called onion proxy . This program connects to the Tor network. In the start phase, the program downloads a list of all available and usable Tor servers (relays). This list, which is provided with a digital signature, is kept by directory servers or directory authority . Their public keys are supplied with the Tor source code. This is to ensure that the onion proxy receives authentic directory data.
  2. When the list is received, the onion proxy will choose a random route through the Tor servers.
  3. The client negotiates an encrypted connection with the first Tor server. When this is set up, it is extended by another server. This procedure is repeated so that a connection chain always contains at least three Tor servers. Every server knows its predecessor and its successor. The developers of the project chose the number three in order to achieve the greatest possible anonymity with an acceptable delay time. Success depends on at least one of the servers being trustworthy and an attacker not already monitoring the start and end of the communication.
  4. After a connection has been established, the data is sent via this server. The last server acts as the end point of the communication. He is (Engl. As exit or exit server or node exit node ), respectively.

The connection setup described above is repeated at regular intervals, and the connection routes are switched after about 10 minutes.

The packets within the Tor network are always transmitted in encrypted form. Only when the exit node forwards the packets can they possibly be unencrypted. It is therefore still important to use end-to-end encryption and integrity protection, since the operator of an exit node can otherwise read and manipulate the entire data traffic.

Size of the Tor network

A map showing the average usage of the Tor network in 2012/2013. Source: University of Oxford

As of October 31, 2011, around 2350 Tor nodes were available, including around 850 exit nodes. The available data transmission rate propagated by the nodes themselves was a total of 12.8 Gbit / s, of which an average of 8 Gbit / s was used. The addresses of around 650 Tor bridges were deposited with the Tor Bridge Authority.

In October 2019, 6,472 Tor nodes with a data transfer rate of 23.080 GByte / s were available.

Tor Onion Services

Tor enables both sides of a communication to remain anonymous. The retriever of information uses the presented functions of Tor for this purpose. A provider of information used while Onion Services , formerly hidden services (Engl. Hidden services ) were mentioned:

  1. Bob wants to offer a service (for example, a website with sensitive information). First he sets up the necessary software (in the example a web server ) on the relevant computer. Tor is not involved in this step.
  2. Now Tor is set so that the software packages are passed on from the web server over the network.
  3. After a restart, a key pair is created that is intended to identify the service. The Tor software does this automatically.
  4. Together with a list of randomly selected introduction points , it sends the public key to a directory server and establishes a connection to the entry points. This completes the setup of the hidden service.
  5. Alice wants to connect to Bob's service. To do this, it needs the hash value of the public key. This has the form 6sxoyfb3h2nvok2d .onion . For example, Bob's website could be accessed at http://oldd6th4cr5spio4.onion/. With this hash value Alice receives the details of the service from the directory server.
  6. Alice establishes a connection to a random Tor server via the Tor network, which she determines as the rendezvous point.
  7. Then it establishes another connection to one of the entry points. This information was in the details from the directory server. Alice sends an encrypted message to Bob. This describes the rendezvous point to which Alice maintains a connection. Bob and Alice will "meet" there.
  8. After Bob has received this message, he decides whether he wants to communicate with Alice and, if so, establishes a connection to the rendezvous point.
  9. At the rendezvous node, the communication channels belonging to Bob and Alice are connected. Both can now exchange data without knowing each other's identity.

Onion Services can only be accessed via the Tor network. However, operators who offer a certain service can offer their service as an onion service and at the same time as a normal service (which can be accessed normally via the Internet without anonymization software). This has the advantage that users who value privacy can go through the Tor network.

Entry guards

Like all real-time anonymization services, Tor cannot provide adequate protection against attackers who control the first and last node of a connection. This is independent of how many nodes there are in between. The attacker can establish a connection here solely through the number of packets and the chronological sequence of packets - also across the intermediate nodes - and would thus have discovered the connection between sender and recipient. Since Tor routes are short-lived and are regularly re-selected, the probability that at least one of the routes established by the Tor client could be discovered by an attacker in the long run is close to 100% for every Tor user. In particular, users who regularly use Tor to protect the same communication relationship would sooner or later almost certainly be deanonymized. To make matters worse, the attacker can boycott a route if he controls at least one arbitrary node in it. In this way he can force a re-selection of the nodes on all routes in which he is involved but does not have the control over the start and end nodes necessary for de-anonymization. This means that additional routes have to be set up and the probability of a route that is favorable for the attacker increases.

