Obtaining Online Privacy

Privoxy

Privoxy is a non-caching Web proxy with advanced filtering capabilities for enhancing privacy, modifying Web page data and HTTP headers before the page is rendered by the browser. Privoxy is a “privacy enhancing proxy”, filtering Web pages and removing advertisements. Privoxy can be customized by users, for both stand-alone systems and multi-user networks.

GNU License

Privoxy is based on the Internet Junkbuster and is released under the GNU General Public License. It runs on GNU/Linux, OpenWRT, Windows, Mac OS X, OS/2, AmigaOS, BeOS, and most flavors of Unix. Almost any Web browser can use it. The software is hosted at SourceForge.

Tor & Squid

Privoxy is frequently used in combination with Tor and Squid and can be used to bypass Internet censorship.

See: Privoxy.Org

Tor

Tor is a system intended to enable online anonymity, composed of client software and a network of servers which can hide information about users’ locations and other factors which might identify them. Use of this system makes it more difficult to trace internet traffic to the user, including visits to Web sites, online posts, instant messages, and other communication forms. It is intended to protect users’ personal freedom, privacy, and ability to conduct confidential business, by keeping their internet activities from being monitored. The software is open-source and the network is free of charge to use.

Though the name Tor originated as an acronym of The Onion Routing project, the current project no longer considers the name to be an acronym, and therefore does not use capital letters.

Tor is an implementation of onion routing, and works by relaying communications through a network of systems run by volunteers in various locations. Because the internet address of the sender and the recipient are not both readable at any step along the way (and in intermediate links in the chain, neither piece of information is readable), someone engaging in network traffic analysis and surveillance at any point along the line cannot directly identify which end system is communicating with which other. Furthermore, the recipient knows only the address of the last intermediate machine, not the sender. By keeping some of the network entry points hidden, Tor is also able to evade many internet censorship systems, even ones specifically targeting Tor.

History

An alpha version of the software, with the onion routing network “functional and deployed”, was announced on 20 September 2002. Roger Dingledine, Nick Mathewson, and Paul Syverson presented “Tor: The Second-Generation Onion Router” at the 13th USENIX Security Symposium on Friday, August 13, 2004.

Originally sponsored by the US Naval Research Laboratory, Tor was financially supported by the Electronic Frontier Foundation from 2004 to 2005. Tor software is now developed by the Tor Project, which since December 2006 is a 501(c)(3) research/education non-profit organization based in the United States of America that receives a diverse base of financial support.

Operation

Tor aims to conceal its users’ identity and their network activity from surveillance and traffic analysis. Operators of the system operate an overlay network of onion routers which provides anonymity in network location as well as anonymous hidden services. Tor employs encryption in a multi-layered manner (hence the original onion routing analogy) and ensures perfect forward secrecy between routers.

Originating traffic

Users of a Tor network run an onion proxy on their machine. The Tor software periodically negotiates a virtual circuit through the Tor network, using multi-layer encryption, ensuring perfect forward secrecy. At the same time, the onion proxy software presents a SOCKS interface to its clients. SOCKS-aware applications may be pointed at Tor, which then multiplexes the traffic through a Tor virtual circuit.

Once inside a Tor network, the traffic is sent from router to router, ultimately reaching an exit node at which point the cleartext packet is available and is forwarded on to its original destination. Viewed from the destination, the traffic appears to originate at the Tor exit node.

Tor’s application independence sets it apart from most other anonymity networks: it works at the Transmission Control Protocol (TCP) stream level. Applications whose traffic is commonly anonymised using Tor include Internet Relay Chat (IRC), instant messaging and World Wide Web browsing. When browsing the Web, Tor is often coupled with Polipo or Privoxy proxy servers. (Privoxy is a filtering proxy server that aims to add privacy at the application layer.)

On older versions of Tor (resolved May–July 2010), as with many anonymous web surfing systems, direct Domain Name System (DNS) requests are usually still performed by many applications, without using a Tor proxy. This allows someone monitoring a user’s connection to determine (for example) which WWW sites they are viewing using Tor, even though they cannot see the content being viewed. Using Privoxy or the command “torify” included with a Tor distribution is a possible solution to this problem. Additionally, applications using SOCKS5 – which supports name-based proxy requests – can route DNS requests through Tor, having lookups performed at the exit node and thus receiving the same anonymity as other Tor traffic.

As of Tor release 0.2.0.1-alpha, Tor includes its own DNS resolver which will dispatch queries over the mix network. This should close the DNS leak and can interact with Tor’s address mapping facilities to provide the Tor hidden service (.onion) access to non-SOCKS-aware applications.

