I’m Boycotting GunBroker

GunBroker has been a useful site. Without it I wouldn’t have my SPAS-12 and accompanying choke tubes. But it is time for me to say farewell to it. As it turns out GunBroker prohibits users from using one of the best tools available for protecting free speech online: Tor:

GunBroker.com is now detecting if users are connecting to them through Virtual Private Networks (VPN), proxy servers or Tor. Users who are detected using these services are being given one warning to stop using these to access the site or have their account terminated.

If your site doesn’t allow users to access it via Tor then you aren’t getting any of my money and I will do what I can to convince other people not to give you money. Protecting free speech online is just as serious as protecting the right to keep and bear arms in my book.

The Tor Challenge is Apparently Going Strong

On June 4th the Electronic Frontier Foundation (EFF) kicked off the Tor Challenge, which is its attempt to encourage more people to run Tor Relays. Running a relay is fun and easy to do but I never imagined that the Tor Challenge would be such a rousing success:

However, Adrian Leppard, the guy in charge of the City of London Police’s Intellectual Property Crime Unit (funded both by taxpayers and legacy entertainment companies) spoke at an IP Enforcement Summit in London and his comments, relayed by Torrentfreak, should raise questions about whether or not this is the right person to have anything to do with stopping “crime” on the internet:

“Whether it’s Bitnet, The Tor – which is 90% of the Internet – peer-to-peer sharing, or the streaming capability worldwide. At what point does civil society say that as well as the benefits that brings, this enables huge risk and threat to our society that we need to take action against?”

The Tor is now 90% of the Internet?* Holy shit, that’s one hell of an increase since June 4th! Congratulations to the EFF for transforming almost the entire Internet into an anonymous network in less than one month!

Seriously, this guy is a fucking tool who shouldn’t be allowed to head anything, let alone a crime unit focused on intellectual “property” violations.

* Just in case it’s unclear 90% of the Internet is not The Tor. The guy is simply an idiot.

Understand the Tools You’re Using

When people first become interested in computer security they have a habit of downloading and using tools before they understand how they work. This is a major mistake as a Harvard University student recently learned when he attempted to use Tor to make an anonymous bomb threat:

A Harvard student was charged Tuesday with making a hoax bomb threat just so he could get out of a final exam.

Eldo Kim, 20, of Cambridge, Mass., was scheduled for a hearing Wednesday in U.S. District Court. He could face as long as five years in prison, three years of supervised release and a $250,000 fine if convicted of communicating the bomb threat that cleared four large buildings Monday.

[…]

Kim took several steps to hide his identity, but in the end, it was the WiFi that got him, the FBI said.

Kim said he sent his messages using a temporary, anonymous email account routed through the worldwide anonymizing network Tor, according to the affidavit.

So far, so good. But to get to Tor, he had to go through Harvard’s wireless network — and university technicians were able to detect that it was Kim who was trying to get to Tor, according to the affidavit.

Had Mr. Kim invested 15 minutes of reading time on Tor he would have learned that Tor doesn’t attempt to conceal the fact that you’re using Tor. Anybody monitoring the network you’re using can detect that you have a connection to the Tor network. With that knowledge in hand Mr. Kim would have been able to understand that being one of the few, if not the only, Tor users on the campus Wi-Fi would be a red flag when the campus received a bomb threat sent over Tor. This is especially true when his Tor connection times closely correlate to the time the bomb threat was sent.

So today’s lesson is this: make sure you fully understand the workings of any tools you use to enhance your security. Failing to do so will leave you vulnerable and often no better, and sometimes even worse, then you would have been if you hadn’t used the tool at all.

Healthcare.gov: Defenders of Internet Freedom Need Not Apply

Healthcare.gov has turned out to be quite a fiasco. During the first days of operation I tried to access the site and always received a 403 (unauthorized access) error. I assumed this error was being kicked out because of the site’s general instability. As it turns out, my Internet Protocol (IP) address has been added to Healthcare.gov’s list of banned IP addresses. The reason for this was made apparent on the tor-talk mailing list:

I’ve been running a Tor Relay (not an exit node) from my home for quite a while now, and up to this point have not encountered any issues accessing any sites. However, today I attempted to access https://www.healthcare.gov, and received a HTTP 403 response and a pretty standard 403 message. To test my hypothesis, I also tried accessing the site via the Tor network — and received the same message. In the meanwhile, a friend who does not operate a Tor relay was able to access the site. Could anyone else with a public relay confirm this issue — and if confirmed, would someone from the Tor Project be kind enough to contact the appropriate parties and explain why blocking Tor relays is a silly thing? I’d do it myself… but alas, I cannot reach the site to see who the appropriate parties would be 🙂
Thank you.