Therefore, with Tor, contrary to the standard model of onion routing , the first nodes of the routes are not selected dynamically by the client, but the same entry nodes are used for all established routes, so-called entry guards . To do this, the client randomly selects a small number (three by default) from a list of Entry Guards and then uses them as the first node on all established routes over several weeks and sessions. A temporary replacement selection is only made if these nodes fail. Entry guards can only become nodes that have been running for a long time, have had a high level of availability over this period and have above-average transmission capacity.

In this way, it can be largely ruled out that in the long run every user almost inevitably sets up a route that can be deanonymized by an attacker. If the user has not chosen any of the entry guards controlled by an attacker , he cannot be deanonymized at all in the above way, since the first node of the routes is then always outside the attacker's control. If, on the other hand, the selected entry guards of the user are under the control of the attacker, the probability of de-anonymization is increased, or this happens more frequently because the entry node is then safely controlled by the attacker and the security of the route only depends on the choice of the exit node depends. It also reduces the risk that an attacker could list all Tor users. Since the users always connect to the same entry node, the entry guards controlled by the attacker are only contacted by the same group of users, while all other Tor users always stay with their entry nodes outside the attacker's sphere of influence.

Censorship Resistance / Gate Bridges

Tor can not only be used to allow anonymous Internet access, but also to bypass access blocks. The connection is redirected - past the barrier - via the Tor network and can thus reach the destination. From the point of view of the blocking party, this is not a desirable situation , especially in the area of censorship . For this reason, access to Tor has already been blocked in some cases (e.g. by the Chinese Internet control ). This is particularly easy because the list of all Tor nodes is public. Due to the anonymization model chosen, access to this list cannot be restricted, since the option to select from many nodes is a prerequisite.

Tor has therefore been expanded to include a bridge functionality that mediates between blocked users and the Tor network. This means that every user can configure their Tor client as a so-called bridge , which enables other users to access the Tor network. He can then communicate his own Internet address to others himself, or he can deposit it with a trustworthy central authority ("bridge authority") for further distribution. There it ends up in exactly one of currently three address pools, which are based on different distribution strategies. The distribution takes place in pool 1 via a website, in pool 2 via e-mail and in pool 3 via instant messaging, social networks and similar direct contacts. In order to prevent the pools from being explored, only bridges from one area of ​​the total list that are always the same are returned in pool 1 for requests from the same IP address (only the first 24 bits are relevant) (the problem is that requests via different proxy computers or different Tor nodes could take place themselves and government agencies or Internet providers have access to very large address contingents). In pool 2, this applies accordingly to inquiries from the same e-mail address. In order to prevent the mass creation of different email addresses, only requests from Gmail and Riseup addresses are answered. Tor trusts that the providers themselves have taken appropriate measures to prevent the creation of large amounts of accounts. Pool 3 is based on the fact that it is difficult to build up enough human trust under different identities to get to many bridge addresses via direct contacts. If one of the distribution strategies turns out to be so weak that an attacker can use it to obtain a large number of addresses and then prevent access to them or identify them as Tor accesses, the addresses of the other pools would still be available.

However, China has been able to successfully break distribution strategies 1 and 2 and prevent Chinese citizens from accessing the corresponding bridges since 2009 and 2010 respectively. One reason for this is that the number of bridges of around 500 is too small compared to the resources of the Chinese Internet control. In this way, the entire list of the corresponding pools is queried from a sufficient number of different IP addresses or e-mail accounts. In addition, in the fall of 2011, it became known through user comments that China was testing the destination address of connections that are recognized as possibly being encrypted with Tor. If the target actually speaks the Tor protocol, it will be added to a blacklist. In this way, China can even detect bridges whose addresses are not publicly distributed and prevent access to them.

