IamAn operator of eight Tor relays including two exits, AMA!

[deleted]

Thank you.

I'm completely new to Tor. What are some things I should know to improve my usage? Thanks.

Welcome to Tor! Here is my advice:

• First, you should use the Tor Browser Bundle that's shown on www.torproject.org. They use a custom version of Firefox with a lot more security baked in, so it's quite safe.
• Secondly, don't reveal personal information online, otherwise it defeats the purpose of using Tor.
• Third, be careful with Adobe Flash, Javascript, and downloaded files because they are all avenues of attack on your anonymity.
• Fourth, don't torrent over Tor. It slows down the Tor network and the torrent protocols aren't safe and have been known to leak your real IP/identity.
• Fifth, if you don't trust Tor, encrypt any documents before sending them through. That way it prevents malicious exit nodes from wiretapping your files. This is not a necessary thing, but it is encouraged.
• Finally, if you ever have a need to have absolute anonymity with full protection, check out the Tails OS. You can boot that off a flashdrive. It's a distribution of Linux aimed at anonymity and security and it forces all traffic through Tor.

Can you please elaborate on the 5th point? I would think that anything you send over tor is transfered in clear between the exit node and the destination. Which means that not only one needs to protect againts a malicious tor exit node but also, as one would in any other setting, you need to protect against any potential eavesdropping happening between the exit tor node and the final destination. This is usually done via using HTTPS, SSH or any secure protocol.

Am I missing something?

Not quite. You're missing the concept of onion routing, which is what Tor basically is. Each relay along the path has its own encryption session key, so data that is passed through is decrypted in layers until it arrives at the exit, which decrypts the last layer, discovers a web request, and talks to the server. It then sends the resulting data back to the middle relay, which then forwards it to the entry relay, which then send it to you, also using encryption. Each relay operates on a need-to-know basis. The entry relay knows your IP address but not your activity, the middle relay knows nothing, and the exit node knows what website someone wanted to access but doesn't know where it came from.

If the exit is malicious, it could be wiretapping your activity. Of course, you could be wiretapped on your regular straightforward connection, or a VPN/proxy could be wiretapping you, but at least with Tor they can't pinpoint it to your identity.

The Tor Browser Bundle uses the HTTPS Everywhere extension so that HTTPS connections are used wherever possible, mitigating this attack.

Can i also add that if you are doing sensitive work and dont want your id revealed you should run your Tor inside of a VM. This preferably would be done with a VPN as well.

No, you should use the Tails OS, which is Debian-based Linux distribution which gives you significantly better security than a VM. It forces all traffic through Tor and the whole operating system is designed to achieve a high degree of anonymity and security.

At the very least, if you are doing sensitive work, don't use Windows with Tor or not. Use an open-source and publically-audited operating system like Linux.

As for VPNs, you can use a VPN to connect to Tor, but it's not a good idea to use a VPN after Tor.

How often do you get various warnings for DMCA or diddling kids?

Non-exit relays don't generate any reports because they just take encrypted information in and pass encrypted information out. There's no way for me or my ISP to know what is really passing through.

I put the exits on the first of February and since then I've been forwarded only one complaint: a downstream automated system noticed that the digital fingerprint of a virus was coming out of my exit. There's nothing I can do about that and there's no way that I can know where it came from, so I just replied that it's a Tor exit node.

Tor operators have several defenses that can help them ward off complaints. My DNS entry clearly states that it's a Tor exit, and if they visit that registration they are shown a webpage that further explains that. Then they know that I'm not actually responsible, so it's a waste of time to file a complaint.

Is there a specific DNS record for tor or is it just a title like torexit.x.com?

Tor consists of over five thousand relays, all of whom have some kind of DNS entry. The DNS entry of my primary exit node is tor-exit-node.cs.usu.edu.

Are you worried about any legal repercussions of allowing people to effectively use your internet connection? The law can be dodgy. Thanks for helping the network out though :)

Actually, Tor exit nodes are protected under US law, specifically 17 U.S. Code § 512 part A, which makes them exempt from "notice and takedown" action, just like the carriers of the Internet backbone. In a nutshell, I'm not responsible for what comes out of the exit, and the relay doesn't log any of the traffic which means that seizing it will do nothing. I haven't received any indication that they are interested in doing this, but if they visited me I would let them know all about this. If they wanted to seize the computer I would hand it to them, but the machine would just boot into the command-line so there's not much for them to find because nothing is there.

That's pretty interesting. I had no idea they were legally protected. I always imagined that running an exit node was a huge legal risk. I remember another Reddit post about a guy who had his computer seized for for running a node because they suspected child pornography, but it was returned after he explained it.

Well, there is some legal risk because you have to deal with complaints and whatnot, but usually it's not a big deal. Depends on the country of course.

That's important information that should be more widely known.

Indeed. Feel free to distribute it. :)

but the machine would just boot into the command-line so there's not much for them to find because nothing is there.

you're probably gone by now but what does this mean?

I'm still around. The computer would just boot into the command-line, so there's no graphics, no windows, no Firefox, no Chrome, nothing. Just a command prompt. Without a graphical interface it's much easier for me to show that I couldn't have browsed the web, the machine is clearly a server, and any traffic that came out of it was from Tor and not from me. If they knew how to use the command-line they could perhaps navigate to the /etc/logs and view system and Tor logs, but none of the information they would be looking for is logged, so there's nothing to see. I'm not hiding anything, it's just that data that passes through isn't recorded by Tor or by the machine.

What's to stop you from running your own shady internet dealings out of that same exit node (but not via Tor) and if anyone ever came a knockin' (DMCA, etc) you just say "No idea. Tor."

It's kind of hard to do shady Internet dealings when you only have the command-line. :)

So the takeaway here, I suppose, is, if you are going to run an exit node, use a dedicated machine which has been configured in such a way that there would be no doubt that it is exclusively passing traffic between Tor and the wider internet?

That's pretty much the idea.

This will probably make me sound like a complete neanderthal, but what exactly is an exit node?

A Tor exit node is a Tor relay that is capable of passing data from Tor to the Internet. User of Tor pass their data through three relays: an entry/guard, a middle relay, and the exit. There's a layer of encryption for each relay, so when data is passed through each relay in turn decrypts their layer and passes the traffic on. The Tor exit node decrypts the final layer and makes contact with the web server.