Hidden services

Tor can also provide anonymity to servers in the form of location-hidden services, which are Tor clients or relays running specially configured server software. Rather than revealing the server’s IP address (and therefore its network location), hidden services are accessed through Tor-specific .onion pseudo top-level domain (TLD), or pseudomain. The Tor network understands this TLD and routes data anonymously both to and from the hidden service. Due to this lack of reliance on a public address, hidden services may be hosted behind firewalls or network address translators (NAT). A Tor client is necessary in order to access a hidden service.

Hidden services have been deployed on the Tor network beginning in 2004. Other than the database that stores the hidden-service descriptors, Tor is decentralized by design; there is no direct readable list of hidden services. There are a number of independent hidden services that serve this purpose.

Because location-hidden services do not use exit nodes, they are not subject to exit node eavesdropping. There are, however, a number of security issues involving Tor hidden services. For example, services that are reachable through Tor hidden services and the public Internet are susceptible to correlation attacks and thus not perfectly hidden. Other pitfalls include misconfigured services (e.g. identifying information included by default in web server error responses), uptime and downtime statistics, intersection attacks and user error.

Weaknesses

Like all current low latency anonymity networks, Tor cannot and does not attempt to protect against monitoring of traffic at the boundaries of the Tor network, i.e., the traffic entering and exiting the network. While Tor does provide protection against traffic analysis, it cannot prevent traffic confirmation (also called end-to-end correlation).

Steven J. Murdoch and George Danezis from University of Cambridge presented an article[20] at the 2005 IEEE Symposium on security and privacy on traffic-analysis techniques that allow adversaries with only a partial view of the network to infer which nodes are being used to relay the anonymous streams. These techniques greatly reduce the anonymity provided by Tor. Murdoch and Danezis have also shown that otherwise unrelated streams can be linked back to the same initiator. However, this attack fails to reveal the identity of the original user. Murdoch has been working with, and funded by, Tor since 2006.

In September 2007, Dan Egerstad, a Swedish security consultant, revealed that he had intercepted usernames and passwords for a large number of email accounts by operating and monitoring Tor exit nodes. As Tor does not, and by design cannot, encrypt the traffic between an exit node and the target server, any exit node is in a position to capture any traffic passing through it which does not use end-to-end encryption such as TLS. While this may or may not inherently violate the anonymity of the source if users mistake Tor’s anonymity for end-to-end encryption they may be subject to additional risk of data interception by self-selected third parties. However, the operator of any network carrying unencrypted traffic, such as the operator of a wifi hotspot, has the same ability to intercept traffic as a Tor exit operator, so end-to-end encryption should always be used. Even without end-to-end encryption, Tor provides confidentiality against these local observers which may be more likely to have interest in the traffic of users on their network than arbitrary Tor exit operators.

Nonetheless, Tor and the alternative network system JonDonym (JAP) are considered more resilient than alternatives such as VPNs. Were a local observer on an ISP or WLAN to attempt to analyze the size and timing of the encrypted data stream going through the VPN, TOR or JonDo system, the latter two would be harder to analyze as demonstrated by a 2009 study.

Researchers from INRIA showed that Tor dissimulation technique in Bittorrent can be bypassed.

Etiquette

Because of its inherent anonymity, the traditional practices that network operators use to curb abuse may be insufficient with regard to connections coming from a Tor network. Tor has some features intended to reduce this problem, both from the perspective of exit node operators and third party sites.

Exit nodes each maintain an exit policy of what traffic is and is not permitted to leave Tor network through that node. It is possible to prevent most major abuses of Tor network using a combination of addresses and ports. Potential abuses include:

Bandwidth hogging

It is considered impolite by Tor community members to transfer massive amounts of data across the Tor network – the onion routers are run by volunteers using their own bandwidth at their own cost. Due to the high bandwidth usage caused by the peer-to-peer file sharing networks, it is considered impolite and inappropriate by Tor community members to utilize the Tor network for protocols like BitTorrent. By default, the Tor exit policy blocks the commonly used peer-to-peer ports.

Spam

The default Tor exit policy prevents connections to port 25 (SMTP), preventing people from sending spam directly from the Tor network. Anonymous users The Tor project attempts to ensure that websites that wish to set different access policies for users visiting through Tor can do so, providing various lists of Tor exit nodes. Wikipedia does this.

Uses that may be illegal in some nations

In some countries, Tor is used to circumvent laws against the criticism of heads of state, access censored information or to distribute copyrighted works and child pornography.

Implementation

The main implementation of Tor is written in the C programming language and consists of roughly 146,000 lines of source code. Vuze (formerly Azureus), a BitTorrent client written in Java, includes built-in Tor support.

See: TorProject.Org

References:














Bookmark this on Delicious

SEO-AU Links Best INFP Websites - Click here to Vote for this site!