From the point of view of anonymity, it can even be advantageous for a user to operate a bridge. For an attacker, the actions of the user can no longer necessarily be distinguished from those of the users who are only forwarded via them. On the other hand, there are also risks: If an attacker should be able to deanonymize a forwarded connection backwards from the connection destination via the slave nodes , the forwarding user could be wrongly suspected of being the origin of the connection. The operation of a bridge can also ensure that own traffic handled via Tor can be deanonymized over a longer period of time. This attack is based on the fact that the bridge will usually only be made available by a user when he is currently using Tor himself. For example, suppose someone uses Tor to post new entries on their blog every now and then. If he has activated the bridge functionality and an attacker could obtain a large number of the Tor bridge addresses, then the attacker could regularly check which bridges are available and when. In this way, the attacker could very quickly restrict the group of authors. Only bridge operators who had their bridge active at all the times in question are eligible for this.

Criticism and weaknesses

Limits to anonymity

Tor does not offer anonymity against any attacker. For example, by monitoring a sufficiently large number of Tor nodes or larger parts of the Internet, it is possible to understand almost all communication processed via Tor. Such a scenario is  quite conceivable , for example, for operators of Internet nodes or important backbones - especially through cooperation - if it is possible to monitor the first and last nodes of the connection, the origin of the connection can be inferred with the help of a statistical analysis.

If necessary, this can also be done through state influence or intelligence activities. It is favored both by the structure of the Internet, which relies heavily on individual operators, and by the very uneven distribution of Tor servers around the world, which are largely concentrated in a few countries. As a result, the cooperation of a few instances would be sufficient to significantly weaken the effectiveness of Tor.

Advantages and disadvantages of the anonymization model

Tor is based on a distributed anonymization network with dynamic route selection. This already distinguishes Tor from many other anonymization services that are based on the approach of static routes in the form of mixed cascades . The basic premise for Tor security is that no one will be able to monitor large parts of the Internet. This basic assumption provokes criticism. On the one hand, it is questionable whether it is realistic, on the other hand, with the mix cascade model, there is a possibility of anonymization with total monitoring of the underlying network - at least in theory. The theoretically stronger model of the mix cascade has to make many compromises when it comes to practical implementation on the Internet in order to remain usable: For example, only certain of the required mix functions can actually be implemented. This compensates for the advantages of the mixed cascade model compared to the Tor approach, and the cascade-based anonymization services can also only offer very limited anonymity.

But there are also some practical reasons that speak explicitly in favor of the concept chosen by Tor. In particular, the resource problem that arises when operating an anonymization service (a lot of bandwidth and a certain computing power is required for cryptography) can be solved very easily by providing the resources jointly. Almost every owner of a broadband connection can contribute something to the anonymization service by operating a gate node. With the mix cascade model, on the other hand, the required bandwidth must be provided by a few entities (mix operators) in order to keep the anonymity groups large. Since this results in corresponding costs for the mix operator, the question of financing always arises there automatically. On the other hand, the low participation threshold at Tor also always poses a danger: the parties involved cannot be adequately checked. For example, it is conceivable that one person operates a large number of Tor nodes under different identities. Connections that run exclusively through the nodes it controls can thus be revealed. With the mixed cascade model, significantly fewer anonymity providers are required - they can therefore be checked much better for their identity and intentions. Even in the case of government coercive measures, they can legally defend themselves as well as their users (as happened, for example, with JAP ). At Tor, such mutual support is only just beginning. Legal risks can arise, especially for the operators of exit nodes. Because, as the operator of the node, you have to fear the seizure of the computers by the investigative authorities in the event of any misuse. You will be treated as a witness in the relevant proceedings. However, it can also happen that proceedings are brought against the operator himself.

Compared to the mixed cascade concept, the highly distributed approach at Tor provides better protection against coercive government measures with regard to the detection of connections, since the government agencies do not have a small group of responsible persons with whom they can carry out the monitoring measures directly, as is the case with the cascade approach. You would have to choose the much more complex and internationally hardly enforceable detour via the network operator. This also makes criminal prosecution considerably more difficult.