This image explains it pretty well: https://www.torproject.org/images/htw2.png and this page provides an good overview as to how Tor works.

Thanks, that answers pretty much every question I had.

Except for those about cheese. Somehow I am still not sure about that.

Do you think other anonymous relays are going to pop up or will tor likely be the only one

Well, there are several other anonymous networks that people can contribute to or use, such as FreeNet, GnuNet, and others, but right now Tor is the biggest player. There are plenty of VPNs out there, but the problem with VPNs is that you have to trust them and they are a single point of failure. In my opinion this makes them untrustworthy and not ideal for real anonymity, especially for any sensitive activity.

Some of Snowden's documents revealed that the NSA recognizes Tor as the king of low-latency high-security anonymous networks, which I think is really saying something.

Snowden document source: http://cryptome.org/2013/10/nsa-tor-stinks.pdf

Could we set up a lot of really slow Tor nodes (advertised as high bandwidth) to degrade the overall stability of the network

Great to know that the NSA actively wants to sabotage the Tor network because they can't exploit it.

My thoughts exactly.

I don't know much about tor other then it exist but I predicted the publicity of the shut down of the silk road would lead to more people exploring tor/deep web. Have you noticed anything like this?

The Silk Road, and the new iterations that have been created after it, are all hidden services that exists completely inside Tor. You have to be using Tor to access it, and the clever thing about Tor hidden services is that the client has no way of knowing the IP address of the server, and the server cannot know the IP address of the client, yet the two can talk to each other. This makes hidden services useful for both legal and illegal activity. From what I understand, the Silk Road was taken down through actual detective work from the FBI, rather than a break in the Tor protocol itself. The owner made several mistakes that led to his arrest.

There is certainly a tradeoff in doing police work like that. On one hand, you take down the illegal activity but you also end up drawing attention to Tor, which may lead to more legal or illegal activity. We have now seen several new version of the Silk Road, none of which I have visited, but I don't know how popular they are, so I can't directly answer you question.

One thing to keep in mind is that Tor is used for many legal purposes. I'm confident when I say that Tor is used more for good purposes than it is for illegal activity. Tor is primarily used for providing anonymity to its users, and it achieves that through routing Internet traffic through a series of relays, sort of like using multiple VPNs in a row. In this way, you can access the Internet completely anonymously, which can be very useful for many perfectly legal purposes.

Could you explain from a technical standpoint how a Tor hidden service works? I haven't been able to find a particularly good explanation anywhere.

Have you read https://www.torproject.org/docs/hidden-services.html.en?

Didn't the FBI use an old Firefox exploit that allowed it to gain the browser user's "real" IP (the one his ISP gave to him)?

I believe you are referring to a piece of malicious Javascript that was placed on the server that hosted the Silk Road. Users that visited the site were given the code, it would run and execute a memory access bug in Firefox that would allow the machine to contact an FBI-controlled server directly, revealing the user's IP. This attack was very limited in scope for several reasons:

1. It only affected people who were using old versions of the Tor Browser Bundle. The TBB notifies users when a new version is available so most people had already upgraded by the time the attack happened. Mozilla had fixed the bug upstream.

2. It used Javascript. Most Tor users are educated about the dangers of Javascript, so it only affected those who had Javascript enabled.

3. It only affected users who visited the Silk Road, which is a small percentage of the Tor user population.

4. The attack was immediately spotted by the community and dissected. From what I understand, the FBI is now unable to use that attack again.

5. Users who need a high degree of anonymity use the Tails OS, which forces all traffic through Tor. This would have prevented the malicious code from "phoning home" directly.

Tor has many vectors of attack and they do their best to defend against each one. This one was partially effective, but definitely had limited scope.

You have to be using Tor to access it, and the clever thing about Tor hidden services is that the client has no way of knowing the IP address of the server, and the server cannot know the IP address of the client, yet the two can talk to each other.

That's not entirely true. The NSA has compromised Tor hidden services and other aspects of Tor:

http://www.theguardian.com/world/interactive/2013/oct/04/egotistical-giraffe-nsa-tor-document

http://apps.washingtonpost.com/g/page/world/nsa-research-report-on-the-tor-encryption-program/501/

http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity

Can you highlight specifically what you referring to, so then we can discuss it?

I've seen those documents before, but looking over them briefly again it looks like their attacks primarily focus on Javascript and man-in-the-middle race conditions. Tor users are repeatedly warned about the dangers of Javascript, so many of them turn it off. Some hidden services also have HTTPS enabled, which can mitigate MitM attacks because the client can authenticate the server. I agree that it's very difficult to defend against such a well-resourced adversary such as the NSA and they have had minor success with Tor after much effort, but I'd also like to highlight that the NSA would have a much easier time with VPNs and it's trivial for them to look at direct connections. So in reality, Tor is one of the strongest tools out there.

Hidden services are designed to be anonymous and the hidden service operators do everything they can to avoid leaking their IP address, but there are many vectors of attack and sometimes there's a weakness that can be exploited to detect them.

My point was more specifically about the hidden services being compromised by the NSA, which those sources don't explicitly mention they were just more general links about NSA/TOR I've kept on hand.

This one is more detailed regarding the hidden services bit:

http://arstechnica.com/tech-policy/2013/08/researchers-say-tor-targeted-malware-phoned-home-to-nsa/

EDIT: As you point out these are not due to vulnerabilities of Tor but of other things, I just wanted to point out that hidden services aren't as hidden as people would like to think.

Someone else asked about the FBI malware, you may want to see my reply here.

I ran several TOR exit nodes for a couple of weeks last year and I sniffed the traffic the entire time.

After analyzing the data I determined that the benefits do not outweigh the harm, and shut my nodes down.

I'm not talking about piracy or child pornography or anything like that. 90-95% of my exit traffic was IRC-related, and nearly all of that was clearly botnet C&C.

Some people report percentages in the teens, some report 50-60%, my personal investigation was near-total usage by botnets and I'm just curious as to why there is such a disparity in the published results.

Have you looked into how your exit relays are being used?

Edit: most of the rest of the throughput was torrent traffic.

I'm sorry to hear that. If those nodes were only up for a couple of weeks you probably didn't get much traffic since it takes a while to be fully trusted by the Tor network. Nevertheless, I don't wiretap my relays for reasons I've explained here.

If you could estimate, how many exit nodes do you believe are tapped? I pretty much assume they are for all practical purposes, because they may as well be. Anonymity, not secrecy.

