0:00:00.000,0:00:10.019
silent 31C3 preroll titles
0:00:10.019,0:00:15.509
applause
0:00:15.509,0:00:19.400
Roger: Okay, hi everybody! I’m Roger[br]Dingledine, and this is Jake Appelbaum.
0:00:19.400,0:00:21.910
And we’re here to tell you more[br]about what’s going on with Tor
0:00:21.910,0:00:26.070
over the past year. We actually wanted[br]to start out asking Laura to give us
0:00:26.070,0:00:29.540
a little bit of context from her[br]perspective, about Citizenfour,
0:00:29.540,0:00:33.510
and the value of these sorts[br]of tools to journalists.
0:00:33.510,0:00:39.530
applause
0:00:39.530,0:00:46.150
Laura: So. Am I live? Okay. Roger and Jake[br]asked me to say a few things about Tor,
0:00:46.150,0:00:49.660
and what does it mean for investigative[br]journalists. And I can say that certainly
0:00:49.660,0:00:54.020
the work that I’ve done, on working with[br]disclosures by Edward Snowden, and
0:00:54.020,0:00:58.600
first communicating with him would not[br]have been possible. Without the work
0:00:58.600,0:01:03.340
that these 2 people do. And that everybody[br][does] who contributes to the Tor network.
0:01:03.340,0:01:06.460
So I’m deeply grateful to everyone here.
0:01:06.460,0:01:12.950
applause
0:01:12.950,0:01:17.050
When I was communicating with Snowden[br]for several months before I met him
0:01:17.050,0:01:21.520
in Hongkong we talked often about the Tor[br]network, and it’s something that actually
0:01:21.520,0:01:26.780
he feels is vital for online[br]privacy. And, to sort of
0:01:26.780,0:01:31.299
defeat surveillance. It’s really our[br]only tool to be able to do that. And
0:01:31.299,0:01:35.610
I just wanted to tell one story about what[br]happens when journalists don’t use it.
0:01:35.610,0:01:39.159
I can’t go into lots of details, but[br]there’s a very well known investigative
0:01:39.159,0:01:42.969
journalist who was working on a story.[br]He had a source. And the source was
0:01:42.969,0:01:48.060
in the Intelligence community. And he had[br]done some research on his computer,
0:01:48.060,0:01:53.460
not using Tor. And I was with him when[br]he got a phone call. And on the phone,
0:01:53.460,0:01:57.490
the person was saying: “What the fuck were[br]you doing looking up this, this and this?”
0:01:57.490,0:02:00.640
And this is an example of what[br]happens when Intelligence agencies
0:02:00.640,0:02:05.030
target journalists. So without Tor[br]we literally can’t do the work that
0:02:05.030,0:02:09.218
we need to do. So thank you,[br]and please support Tor! Thanks!
0:02:09.218,0:02:11.058
applause
0:02:11.058,0:02:17.180
Roger: Well, thank you![br]continued applause
0:02:17.180,0:02:22.100
Jacob: So to follow-up on what Laura[br]has just said: We think it’s important
0:02:22.100,0:02:25.970
to really expand, not just into the[br]technical world, or to talk about
0:02:25.970,0:02:31.000
the political issues in some abstract[br]sense. But also to reach out to culture.
0:02:31.000,0:02:34.100
So in this case, this is a picture in the[br]Reina Sofia which is one of the largest
0:02:34.100,0:02:37.650
museums in Spain. And that in the middle[br]is Mason Juday, and Trevor Paglen,
0:02:37.650,0:02:41.730
and that’s me on the right. And the only[br]time you’ll ever find me on the right!
0:02:41.730,0:02:46.930
And so it is the case that this is[br]a Tor relay. It’s actually 2 Tor relays
0:02:46.930,0:02:51.350
running on the open hardware device[br]Novena, made by bunny and Sean.
0:02:51.350,0:02:55.360
And it’s actually running as a middle[br]relay now, but it may in some point
0:02:55.360,0:02:59.659
with one configuration change become[br]an exit relay. And it is the case that
0:02:59.659,0:03:06.260
the Reina Sofia is hosting this Tor relay.[br]So, now, if… so we live in capitalism…
0:03:06.260,0:03:11.209
applause
0:03:11.209,0:03:14.900
So it is the case that if the Police wanna[br]seize this relay they got to buy it
0:03:14.900,0:03:17.220
like every other piece[br]of art in the museum.
0:03:17.220,0:03:24.340
laughter and applause
0:03:24.340,0:03:27.299
And part of the reason that we’re[br]doing this kind of stuff – at least
0:03:27.299,0:03:31.480
that piece of art which I did with Trevor[br]and Mason and Leif Ryge who is also
0:03:31.480,0:03:35.519
in this room, and Aaron Gibson, also in[br]this room – is because we think that
0:03:35.519,0:03:39.780
culture is important. And we think that[br]it’s important to tie the issue of anonymity
0:03:39.780,0:03:43.459
not just as an abstract idea but as an[br]actual thing that is representative
0:03:43.459,0:03:47.490
not only of our culture but of the world[br]we want to live in, overall. For all the
0:03:47.490,0:03:51.930
cultures of the world. And so, for that[br]reason we also have quite recently
0:03:51.930,0:03:56.920
been thinking a lot about social norms.[br]And it is the case that there’s a person
0:03:56.920,0:04:01.040
in our community, and many persons in our[br]community that have come under attack.