Implementation weaknesses

In contrast to the basic model of onion routing , Tor uses the same route for the data transmission of several applications that are executed on the client computer. This is justified on the one hand with higher efficiency (by sharing a route for several TCP streams fewer routes have to be set up and thus less cryptographic effort is required, especially for asymmetric cryptography ), on the other hand with an improvement in anonymity (since one If you build fewer routes, the probability is lower that you will once put together a route from nodes that are all in the hands of an attacker, and the data traffic through it is therefore not anonymous). However, should one of the applications damage the anonymity (for example by making the IP address of the client traceable), an exit node operator in particular can then also assign the data transmitted via the same route to all other applications of this client. An application that reveals sender data is sufficient, if necessary, so that the client can also be deanonymized with regard to other activities. For this reason, the developers explicitly advise against using BitTorrent over the Tor network.

Researchers at the Institut national de recherche en informatique et en automatique demonstrated this in practice with BitTorrent in early 2010 . For this purpose, several Tor exit nodes were operated and the Bit Torrent traffic running through them from the clients was evaluated or manipulated. This exploited the fact that often only the tracker communication is anonymized via Tor, but the actual data transmission with other peers (both with the actual file sharing and with regard to access to the distributed hash table in the trackerless operation) then usually takes place directly without anonymization, since this would be too slow via Tor or the partially used UDP communication is not supported by Tor either. In this way the direct communication of the clients outside the Tor network (in particular their IP addresses ) could be assigned to their communication within the Tor network. If the client had other, actually secure applications running on the same Tor route in addition to BitTorrent, their communication was also deanonymized. Since BitTorrent has a long-term concatenation feature with the unique peer ID, new Tor routes can then be quickly assigned after a one-time de-anonymization if they are also used to process BitTorrent communication.

In addition to applications, however, careless user behavior can also have the same effect. Should a user, in parallel to his / her anonymous communication, also handle personally assigned communication via Tor, the latter can deanonymize the anonymous communication on the same Tor route for the exit node operator. This does not even have to be done by transmitting real names, the already existing metadata of one of the connections (time, amount of data transferred, destination address) may be sufficient for the exit node operator to be able to infer the originator. The remaining communication within the same Tor route would then also be deanonymized.

Use and Abuse

Anyone interested can operate a Tor node themselves. The architecture is already designed for DSL access. This means that every user with a DSL connection can operate a Tor server with a transmission rate of at least 20 kB / s (= 160 kbit / s).

In connection with preliminary investigations by the Konstanz public prosecutor's office in the area of ​​the distribution of child pornography , some German Tor servers were confiscated on September 7, 2006, which were rented and housed by German host providers . The investigations were not directed against their operators. The public prosecutor's office only hoped to gain knowledge about the accessing users. Due to the structure of the Tor network, this was to be classified as hopeless.

Dan Egerstad was able to demonstrate with a test setup in which he made five exit nodes available on his own computers and listened to them with sniffer tools , that many users do not yet consider the protection of the last, unencrypted mile . Egerstad was able to record unencrypted access data, especially from e-mail mailboxes, and published an excerpt from 100 mailboxes that he was able to assign to embassy and government employees in order to point out the explosiveness and, at the same time, to encourage action. In this context, according to an article dated September 10, 2007, there is a sharp increase in the number of exit nodes in China and the USA. End-to-end encryption , e.g. with HTTPS , is sufficient to prevent misuse of this type .

Exploitation of security gaps in the web browser

In August 2013, it became known that a security hole in the Firefox web browser - which is also part of the Tor browser bundle - had been used to smuggle in malicious code. The malware , dubbed "Magneto", logged the entire surfing behavior of a Tor user and transmitted the collected data to a server owned by the company "Science Applications International Corporation", which cooperates with the FBI and other secret services. The developers of Tor suspected that the attack was related to the break-up of the Freedom Hosting network , which specifically provided servers for Tor's hidden services and has been proven to be used by criminals.

Two versions of Firefox and the associated four versions of the Tor browser bundle were affected, but three of them were in the alpha stage . Although the exploited vulnerability was in all ports of Firefox, apparently only Windows versions were attacked.

In 2014, judicial documents revealed that a server located in France for the “Tor Mail” hidden service was successfully compromised and later confiscated using Magneto . This enabled US FBI investigators to arrest a previously unknown person who is accused of credit card fraud. Furthermore, the suspect could be proven to have operated an illegal online shop as a hidden service in the Tor network.