I have no estimate. There are over a thousand exits spread across the world. There's no way for me to know. I could throw out a random number, but I don't think that's what you are looking for.

So let's assume that they are all tapped. So no matter what, no matter how many times you change your identity, you are just moving from one NSA computer screen to the next. What do they have? The truth is, very little. Exit nodes know what website or online resource someone was after, but they have no idea where it came from. From their perspective, they unravel the final layer of Tor encryption from some data from a middle relay and find a web request, but they don't know what entry node the middle relay was talking to, nor does the middle relay know what IP was talking to the entry node. The Tor Browser Bundle uses the HTTPS Extension to prefer encrypted connections to the site, so in that case the exit knows what website you contacted but not what you sent it, since only the web server can decrypt your data. Tor encourages end-to-end encryption. If you don't trust your exit, encrypt your documents before you send them, or encrypt your documents anyway. That's what Edward Snowden did.

Thanks for doing this AMA!

I work in IT security as well, but have never ventured into using TOR. Is there any way to ensure you're not using a malicious exit node or is it luck of the draw? As in are you able to choose your nodes or is it random?

You can specify in your config file which exit you want to use. It's not recommended however, since such modification changes the routing procedures and Tor works best when it's random. The exit node can only see your end traffic and not your IP, so in that sense encryption is a good defense. The Tor Browser Bundle uses the HTTPS Everywhere extension to prefer HTTPS connections to website, greatly mitigating the problem. (That extension is a good idea in general, I highly recommend it.) If you are passing documents through Tor and you don't trust your exit, encrypt them before sending them through.

Also, the problem of malicious exit relays are being actively defended against. The Tor Project has released a tool to test if an exit node is manipulating its exit traffic. Once identified, there is a "BAD EXIT" flag that can be sent to Directory Authority servers to stop people from using that machine as an exit node automatically.

Exactly, thanks for pointing that out.

Will using tor make me more of a target or put me on a list?

I think it depends on your country. In the US, there's nothing illegal about using Tor, but it is banned in China because the Chinese government wants to enforce the Great Firewall of China and Tor is capable of punching through it. Your ISP can see that you are using Tor, but they and any watchful government/organization will have no idea what you are doing through Tor, and that's the entire point.

Not sure if 'Great Firewall of China' is a widely used term but I've never heard it. Gave me a good giggle.

Pretty sure that's the name for it for people outside China.

https://en.wikipedia.org/wiki/Great_Firewall_of_China

Could you please ELI5 Tor for me. So far I feel like I am reading Latin (which I can''t do).

The simplified explanation is that you can think of Tor like using three VPNs in a row. The goal is to hide your IP address, giving you complete anonymity online. Tor routes Internet traffic through three relays: an entry node, a middle node, and an exit. Each relay has it's own layer of encryption and the exit node is the one that contacts the web server, fetches the webpage, and gives it back to you yet doesn't know your actual IP address.

This page explains things pretty well: https://www.torproject.org/about/overview.html.en If you still don't understand I can try to further clarify terms for you.

Forgive me if this is a late question or easily answered with Google, but how does the exit node stay in contact with the client if it does not not the actual IP address?

You're not late, don't worry. See my answer to two similar questions:

• https://pay.reddit.com/r/IAmA/comments/20243q/iaman_operator_of_eight_tor_relays_including_two/cfza68d

• https://pay.reddit.com/r/IAmA/comments/20243q/iaman_operator_of_eight_tor_relays_including_two/cfz4xbq

This, a response to a similar question I had, is as close to an ELI5 as you're going to get

This image explains it pretty well: https://www.torproject.org/images/htw2.png and this page provides an good overview as to how Tor works.

You forgot the link to https://www.torproject.org/about/overview.html.en

Hey. Cool idea for an AMA!

To what extent do you use TOR yourself?

What kind of servers do you use ? Looks like they are on the same AS number.

What do you think about the future, will you keep running and be forced to let them go?

I use Tor from time to time, but I primarily contribute to it. When I use Tor, I prefer using exits that I know, such as mine or the one at MIT.

I run a minimalistic headless Debian installation on my exit and watch logs pretty closely.

I think I'll be able to keep them running for a long time, or at least as long as I have good Internet that can support multiple megabytes/sec passing through it. Right now the exits are on gigabit/sec connections. Once I leave the university, I'll still be able to monitor/control the machine remotely and handle abuse complaints, but I'll hand physical control over to someone else.

What are you looking for in the logs?

I'm watching Tor, bandwidth usage, the firewall, CPU usage, auth logs, etc, etc. Just making sure that everything is going well. Linux gives you the ability to monitor and control many details of a computer.

Once I leave the university, I'll still be able to monitor/control the machine remotely and handle abuse complaints, but I'll hand physical control over to someone else.

How is this possible, are they sponsored by the university? Or do you have friends who will stay there longer?

Well, I haven't gotten to this point yet, but I could talk to the local university sysadmins about where to permanently store the machine. I'd then let IT Security know that the exit was hosted there since I coordinate with them.

Not really a question but... I just wanted to say that I also run a few non-exit nodes but come from a totally different background, no formal training in security or IT, I just spent an entire childhood fucking around with computer networks. The stereotypical hacker kid but I was very careful to avoid breaking the law (mostly).

My point is, I know what it takes to run these things securely and wanted to say thank you for all your hard work. If I had more money I'd be right there with you.

I'm also currently unemployed, I don't suppose you're hiring? ;)

Thank you.

I'm not in a position to hire people, as I'd like to get hired myself. :)

What do you see for the future of Tor? What do you want to see?

I predict that Tor will grow. As governments and organizations around the world increase their monitoring of the Internet there is a greater and greater need to have systems that can escape that. There's nothing illegal about being anonymous online, and I believe that people have a right to privacy and that "unwarranted searches and seizures" also applies to electronic data too. People should have the ability to hide themselves, not because they have anything to hide, but because they have a right to be hidden.

Do you think you could give an example of a few good legal reasons for using Tor? Edit: I guess to clarify: as a typical internet user, which legal activities should I be doing through Tor ?

I could, but I think it's better explained on these pages:

https://www.torproject.org/about/overview.html.en#whyweneedtor

https://www.torproject.org/about/torusers.html.en

To what extent has Tor source been audited? What do you think the chance is that Tor itself has been compromised?