In February I setup a Tor relay on a Raspberry Pi, which has been running continuously ever since. The operators of Healthcare.gov have decided to ban any IP address operating a Tor relay, whether it is an exit or non-exit relay, from accessing the site.

It’s not uncommon for websites to block IP addresses operating Tor exit relay. Malicious individuals wanting to attack a site anonymously can and have used the Tor network. But I’m unaware of any website that has blocked IP addresses operating non-exit relays. There’s no reason for doing so since anonymized Tor traffic never exits from a non-exit relay. The only function non-exit relays have is to forward traffic from one node in the Tor network to another node.

The Affordable Care Act (ACA), and by extension Healthcare.gov, are as much political messages as they are laws. By blocking every IP address that is operating a Tor relay the message is effectively this: defenders of Internet freedom need not apply for health insurance. In all likelihood this decision, like most of the decisions revolving around Healthcare.gov, is the result of incompetence, not outright malice. But I also believe this problem is unlikely to be addressed since the current government (from Congress to the presidency to the appointed bureaucrats) has demonstrated an opposition to Internet anonymity.

Coming Attractions

As you can see I don’t have a lot of content ready this morning. Last night I gave a talk about Tor hidden services to a group of people in Apple Valley, Minnesota. I may get some material posted over my lunch hour or after work so stay tuned.

Some good news came out of Washington yesterday, the Senate basically said they weren’t going to deal with gun control at the moment. I think the bombings in Boston changed things. Suddenly the state has a new tragedy that grants them far the ability to seize far more power than petty gun control laws could manage. Voting the gun control bills down was the fastest way to get the issue out of the way so votes on enhancing surveillance powers and other expansions to the police state can commence. It looks like we have a bit of breathing room before the state decides to come after us directly again.

I’m Giving a Presentation on Tor in Apple Valley, Minnesota

Tomorrow (March 20th, 2013) at 18:00 (although the talk probably won’t start until 18:30 or 19:00) I will be giving an introduction to Tor in Apple Valley, Minnesota. The event will be held at Rascal’s Bar and Grill located at 7721 147th Street West. My plan is for the event to be an introduction to Tor, specifically what it is, why it’s important, and how to use it. If anybody reading this blog is interested in attending feel free to join us.

Nationalism on the Internet

Bruce Schneier has an interesting piece discussing the dangers of Internet nationalism:

For technology that was supposed to ignore borders, bring the world closer together, and sidestep the influence of national governments the Internet is fostering an awful lot of nationalism right now. We’ve started to see increased concern about the country of origin of IT products and services; U.S. companies are worried about hardware from China; European companies are worried about cloud services in the U.S; no one is sure whether to trust hardware and software from Israel; Russia and China might each be building their own operating systems out of concern about using foreign ones.

I see this as an effect of all the cyberwar saber-rattling that’s going on right now. The major nations of the world are in the early years of a cyberwar arms race, and we’re all being hurt by the collateral damage.

[…]

Nationalism is rife on the Internet, and it’s getting worse. We need to damp down the rhetoric and—more importantly—stop believing the propaganda from those who profit from this Internet nationalism. Those who are beating the drums of cyberwar don’t have the best interests of society, or the Internet, at heart.

Rampant nationalism online is an issue that has concerned me for some time now and it is one of the things that motivates me to push for Tor hidden services. I worry about a time when various states, in my case the United States government, being pursuing individuals who post things online that goes against the state’s desired message. If that day comes it will be important to be difficult, if not impossible, to track down. The future of the unconcealed web looks bleak but there is hope in anonymized networks such as Tor and I2P.

Tor Relay Update

Last week I mentioned that I purchased a Raspberry Pi specifically to use as a Tor relay. Two days ago I received the following e-mail:

Hello and welcome to Tor!