Breaking anonymity through logging

Presentation of the NSA study “Tor Stinks” as PDF; 0.8 MB (published by the Guardian)

A study published in 2013 by scientists at the U.S. Naval Research Laboratory and Georgetown University addressed the well-known problem of Tor's extensive network traffic logging. The aim was to be able to estimate, under realistic conditions, the probability and the period of time that is needed to collect enough data to destroy anonymity. It managed to break the anonymity of 80% of the tracked users in 6 months by running a single medium-sized Tor relay. With regard to the PRISM scandal, the scientists emphasized that a larger infrastructure can significantly reduce the time required; If the attacker had access to appropriate autonomous systems and Internet nodes , they estimated the probability of de-anonymization at 95%.

An article in the British newspaper The Guardian, on the other hand, reports that the National Security Agency had little success trying to identify Tor users. The article was based on the secret documents published by Edward Snowden about PRISM .

In July 2014, an anonymization attack was discovered by the Tor network. Modified Tor nodes have been used here since January 2014, which marked data packets with clear text information through a gap in the protocol. Due to the high number of modified nodes (up to 6.4 percent), which were used both as entry guards and as exit nodes , data packets could be tracked down to the real IP address of the user or a hidden service . The loophole was closed in versions 0.2.4.23 and 0.2.5.6-alpha. The attackers and their motivation are not known. A possible connection with a canceled lecture at the Black Hat by students from Carnegie Mellon University was however controversially discussed in the Tor user community.

Operation Onymous 2014

In November 2014, the FBI announced that through a large-scale collaboration with the US Customs and Immigration Service , the Department of Homeland Security and, in Europe, the European Cybercrime Center and Eurojust as part of Operation "Onymous", a massive strike against illegal activities within the Tor network. The investigators were able to de-anonymize numerous people, as a result of which there were 17 arrests worldwide. Control over domains of the network could also be obtained, whereby several illegal platforms of the darknet market were blocked; an initially mentioned number of 44 domains was later revised. In addition, at least 10 exit nodes and one relay server were switched off, which damaged the network infrastructure as a whole.

In contrast to previous raids, the authorities spokesman did not provide any information about how the suspects' anonymity was broken. The Tor developers were surprised by the action. They assumed that the platforms that were switched off might have been configured insecurely or that there might be backdoors in the software used . With regard to the fact that illegal transactions on the Internet are increasingly being carried out with Bitcoins as a means of payment, the developers also referred to the possibility of tracing people back via such transactions.

Gate users in the NSA's extremist database?

In the aftermath of the Snowden affair , Norddeutsche Rundfunk and Westdeutsche Rundfunk reported in the summer of 2014 that the users of the Tor network and the Linux distribution Tails were automatically entered into a database of the NSA by the XKeyscore spy program , in which data on extremists was entered to be collected. The journalists Lena Kampf, Jacob Appelbaum and John Goetz found out after examining the source code of XKeyscore. The collection takes place via the IP addresses of those who access the Directory Authorities through which the Tor network is accessed.