Tor relies on open-source and well understood technologies. The entire project is open-source so anyone can examine it. I believe Mozilla recently did a security audit of Firefox, which would mean that the Tor Browser Bundle would receive the benefits of that audit. It's really hard to insert a backdoor into something if all the code is open-source. Someone is bound to notice it.

Tor has been studied by developers, the academic community, and regular people for years. Onion routing schemes have been around since the late 90s, and RSA and other cryptographic techniques are older than that. I'm not aware of any complete audit of Tor, but I think it's safe to say that Tor uses technology that has all been audited, or at least thoroughly examined.

Do you host the servers yourself or rent a server?

I host the servers myself on my own machines and registered static IPs with my ISP myself.

As an aspiring Tor relay host I want to ask you:

1. How did you get started with Tor?

2. Any tips or sources for me to further my interest?

Thanks!

I heard about Tor through online discussions. The NSA/Snowden debates really made Tor popular and prompted me and many others to contribute. There are actually several relays that now have Snowden's name attached to them, which I think is pretty neat. I find Tor interesting from an academic standpoint, the project is pretty solid, they've got a great website, and the community is pretty good.

I would recommend that you do a lot of reading. Read everything you can on torproject.org. Join the discussions on the email mailing lists. Run Linux as your primary operating system. (For everyday use I run Linux Mint and haven't booted into Windows in 18 months.) Study how Tor works and learn about the NSA's attacks against it. Follow the blog on blog.torproject.org. There's a lot to learn!

Do you think that most nodes are compromised by the NSA?

It's very hard to answer that question. How could we tell and really be sure? We know from the Snowden documents that the NSA does run some nodes, but I really believe that the vast majority of them are safe. We're talking about over five thousand relays, over a thousand of whom are exits, spread across the globe. Hard to catch them all. That vast majority of Tor relays are hosted on Linux and some are hosted in commercial clouds.

Having only some thousand nodes is exactly my concern, this is just too few. The NSA could be running the majority, and if not, suppose there is 5k trustworthy nodes. Then NSA runs 5k nodes as well and we have 10k nodes, which is "safer" than 5k so everyone is happy. (The implication is that if it wasn't for the NSA, we would have 2k or 3k good nodes, or even less - it seems hard to pinpoint the number because they could have "infiltrated" from the beginning).

Actually, do you have evidence for not being on NSA payroll? It's hard to prove a negative right? Now multiply it for every other relay operator.

Realize that the same argument could be used against VPNs. There is no foolproof defense possible short of knowing me in real life which is impractical for all Tor relay operators.

What choice do you have? Direct connections can be monitored, VPNs could be compromised, and all of Tor could be broken. At some point you have to trust someone. I trust Linux over Windows, I trust Tor over VPNs, and I trust VPNs over a direct connection.

[deleted]

Run a non-exit node. They just pass encrypted information through the Tor network, so they never directly contact the outside.

Are exit nodes dedicated machines or can you run an exit node from your PC? Is running an exit node from your PC feasible or safe at all?

Exit nodes should be dedicated machines on their own IP. The reason for this is primarily two-fold: 1) because mixing your personal traffic with the traffic from the exit is a bad idea because when someone accuses that IP address of illegal or bad activity (which will happen rarely but occasionally) you will have no defense in trying to explain that it wasn't you, and 2) exit nodes are often banned from sites because of high traffic loads or because of abuse, so sharing that IP would mean that you are also banned.

If you want to run a relay from your PC, try a non-exit relay, which passes encrypted traffic through the Tor network. Check with your ISP's policies first though just to make sure that they are ok with something like that.

Interestingly, Obamacare's website (healthcare.gov) bans all IPs of Tor relays, non-exits or not.

Once the data leaves from an exit, how do the relays know how to return the data back to the original requester (accessing a web page?)

The exit node knows which middle relay to send it to. That middle relay knows who which entry node to forward it to, and that entry node knows your IP. Every relay operates on a need-to-know basis, and there's layers of encryption so that no relay can know more than what it's supposed to, and no outsider can look in.

What's to keep the FBI from installing there own relays and nodes and sniffing information on the network?

Nothing, but the very nature of an onion-routing scheme is that there is very limited information that can be gained by such an attack. Each relay operates on a need-to-know basis. Exits, for example, can only see the webpage that the user is after but doesn't know who or where that user is.

Sniffing an exit has been and continues to be a vector of attack, which is why Tor encourages end-to-end encryption. They included the HTTPS Everywhere browser extension, which prefers HTTPS connections over plaintext ones. If you don't trust your exit, encrypt your documents before you send them.

Ahh, ok, I see now. Thanks for the clarification!

Not a problem. Also, I should point out that it takes many weeks for a new relay to be trusted by the Tor network. You can't just set up a relay on a gigabit connection and then expect a gigabit of traffic. It's going to start very slowly. Over time, the relay will be trusted more and more and it's utilization will increase. If it's configured as a non-exit, it will spend several weeks as a middle relay, which knows nothing. If it's stable and fast enough it may graduate to an entry relay, whereupon it is granted the ability to be the first hop in the circuit and see user IP addresses, but even then it can take three months for users to switch to trusting it.

This scheme largely mitigates the kind of attacks you are describing.

What did you think about silk road?

I'm not in support of illegal activity that occurs within Tor. I think it gives Tor a bad name. It was however inevitable that someone took advantage of Tor's anonymity system to set up a black market like that, but I'm still not in support of it.

Why do you not use the MyFamily setting in your config files?

I should, it's a good idea to. I recently renamed some of those relays and to avoid confusion on the Tor network I just dropped the MyFamily flag temporarily. I'll put it back up now that everything is more stable, thanks for the reminder.

Even though I'm already familiar with Tor/Tails this was one of the best AMA's I've ever read. If everyone out there who owes you a beer for what you're doing paid up you'd be beered for life. Know that many anonymous users thank you!

Well thank you.

I felt like this was a good subject for an AMA, it kind of needed to be done. :)

My friend is quite curious and it's rubbed off on me, how malicious are hidden services sites. He always wondered what these sites even looked like, but is too afraid to try it for fear that they'll use some form of malware or virus etc to attack his computer. Where's the safety in this?

