BETA

Let's think about surveillance: Tor, GnuPG and their importance

# I would like to mention that this article is non-technical. I first wrote this for my classmates. I then added a few extra things and here I am, sharing it with whoever is concerned about privacy and surveillance issues.

Introduction

This article's main purpose is to give Internet users reasons to use the web in a privacy-preserving manner. Moreover, I gave it a try to raise awareness on the surveillance issues by sharing videos, papers, articles and leaked documents. A short interview with Werner Koch, creator of GnuPG is included, which I hope will change your perception about privacy. This is the Part 1 of this article. Part 2 will include techinal information and focus on how we can combine them with the topics that will be analyzed here. I hope you enjoy this article as much as I enjoyed writing it.

I don't want to live in a world where there's no privacy and therefore no room for intellectual exploration and creativity. - Edward Snowden

Introduction to the Tor Project

The Tor project is nothing more than a network, called The Tor Network, constructed by volunteer-operated servers from all around the world. With the term "volunteer-operated" servers, we consider a fair amount of computers that by dedicating some of their computer power construct the Tor Network. The main purpose of Tor Project aka Tor is to allow people to improve their privacy and security on the Internet. Here is a brief explanation of how Tor works:

"Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features. " via Tor Project

Many people, from different groups, organizations and even countries use Tor for different reasons. For example, journalists use Tor to communicate with whistleblowers. Groups such as Indymedia use Tor to keep their members' online privacy secure and other people may use Tor to visit/create websites or communicate with others without leaving a trace of their real location.

How Tor Works

In order to understand how Tor works a brief introduction to traffic analysis is required. In a nutshell, traffic analysis is a process of collecting, analyzing and reviewing traffic in a network. This can be used to infer who is talking to whom in a computer network. This can eliminate your privacy as it may reveal your origin to everyone who intercepts the network communications you participate in. This will occur even if the communication is encrypted. As Internet packets have two parts (the header where location, size, time and more are included and the data payload where whatever is being sent is included like a web page, images, emails and more), we can simply understand that whoever is authorized (or not) to intercept our communication will be also able to see the header and the data of the packet (encrypted or not). That is a problem for the privacy concerned people as the above action will reveal critical information. Moreover, most of the time, it is against human rights.

It is a distributed, anonymous network where your requests are being distributed over several places on the internet (volunteer-operated servers) to make traffic analysis almost impossible. Instead of sending your request to the destination directly, your packets on Tor take a random path, passing through several relays that cover your tracks. The private pathway created by Tor is achieved by the user's software or client which builds a circuit of encrypted communication through the Tor relays. Each relay only knows the data source (the relay who gave tha data) and the destination relay. No single realy knows the full path that has been followed. Moreover, to assure that each hop can't trace the connections as they pass though, the client negotiates with a separate set of encryption keys for each hop.

If new connections are requested in the same ten minutes, the same circuit will be used. Once a connection is requested on a period bigger than 10 minutes, a new random encrypted pathway will be used to avoid linking earlier accounts to the new ones.

Finally, "The variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected."

Yes, but a real life scenario, please?

There are many ways and examples of how Tor has really helped with Internet censorship in real life. A characteristic incident is the one that took place in Turkey when Turkey's online censorship banned Twitter. A few days after Twitter's ban, a huge traffic was noticed in Tor network with more than 50.000 new nodes taking place.

The myths about Tor and its importance

As Tor is a service that provides anonymity and behind the mask of anonymity people can do many things (illegal or not), I decided to share an interesting pdf I found at EFF's website that mentions some myths and facts about Tor.
-Here it is:

 

It is expected more myths to come up as long as Tor continues to exist and becomes more and more popular."Tor is a service that helps protect your anonymity while using Internet [...]". It is available for everyone which means that it is almost imposible to avoid "alternative" use by some people. What I want to say is that Tor has helped people encrypt their communications during wars, reach their families and more. It is simply silly to judge the whole Tor Network because of some illegal activies that take place there. Simply because these activities can take place in real life too, without using Tor. So, let's ask ourselves, what is more important?

Here are some nice sources that helped me create this article. I have included many useful videos, papers and leaked documents for everyone who wants to broaden his horizons, reload his knowledge.

  1. Edward Snowden: The world says no to surveillance
  2. The Tor Network With Jacob Appelbaum
  3. Find out if you have been spied on and join the fight for privacy
  4. Secure messaging scorecard by EFF
  5. Jacob Appelbaum nsa ant catalog
  6. Jacob Appelbaum 2015 - Encryption, Cyber Security, Privacy
  7. Can they see my d*ck?
  8. Tor Project Official
  9. EFF Official

This was Part 1 of the article. Part 2 will analyze the technical aspect of these topics. More papers, articles, videos, talks will also be included.

To be continued...

Thank you for reading,

[Nikos Danopoulos]

  • Σχόλια

0 Comments:

Scroll to Top