Reception in the media

See also

literature

Web links

Commons : Tor project  - collection of images, videos and audio files

Individual evidence

  1. Roger Dingledine: pre-alpha: run an onion proxy now! . September 20, 2002 (accessed March 5, 2016).
  2. "nickm": New releases: Tor 0.3.5.11, 0.4.2.8, and 0.4.3.6 (with security fixes). In: Tor Blog. The Tor Project, July 9, 2020, accessed July 10, 2020 .
  3. "nickm": New release candidate: 0.4.4.4-rc. In: Tor Blog. The Tor Project, August 13, 2020, accessed August 13, 2020 .
  4. Peter Palfrader: onion.torproject.org. The Tor Project, accessed February 17, 2020 .
  5. Re: OSI 1-3 attack on Tor? in it.wikipedia (English) - Statement by one of the developers on the Tor discussion list, dated February 13, 2008 (accessed on: January 2, 2014 )
  6. Tor FAQ: Why is it called Tor? The Tor Project, accessed July 1, 2011 .
  7. Users - Tor Metrics. In: metrics.torproject.org. Accessed January 31, 2019 .
  8. pre-alpha: run an onion proxy now! September 20, 2002, accessed April 17, 2014 .
  9. a b goal: sponsors. The Tor Project, accessed April 17, 2014 .
  10. Tor's great rebranding , "The Daily Dot" March 26, 2015 Accessed 12th 2015
  11. 2010 Free Software Awards announced. Retrieved April 5, 2014 .
  12. Tor Annual Report 2012 (PDF; 2.8 MB) p. 6.
  13. Hahn maintains a website to document his current related communication (the original version in German is here to find).
  14. See e.g. B. Ole Reissmann: Tor network. Activists defy the NSA . In: Spiegel Online July 3, 2014, p. 11 p.m. or Germans in the sights of the US secret service. Branded as an extremist by the NSA ( memento from July 3, 2014 in the Internet Archive ), Tagesschau, July 3, 2014.
  15. Facebook goes into the Tor network . In: heise.de
  16. Tor users can now access Facebook more easily . In: zeit.de
  17. Facebook, hidden services, and https certs | The Tor Blog. Retrieved March 20, 2017 (English).
  18. Tor project exchanges supervisory body , Axel Kannenberg, heise online, July 14, 2016, accessed June 2, 2017.
  19. Deutsche Welle (www.dw.com): DW pages now accessible via Tor browser - DW - 11/20/2019. In: dw.com. November 19, 2019, accessed November 22, 2019 .
  20. heise online: BBC gets news website in the Tor network. In: heise online. Retrieved May 15, 2020 .
  21. What is Tor Browser? In: torproject.org , Retrieved May 24, 2019.
  22. Jörg Thoma: Tor Bundles soon with instant messaging. In: golem.de , February 28, 2014, accessed January 26, 2017.
  23. Tor Messenger Beta: Chat over Tor, Easily - The Tor Blog. In: blog.torproject.org. Retrieved May 15, 2020 .
  24. ^ Tor Messenger Design Document (Beta). January 26, 2017, accessed January 26, 2017 .
  25. Tor Browser goes mobile. In: Pro-Linux. Retrieved May 15, 2020 .
  26. Tor Browser for Android. In: Google Play. Retrieved May 15, 2020 .
  27. Tor at the Heart: Onion Browser (and more iOS Tor) - The Tor Blog. In: blog.torproject.org. Retrieved May 15, 2020 .
  28. a b Tor: The Second-Generation Onion Router. In: svn.torproject.org. Retrieved May 15, 2020 .
  29. Andrew Lewman: Tor Progress Report October 2011 (PDF; 675 kB) The Tor Project, Inc., November 8, 2011, accessed on November 22, 2011 (English).
  30. Tor Network Status v3.6.1: TorStatus - Tor Network Status. In: Tor Network Status. October 7, 2019, accessed October 7, 2019 .
  31. Tor Onion Services (Darknet). In: privacy- Handbuch.de. Retrieved December 29, 2019 .
  32. Paul Syverson, Gene Tsudik u. a .: Towards an Analysis of Onion Routing Security . In: Proceedings of the Workshop on Design Issues in Anonymity and Unobservability. July 2000, Berkeley, CA, accessed August 25, 2011 (gzipped PS; 102 kB).
  33. Nikita Borisov, George Danezis a. a .: Denial of Service or Denial of Security? How Attacks on Reliability can Compromise Anonymity . In: Proceedings of the 14th ACM Conference on Computer and Communications Security (ACM CCS 2007) , October 2007, Alexandria, VA. Retrieved on August 25, 2011 (PDF; 260 kB).
  34. Tor Project FAQ: What are Entry Guards? Retrieved August 25, 2011.
  35. ^ Research problem: better guard rotation parameters . In: blog.torproject.org , August 20, 2011, accessed August 25, 2011.
  36. Matthew Wright, Micah Adler et al. a .: Defending Anonymous Communications Against Passive Logging Attacks . ( Memento of February 4, 2012 in the Internet Archive ) In: Proceedings of the 2003 IEEE Symposium on Security and Privacy. May 2003, Oakland, CA, accessed August 25, 2011 (PDF; 236 kB).