Hidden services are usually quite safe, but then you never know. The same argument could be used against regular web servers too. You have to trust google.com not to inject malware onto your computer, don't you? Same thing for Tor hidden services. Personally, I think the fear of malware/viruses is a bit overblown. Just be smart about where you go online, use a modern browser like Chrome or Firefox, and you'll generally be fine. I run Linux Mint as my primary operating system, so the vast majority of malware out there doesn't affect me.

I use DuckDuckGo as my main search engine. You can get to it by visiting www.duckduckgo.com, or by opening the Tor Browser Bundle and visiting http://3g2upl4pq6kufc4m.onion/ where it is hosted as a Tor hidden service. That's perfectly safe and legal to access.

(Serious question)How do the CS and university IT departments feel about you running a Tor node at USU? I'm honestly wondering if they know/gave you permission - I've worked higher ed IT for almost 10 years now and most places I've worked would not be so pleased with you.

Of course they know. They can see the Tor traffic and the thousands of connections to my IP flowing over the border firewall. I've been coordinating with IT Security and the CS sysadmin here. I've done my homework and I've set things up so that there's a minimal load on their end. For example, if they receive any complaints they know to forward them on to me and I'll take care of them, and there's basically been no complaints so far. They are generally in favor of Tor relays and approved my exit. I think a good part of it has to do with having a good reputation, making a good first impression when requesting something like this, and working with the right people.

Non-exit relays pass encrypted information through the Tor network so they generate almost no problems for sysadmins. It's the exits that are controversial with ISPs.

When I asked if they know I meant that to imply that you worked with them on getting it set up and didn't just "go rogue." Glad you did it the right way. I've gotten a few students in trouble in my time for doing things they shouldn't have been doing with university equipment and then claiming it was research related (1 out of 20 so far was not lying). It definitely helps the jaded IT people feel better about you that you got them involved. When people feel like they can just do whatever they want in the name of their research it makes the IT monkeys angry and start throwing poop.

Well so far I seem to have avoided anyone throwing poop at my face, but I'm just a grad student so it may have yet to happen. I really respect the people I work under and try to coordinate with them whenever there's a possibility that my activities could do something upstream or otherwise cause issues for them. The IT Security guys here are really cool and I enjoy talking with them anyway.

I initially proposed the idea of running an exit over email, (after spending over an hour crafting it) and when they got back with me and approved the idea I ran up to their office to thank them. That's when they said that they had been watching my Tor activity and were thinking about running a relay themselves, so they were happy to let me handle it. Typical computer guys, solving problems with another layer of abstraction. :)

What does all of that mean? And feel free to dumb it down to the point of using finger puppets. I won't be offended.

These webpages might help:

• https://www.torproject.org/about/overview.html.en

• https://www.torproject.org/about/torusers.html.en

If you are still confused, let me know and I can try to clarify.

I'm still confused, but please don't clarify.

Well I can clarify and ELI5 if you want. What exactly are you confused about?

What does tor do?

Tor is a method of hiding your IP address while allowing you to access the Internet, which basically means that you can access online resources without anyone knowing your identity or location. This can be extremely advantageous in many ways and for many legal purposes.

See https://www.torproject.org/about/overview.html.en and https://www.torproject.org/about/torusers.html.en

Have you ever tried running wireshark or something equivalent and profiled the sites visited by users?

(I understand the data wont be visible due to most sites now using SSL, however, the URL's themselves should be visible on the exit nodes right?)

Wireshark and tcpdump are two of the most common tools for monitoring network activity. I don't run these because that would reduce my legal defenses: I'm not a lawyer but I think such tools would violate 17 U.S. Code § 512 section a4, which I certainly don't want to do. Even if I did wiretap the connection, there's not much I can gain: there's no way of knowing the identities/IPs of users because from my perspective the data came from the middle relays, which aren't even contacted directly by the users. I'm therefore unable to do any kind of profiling. Tor is very clever in this sense; they have protection against malicious relays.

The only way that I could do profiling is if I controlled the entry, middle, and exit node in the circuit and had some way of tracking a target's connection through all three and distinguishing it from all the thousands of others using those relays. Then I could see the user's IP address on one end, and their activity on the other. This would only work for about 10 minutes before a different set of relays was used, which happens periodically or whenever the Tor user wants it to.

[deleted]

https://pay.reddit.com/r/IAmA/comments/20243q/iaman_operator_of_eight_tor_relays_including_two/cfz4abp

Where can i download Tor from?

The front page of www.torproject.org

Thanks for your service its people like you that make us truly free

Happy to serve.

Where is a good place to host an exit node? VPS host preferably.

I'm not sure. Amazon maybe? You may have to check policies. Certainly you don't want to run it on a machine that you use, or on an IP that you share. Both the machine and the IP should be dedicated.

You'll likely want Linux hosting. Once you find a good host, check out https://www.torproject.org/docs/debian.html.en and https://www.torproject.org/docs/tor-doc-relay.html.en#torrc for instructions as to how to install Tor.

Why does for no longer work for tablets/mobile? The app is fucked now, know of any plans to fix it?

Eh? Works fine for me. If you're on Android, check out the Orbot app, which can force all mobile traffic through Tor. There's also a mobile browser that uses Tor by the same developers.

I'm on android. Have the orbot and orweb apps. The latest android update made it stop working I think.

Ah. Well I'm sure they'll fix that then. The Tor developers are very active.

Do you plan to continue this after you graduate? Is it a hobby or are you being paid?

It's a hobby, I'm not being paid, and I'll contribute to Tor as long as I can.

where can i download Tor from?

The frontpage of www.torproject.org

I'm interested in tor and have used it before, i am also a CS major.

Knowing these things is there anything I can do to benefit the tor community? (eg making fixes to open source code, hosting/setting up a node, something something bacon?)

You could help explain Tor to others. If your university has a Linux, open-source, or security club you could study Tor and then explain it to them. Education works well against the "Tor and Bitcoins are only used for illegal activity" perception. Follow the Tor blog at blog.torproject.org for the latest news.

You could join the email mailing lists and help out there. You could also run a relay, but check with your ISP's policies to make sure that that's ok, since some don't allow servers/Tor. Contributing code is also good too, but I haven't done that yet myself.

I would like to support the TOR project but my internet connection is not very fast. What are the minimum requirements in bandwidth for a relay or an exit node to be of any use?