We’ve noticed that your Tor node christopherburg (id: 3F17 3F07 DDBB D8F6 34C7 9588 6F99 E808 1AE6 AB42) has been running long enough to be flagged as “stable”. First, we would like to thank you for your contribution to the Tor network! As Tor grows, we require ever more nodes to improve browsing speed and reliability for our users. Your node is helping to serve the millions of Tor clients out there.

As a node operator, you may be interested in the Tor Weather service, which sends important email notifications when a node is down or your version is out of date. We here at Tor consider this service to be vitally important and greatly useful to all node operators. If you’re interested in Tor Weather, please visit the following link to register:

https://weather.torproject.org/

You might also be interested in the tor-announce mailing list, which is a low volume list for announcements of new releases and critical security updates. To join, visit the following address:

https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce

Thank you again for your contribution to the Tor network! We won’t send you any further emails unless you subscribe.

Disclaimer: If you have no idea why you’re receiving this email, we sincerely apologize! You shouldn’t hear from us again.

As of this writing my relay has been running for 8 days, has sent 38.65 GB of data, and has received 38.10 GB of data. I’m happy that this thing has proven to be an effective relay. My next step is to pursue the development of a relay image that can be written to an SD card, plugged into a Raspberry Pi, and operate as a relay without requiring any additional (or, at least, significant) configuration.

How Tor and HTTPS Work

The Electronic Frontier Foundation (EFF) has posted a nice diagram that explains how Tor and Hypertext Transfer Protocol Secure (HTTPS) work in regards to security and anonymity. If you click the HTTPS button the diagram explains how HTTPS protects your data, if you click the Tor button the diagram explains how Tor protects your anonymity, if you have both buttons clicked the diagram explains how Tor and HTTPS work together to protect your data and anonymity.

Neither Tor or HTTPS are perfect, especially when you’re accessing data outside of the Tor network (in other words, not accessing a hidden service). The anonymity that Tor provides cannot protect you if you chose to reveal personal information and HTTPS is only a secure as the trust chain created by issued certificates. The trust chain created by HTTPS has been compromised before when hackers were able to acquire the root signing certificates used by DigiNotar and it’s possible that many trusted certificate authorities are willing to issue fraudulent certificate to government entities. However both tools are relatively effective at what they do and when used in unison can do a great deal to protect your identify online.

Demonstrating the Importance of Tor

I’ve discussed the importance of Tor in fighting erroneous legislation but haven’t had any excellent demonstrations of Tor’s effectiveness in fighting the state’s continuous Internet power grabs. Russia has given me a perfect demonstration of the importance Tor holds:

A Russian law passed in November 2012 aimed at blacklisting sites promoting drug use has apparently just blocked the popular drug education website Erowid.org for certain users in the country according to a post on Reddit. A Russian government site listing prohibited sites shows that Erowid was added to the register earlier this month and was blocked on February 23. Russian user GreatfulListener says it is only “a matter of time” before the block affects more Russian internet service providers.

Erowid remains available in Russia via the Tor network. In fact, the Russian Tor community has undergone significant growth over the last year. RAMP, the Russian Anonymous MarketPlace, is now providing a leading Russian alternative to the English-speaking Silk Road.

Russia has begun blocking websites related to drug use. If history teaches us anything it’s that Russia will likely increase its censorship powers in the coming years. Fortunately the blocked site, Erowid, can still be accessed by Russians through Tor. Although I primarily discuss hidden services Tor is also very important in bypassing censorship of websites outside of the Tor network. Many countries block access to websites deemed undesirable but Tor works by sending traffic through exit nodes that are located in different countries, countries where the site being access may not be blocked.

The remainder of the article discusses the Russian Anonymous Marketplace (RAMP), a hidden service where Russians can perform anonymous transactions with Bitcoins. It’s akin to Silk Road, which I’ve discussed before. RAMP, like Silk Road, demonstrate that markets cannot be suppressed and that people will always find ways around state prohibitions. Today Tor and Bitcoins are integral tools for individuals wanting to avoid state prohibitions and censorship, which is why I believe it’s important to ensure these technologies become more widespread.