  37. ^ R. Dingledine, N. Mathewson: Design of a blocking-resistant anonymity system . In: svn.torproject.org , accessed August 27, 2011 (PDF; 154 kB).
  38. KAIST freshmen working on bridge distribution strategies . In: blog.torproject.org , September 8, 2009, accessed December 31, 2009.
  39. BridgeDB. Retrieved January 3, 2020 .
  40. ^ Research problems: Ten ways to discover Tor bridges. In: blog.torproject.org. October 31, 2011, accessed November 18, 2011 .
  41. Andy Greenberg: China's Great Firewall Tests Mysterious Scans On Encrypted Connections. In: Forbes . November 17, 2011, accessed November 22, 2011 .
  42. ^ Philipp Winter, Stefan Lindskog: How China Is Blocking Tor . April 2, 2012, arxiv : 1204.0447v1 (English).
  43. ^ J. McLachlan, N. Hopper: On the risks of serving whenever you surf . Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2009). Accessed December 31, 2009 (PDF; 1.7 MB).
  44. Steven J. Murdoch, Piotr Zieliński: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries ( Memento of the original from January 6, 2009 in the Internet Archive ) Info: The archive link was automatically inserted and not yet checked. Please check the original and archive link according to the instructions and then remove this notice. (PDF; 1.5 MB) @1@ 2Template: Webachiv / IABot / petworkshop.org
  45. ^ The Tor Project, Inc .: Tor Project: Overview. (No longer available online.) In: tor.eff.org. Formerly in the original ; accessed on May 15, 2020 .  ( Page no longer available , search in web archives )@1@ 2Template: Dead Link / tor.eff.org
  46. ^ "Herr Weber": Anonymization service TOR: When the police rings twice. In: Datenschleuder 91/2007, p. 16 ff. (PDF; 8.1 MB)
  47. Bittorrent over Tor isn't a good idea . In: blog.torproject.org , April 29, 2010, accessed April 14, 2011.
  48. Stevens Le Blond, Pere Manils et al. a .: One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users. In: Proceedings of 4th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '11) , March 29, 2011, Boston, MA. Retrieved April 13, 2011 (PDF; 882 kB).
  49. Instructions for server operation
  50. German Police Seize TOR Servers 11/2006.
  51. Marc Störing: In the sights of the prosecutors - State access to anonymization servers . In: c't 24/2006, pp. 208-210.
  52. heise Security: Anonymization network Tor "phished". In: Security. Retrieved May 15, 2020 .
  53. Tor confirms malicious code for user identification . In: Golem.de
  54. Official announcement by the Tor development team
  55. FBI is investigating users of Tor Mail . In: Golem.de
  56. a b News from the NSA: “Tor stinks” . In: heise.de
  57. Study Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries . In: ohmygodel.com , (PDF; English)
  58. Tor security advisory: "relay early" traffic confirmation attack . In: blog.torproject.org , accessed July 31, 2014 (English)
  59. Successful attack on goal anonymization . In: heise.de , accessed on July 31, 2014.
  60. Lawyers cancel black hat presentation on Tor vulnerabilities . In: heise.de , accessed on July 31, 2014.
  61. Operation "Onymous" - FBI and Europol close hundreds of pages in the dark web SPIEGEL ONLINE November 7, 2014, accessed March 12, 2017.
  62. Operation Onymous: A major raid on illegal trading platforms . In: golem.de
  63. ↑ A major raid in the Tor network: the search for the weak point . In: golem.de
  64. Patrick Beuth: XKeyscore: NSA considers all Tor users to be suspicious . In: The time . July 3, 2014, ISSN  0044-2070 ( zeit.de [accessed on May 25, 2016]).
  65. Kristian Kißling: NSA classifies Tor users as extremists. In: Linux magazine. Retrieved May 25, 2016 .
  66. There was a mention of Tor + illegal activities on House of Cards… (Scene link inside - 0:40). February 20, 2014, accessed February 27, 2014 .
  67. Darknet - network without control. In: Daserste.de. June 30, 2013, archived from the original on July 4, 2013 ; Retrieved April 5, 2013 .

Remarks

  1. Let be the ratio of the nodes controlled by the attacker to the number of all nodes. The probability that the attacker controls the start and end nodes of a route with a random node selection is therefore included . The fact that not a single one of the established routes can be controlled by the attacker has only a probability of - so it goes against with increasing .
  2. Season 2, Episode 2