The minimum requirement is 50 kilobytes/sec each way. That's a 400 kbit/sec connection. Please don't run an exit on that kind of connection (and never on your home connection anyway) but you may want to look into running a Tor bridge. See https://www.torproject.org/docs/bridges.html.en and the section on setting one up. Note that the latest version of the Tor Browser Bundle does not include Vidalia so some of the online documentation may be outdated. Once you understand what bridges are and how they work, visit https://www.torproject.org/download/download.html.en, click Microsoft Windows, and choose the download titled "Vidalia Bridge Bundle". That's what I would recommend in your case.

See also https://www.torproject.org/getinvolved/volunteer.html.en

What career are you aiming for?

Computer and network security. I'd take computer science or sysadmin jobs, however.

Are you able to monitor at all any of the data from the exit node before it's re-routed? I was always wondered how secure the pass is from exit nodes.

I watch the status of Tor and the status of the machine over SSH, but I don't monitor the details of the traffic for reasons I've explained here.

People mainly use Tor to increase the amount of privacy they think they are given. Can you convince me that Tor actually makes anything more secure, knowing that over half of Tor's funding comes from the USfg?

Good question. First let's look at who uses Tor: https://www.torproject.org/about/torusers.html.en. As you can see, the military and law enforcement both use Tor and rely on its security, so there's clearly a need for the government to make sure that Tor is up-to-date and has strong defenses. I think it's reasonable to assume that they provide funding because of this need, rather than as a public service or because it's compromised.

Tor is open-source, so anyone can look at the code. It's exceptionally difficult to insert backdoors into open-source products. If you look at the list of relays you'll see that they are spread all over the world. It's very difficult for me to prove to you that a given relay is not compromised, but really the same argument could be said against VPNs. As I've explained in another post, VPNs are just a single relay and also have to be trusted, so if I were leading a government I think my time would better be spent setting up fake VPN companies rather than trying to break Tor.

Also, if you look at Snowden documents relating to Tor, you'll see that the NSA has seriously been trying to break, crack, destroy, manipulate, wiretap, and generally compromise Tor, with little success. Those were internal documents, and I think it's reasonable to say that the NSA coordinates closely with other branches of government, especially in electronic matters. Why would they go through so much effort with Tor if it was already compromised? It just doesn't make sense.

Bottom line, in my opinion all the evidence points to them funding Tor because the government has a need for Tor, and not because Tor is compromised. Besides, if you had broken Tor, why would you do something so obvious as pour money into it?

how likely is it to get caught at an entry or exit node?

Extremely unlikely, and here's why: an entry node knows your IP but can't see through the encryption to know what you are doing online. A middle relay doesn't know anything. An exit knows what websites you want to contact but doesn't know who or were you are. Each relay in the three-hop circuit operates on a need-to-know basis. Even if an attacker was controlling all three, the selection of relays changes periodically.

First off, thank you for running these.

Did you discuss TOR with the legal department at your school before the project? If so, how did you convince them (if that was necessary)?

Did you communicate with your schools ISPs to let them know to ignore traffic from the exit nodes?

You reference 17 U.S. Code § 512; do you know of any cases involving TOR, especially at edus?

Thanks!

No, I just discussed it with IT Security. They were in support of the idea since I had covered my bases pretty well. They did give me some advice as to some steps I should do to further cover myself legally, most of which I had already done.

Yes, as part of my communication to IT Security I told them that it was an exit node and to forward any and all abuse complaints to me and I'd take care of them. It also helps that my DNS entry is tor-exit-node.cs.usu.edu and that visiting that page gives a webpage further clarifying that it's a Tor exit node. It's pretty obvious. They know to not freak out when something unusual comes out of my exit, but if necessary to let me know. It's all about saying "I've got this idea, and I've covered my bases so it won't incur any additional load on your part, can you approve it?" and if you've got a good reputation it should go though. Their Internet policies already seemed like I'd be ok, so I knew I had a head start.

I don't know of any legal cases involving Tor, even at .edus. From the Tor Legal FAQ:

We aren’t aware of anyone being sued or prosecuted in the United States for running a Tor relay. Further, we believe that running a Tor relay — including an exit relay that allows people to anonymously send and receive traffic — is lawful under U.S. law.

As a fellow Tor exit node operator, I salute you!

Hey, hey! If you don't mind saying so, what exit do you run? I'm just curious.

As someone who doesn't own any servers, how can I contribute to the network?

You could run a bridge, learn about Tor and spread the word, or help others install Tor or run relays. There's plenty to do that can help Tor.

[deleted]

First, the latest stable version of Tor is 2.4.21. Please see https://www.torproject.org/docs/debian.html.en#ubuntu

The biggest thing is to lock down your firewall so that only the essentials (both Tor ports, any remote access, etc) can get in. If you log in via SSH, use a non-standard port and enable RSA authentication.

Thanks for setting up a relay!

I'm interested in cryptography. Where would I start reading and what can you recommend for a complete noob? Atm I'm reading the code book by Simon Singh

I'm not sure, I learned about crypto mostly from class. This big players are the Diffie-Hellman-Merkle key exchange, encryption algorithms such as AES, RSA, and ECC. We are also seeing a move from AES-GCM to ChaCha20-Poly135, but the change is coming slowly. Google's already implemented the ChaCha20 cipher suite on their servers, but the problem is getting it to work efficiently client-side too.

Can we see a picture/image of your server room (assuming you have one), I want to work in networking with an IT degree and I'm curious as to what this type of hardware looks like.

There's nothing really all that exciting to look at. All the relays and the exits are running on regular machines, there's no blade servers or anything fancy like that. Both exits are running on the same physical machine, but it's just a regular lower-end desktop.

Tor doesn't require fancy hardware since 1 regular CPU core can handle the crypto of 100 mbits/sec. The more important thing is setting it up, and I manage my exits in the command-line.

Can you surf anonymously using current Tor bundle running windows 7?

Yes. If you were doing something really sensitive then I would recommend Tails OS, but Windows should work.

The problem with Windows is that you have to trust Microsoft that they didn't put a backdoor in your system. Windows, unlike Linux, is closed-source, which means that you and everyone else is unable to audit the code and examine it for yourself. It is much easier to insert a backdoor or other things into products that are closed-source because few people have access to the source code.

I run Linux Mint as my primary operating system. I play games, surf the web, do programming, and do general stuff with my machine all the time. I'm orders of magnitude more productive in Linux than I am in Windows, and I haven't booted into Windows in 18 months. :)

I use Tor on android with orbot and torweb. Is this any more safer than downloading the online Tor bundle, the same or worse?

Is there more to Tor than just visiting the hidden wiki and clicking on the links there? (most are broken).

Tor gives you much more than hidden services. It allows you to browse the web anonymously, so that no one knows your identity or where you are. This can be extremely advantageous in a number of situations and for perfectly legal activities.

Someone needs to update the Hidden Wiki to reflect the changes. If those links are broken that means that the hidden services are down or have moved to another address.

Do you ever sniff your exit traffic just for fun to see what people are accessing?

No, and I've explained why here.

Hey there I am really into the computer security scene. I have followed the latest zero-days and conferences(defcon, blackhat) and frequently use many security tools. So much so that I am seriously considering a degree in security. Bearing in mind that I am in the UK so the education is slightly different, could you tell me about your time studying computer security? Do you need a lot of maths? is the workload difficult? perhaps most importantly, do you enjoy it? is it what it lives up to.

Furthermore, would you say that security is a dead field? From what i've heard it is very much alive and growing exponentially as security is being considered as a serious threat by many organisations. If I do go into security, it would be great to get a job at a security company. Is this realistic? Hope you reply soon. Take care

I should follow the blackhat/defcon conferences more, you've one-upped me on that. Good idea.

Computer security ties in to cryptography, which uses math. So in that sense it would help to know how RSA, ECC, AES, and other encryption schemes work. I haven't found the workload too difficult so far, and I definitely enjoy it. You have to think both offensively and defensively. You can't defend yourself if you don't know how you are going to be attacked, and you have to know enough about the attack to know how to defend. I enjoy this dualism and the ability to mentally switch around. I personally prefer defending, but I have done penetration testing in the past and that is neat. When you're on the offense it's a challenge. It's your skills and knowledge against the guy who says "I bet you can't do X" and now you feel that it's your job to try to do X. Likewise you could also surprise your opponent with the amount of information that you are able to gather about him remotely, or the fact that he overlooked some critical defenses. Programmers, for example, are so mentally in the zone about how their system works that they sometimes are unable to escape and think about exploits. That's when it's your job to say "well you've got X defense against Y, but I can bypass it with Z" and they may have not thought about it. It's like that line in the Princess Bride: "the Battle of Wits has begun."

I find the field to be quite active. If you want a sample, see blog.torproject.org. As long as there are computers and electronics there will always be a need to secure them. I don't see the field going away anytime soon. I too am looking forward to a job; I'd like to see myself near the frontlines because it's always exciting there. It's possible to get hired by a company and work for them in their office doing security, but it's also possible to do security consulting. In that case you and your coworkers become mobile and are called to advise and assist wherever you are needed. There's a lot of possibilities.

Do you think it is a good idea to use TOR for everyday use or is that a little too much? I primarely use the webbrowser Srware Iron or just google chrome with javascript disabled and ghostery..

I would also recommend the HTTPS Everywhere extension.

I have friends who use Tor all the time. It's up to you. The downside is that Tor is slower than a direct connection because your traffic is relayed through three Tor nodes and you may have to go through additional CAPTCHAs on forums and whatnot. But the choice is up to you.

I've been thinking about running a Tor relay, but I don't feel that I'm experienced enough to secure it. Do you have any tips for securing Tor relays (on *nix)? In my travels through the net I've come across using logwatch, either disabling external ssh access or only allowing public-key authentication, (the obvious keep it up to date), SELinux/AppArmor, do you have any suggestions about other things to use or suggestions about using the things I've listed?

First, make sure that your ISP is all right with you running a relay. Just check their policies, it should be clear. Second, for exit nodes don't use your home IP address, but for non-exits it should be okay. I think the most important thing you can do is lock down the firewall. UFW is a easy firewall to use on Linux, although you may prefer using something more advanced depending on your experience level and taste. Allow remote access only from specific IPs or IP ranges, use a non-standard SSH port, and configure SSH so that RSA keys are required.

If you are going to run the relay on a dedicated system, set up an minimalistic Debian installation with just the command-line. The fewer things you have installed and running the better, because there's less to exploit. Once you've gotten to that point, explore additional options.

Perhaps a bit off focus... What freeware or combination thereof would you recommend for detecting and cleaning malware from windows 7? What path would you recommend to a non tech person for migrating to and or adding another operating sys like mint linux? I really appreciate this AMA, thanks!

It's been a year and a half since I last booted into Windows, so my knowledge of antivirus is a bit dated. I don't think I'm the right person to ask. You might try a subreddit with a community that could better help you.

For someone new to Linux such as yourself, I would recommend Linux Mint. I think the first thing you need to do is read. Browse http://www.linuxmint.com/ and other sites to familiarize yourself a bit with it. Much like a car, Linux does a lot for you but you are definitely in full control. Good to read the driver's manual before going to the DMV for the first time, yes? Same thing here.

When you are ready, visit http://www.linuxmint.com/download.php and choose the Cinnamon edition. If your machine is 64-bit, choose the 64-bit edition, otherwise 32-bit. If your machine has more than 4 GB of RAM, it's definitely 64-bit. If you have no idea, choose 32-bit. Either way, go and download the .iso file. You can use a tool like UNetbootin to burn it to a flashdrive, and then boot your computer off of that. Then you can install Linux Mint alongside Windows, which is called a dual-boot. When you have read up on Linux and are ready to burn the file to a flashdrive, get back with me and I can walk you through it.

You may want to also visit /r/linuxmint and /r/linux, although the latter can be quite technical at times.

Duck duck go is a tor search engine

No, it's a regular search engine, like Google.com. It just happens to be hosted as a Tor hidden service as well as a regular website.

I thought it show hidden services

As far as I know there isn't any search engine for Tor hidden services.

Thank you for doing this ama alot of people dont know about TOR

Your welcome. That's one of my primary purposes with this AMA. :)

Feel free to spread the word. Education works well against incorrect perceptions too.

I tell everyone to use TOR just wish i could host relays im using an android phone no severs cant afford a pc or servers thank you man for trying to get the word out

You can with the Orbot app. Just leave your phone plugged in on a steady Internet connection. A relay on a smartphone is far from ideal, but I'm just saying that you can do it.

Thank you again for the relays im by no means as smart as you i just want to keep my browsing private Snowden is a hero

Just use Tor then on your phone.

How secure is Tor actually? People use it for the craziest things. Can you still be tracked if someone really wanted to find you?

If you run everything that the Tor Project gives you and follow their recommendations (run Tails OS, disable Javascript, don't torrent over Tor, don't reveal personal information online, encrypt your stuff, etc) I believe Tor to be one of the most secure anonymity systems out there. It's designed so that each relay operates on a need-to-know basis and no logs are kept.

One of Edward Snowden's first steps was to tell the Guardian how to use Tor, GPG, and the Tails OS, and he had to defend against the NSA. I think that speaks a lot for the security of Tor.

What got you interested in computers?

I've always been interested in computers. Ever since I was a young kid they have always been fascinating to me. I remember some of the early Internet concepts in the 90s: dial-up, Netscape Navigator, and early email. My interest has grown, and I see computers as an extension of our brain; they excel at high-speed data processing and are capable of remembering vast amounts of information, which our brains struggle with, yet computers struggle with creativity, evolution, and original thinking, which we are good at. The two systems complement each other, and I don't see computers going away any time soon.

Awesome AMA topic!

What is the cost of running a tor relay? I understand the general premise of it, but how much information can be shared through a relay at any point in time and really, what is the price per set amount of data?

How difficult was it to become the operator for tor relays?

Are entry nodes set up in the same way as exit nodes? What stops someone from controlling an entry node, a relay, and an exit node and with that, being able to see who is accessing what data?

1. It doesn't cost much. I'm at a university, so I've already paid for the resources along with all the other students. If you want to host one yourself, you may have to pay someone (like your ISP) for bandwidth.

2. I'm not entirely sure what you mean here. Tor nodes operate on a need-to-know basis and there are multiple layers of encryption. Entry nodes know your IP but don't know your traffic, middle relays know nothing, and exits know what websites you are contacting but not who you are. That's assuming that all the relays are malicious, but since Tor doesn't log any traffic that information isn't often compromised anyway.

3. If you know Linux, it's not difficult. Setting up a relay involved locking down the firewall, installing and configuring Tor, setting up remote monitoring, and then leaving it alone.

4. No. All Tor nodes have what's called an "exit policy" which describes what traffic they let out. By default, they let nothing out, but if you do, then you become an exit.

5. There's nothing stopping them from doing that. It's just a difficult attack because the relays are chosen mostly at random and the choices change every 10 minutes. If you were in control of an entry, a middle, and an exit node and could somehow keep track of a user's connection through all three and distinguish it from the thousands of others using those relays, you'd have about 10 minutes or so before a different exit was chosen. A Tor user can also switch to a different set of nodes whenever they like too.

Do relays act as entry nodes? Would it be possible to set up a bunch of entry nodes and gather a list of real IP addresses of people using Tor?

A new relay will be a middle node for a good amount of time. It takes many weeks to be trusted by the Tor network. They have to draw a line between being able to introduce new relays and that vector of attack. However, if one could control the over four thousand non-exit relays across the globe, then yet that attack would be feasible.

How much traffic do your servers generate in a month? How do you finance this (who pays for the bandwidth)?

I'm at a university, so I guess part of everyone's funds go to paying for the university's total bandwidth.

It depends on the activity, but together usuguard2 and usuguard3 pull 280 GB/day. My exits are newer, but they will eventually get above that amount.

I am a rising computer science student and avid programmer. So far the emphasis in my curricullum is programming but I am interested in anonimity networks and networking in general. Where can I start and do some learning for my own so I can be ahead of the pack?

Awesome! I think you've chosen a great career path and one that will never die. Here are some things that you could do:

• Run Linux. I'd recommend starting with Linux Mint, and then perhaps move to whatever distribution is most comfortable to you. I haven't booted into Windows in 18 months. You'll gain a lot of knowledgeable about how your computer works, and you'll likely be orders of magnitude more productive in Linux than in Windows. It also looks good on a resume, since Linux dominates the server world.

• Learn to use git. I'd recommend github.com. Seriously, revision control systems will save you massive amounts of time in the long run. I've been contacted by Google because of my Github profile.

• Do a lot of reading. For Tor, try the torproject.org or blog.torproject.org. You can find tons of Linux, programming, and networking resources online.

• Learn more programming languages. Python and C++11 are big right now.

That's all I've got for now. Good luck to you!

Just want to +1 the Linux Mint suggestion. I've used many distros over the years and Mint is the one I've stuck with. I think it works well for beginner and advanced user alike. As with Jesse_V, I don't boot into Windows from one year to the next.

Nice! I'm thinking about switching to LMDE because Debian has a greater stability record than Ubuntu, but it may be some time before I switch since I have everything set up and comfortable at the moment.

I'm somewhat new to TOR but my questions is more security related. When data leaves the exit node, it is then sent to my computer. How is this still considered anonymous? Couldn't the data just be intercepted en route?

You may want to review https://www.torproject.org/about/overview.html.en#thesolution

Requests to fetch webpages are sent down a three-hop path, known as a circuit. The exit node peels off the final layer of encryption, finds the webpage and requests the information. It then forwards this back up the circuit to you. The exit node doesn't know your IP, it just knows the middle relay to send it to. The middle relay knows the entry node to forward to, and the entry node then sends the information to your computer. Remember that there are layers of encryption down the circuit, so the information from the exit is encrypted in such a way that only you have access to it. The entry and middle nodes have no way of knowing what webpage you requested or what the web server gave back to you.

How do i find what I am looking for? Is their a Tor "google"?

Your question makes no sense, but I think you are looking for the Tor Browser Bundle, which is on the front page of www.torproject.org

Use that for web browsing through Tor.

I imagine /u/Neandros was asking about a search engine within the tor network. Y'know, there are people who aren't computer experts but still know that the IE logo on their desktop isn't called 'the google'.
To dismiss someone's question as not making sense because you don't understand it isn't particularly constructive if you're trying to inform and educate.

My apologizes to /u/Neandros then. I meant no offense, I just didn't understand what he was asking. I'd be happy to answer whatever questions he had, I'm in no way insulting his intelligence.

Do you have any way you can prove this? (I understand this may not be possible given the nature of Tor, in which case /r/casualiama would be better.)

Please see the contact fields in the links to the relays that I posted. I'm Jesse Victors, and I'm using my non-anonymous account for this AMA. That should be sufficient proof, but if not let me know and I'll try something else.