0:04:01.040,0:04:05.440
And have been deeply harassed.[br]And we think that that sucks!
0:04:05.440,0:04:09.319
And we don’t like that. Even though we[br]promote anonymity without any question,
0:04:09.319,0:04:12.859
i.e. no backdoors ever, and we’ll[br]get back to that in a minute,
0:04:12.859,0:04:16.070
it is the case that we really[br]want to promote ‘being
0:04:16.070,0:04:18.940
excellent to each other’. In the[br]sort of spirit of Noisebridge!
0:04:18.940,0:04:25.679
applause
0:04:25.679,0:04:28.830
And it’s still a little bit American-centric[br]but you can get the basic idea.
0:04:28.830,0:04:33.099
It applies to Europe as well. Just replace[br]‘First Amendment’ with some of your local law.
0:04:33.099,0:04:36.950
Or a local constitutional right. It isn’t[br]the case that we’re saying that you
0:04:36.950,0:04:39.820
shouldn’t have the right to say things.[br]But we are saying “Get the fuck out
0:04:39.820,0:04:43.169
of our community if you’re going[br]to be abusive to women!”
0:04:43.169,0:04:50.539
applause and cheers
0:04:50.539,0:04:55.150
And you’ll note that I used the word[br]‘Fuck’ to say it. And I’m sorry about that.
0:04:55.150,0:04:58.630
Because the point is we all make mistakes.[br]And we want to make sure that while
0:04:58.630,0:05:03.130
it’s true that we have transgressions we[br]want to make sure that we can find
0:05:03.130,0:05:07.050
a place of reconciliation, and we can[br]work towards conflict resolution.
0:05:07.050,0:05:10.880
And it’s important at the same time to[br]recognize that there are people who’s
0:05:10.880,0:05:15.659
real lives are harmed by harassment[br]online. In this case one of the people
0:05:15.659,0:05:19.830
is in this audience. And I hope that they[br]won’t mind being named. But we want
0:05:19.830,0:05:23.740
to give her a shoutout and say[br]that we stand behind her 100%.
0:05:23.740,0:05:25.260
Roger: Yeah, so, …
0:05:25.260,0:05:33.059
applause
0:05:33.059,0:05:37.690
So one of our developers on core Tor,[br]Andrea, has been harassed on Twitter
0:05:37.690,0:05:42.440
and elsewhere, really a lot more[br]than should happen to anybody.
0:05:42.440,0:05:45.880
And there are a couple of points[br]to make here. One of them is:
0:05:45.880,0:05:49.919
She’s a woman, and women online[br]have been harassed for basically
0:05:49.919,0:05:54.440
since ‘online’ has existed. Not just[br]women, other minorities, pretty much
0:05:54.440,0:05:59.110
all over the place. Especially recently[br]things have been getting worse.
0:05:59.110,0:06:04.820
The other important point to realize:[br]she’s not just being attacked because
0:06:04.820,0:06:08.390
she happens to be there. She’s being[br]attacked because they’re trying to attack
0:06:08.390,0:06:13.310
the Tor project and all the other people[br]in Tor. So, yes, she may be the focus
0:06:13.310,0:06:17.409
of some of the attacks but we - the rest[br]of the Tor community, the rest of the
0:06:17.409,0:06:22.270
security community - need to stand up[br]and take on some of this burden of
0:06:22.270,0:06:26.090
communicating and interacting,[br]and talking about these issues.
0:06:26.090,0:06:29.130
We can’t just leave it[br]to her to defend herself.
0:06:29.130,0:06:38.240
applause
0:06:38.240,0:06:41.770
Jacob: And so we want to set a particular[br]standard which is that there are
0:06:41.770,0:06:44.209
lots of journalists that have a lot of[br]questions. And we really think that
0:06:44.209,0:06:47.970
there are a lot of legitimate questions to[br]ask. E.g. I think it sucks that we take
0:06:47.970,0:06:52.050
Department of Defense money, sometimes.[br]And sometimes I also think it’s good that
0:06:52.050,0:06:55.140
people have the ability to feed[br]themselves, and have the ability
0:06:55.140,0:06:59.270
to actually have a home and a family. Now,[br]I don’t have those things, really. I mean
0:06:59.270,0:07:02.510
I can feed myself, but I don’t have a home[br]or a family in the same way that, say,
0:07:02.510,0:07:07.520
the family people on side of Tor do. And[br]they need to be paid. It is the case that
0:07:07.520,0:07:12.060
that is true. And that raises questions.[br]Like I, personally, wouldn’t ever take
0:07:12.060,0:07:16.710
CIA money. And I think that nobody should.[br]And I don’t think the CIA should exist.
0:07:16.710,0:07:18.260
But we have a diversity…
0:07:18.260,0:07:22.300
applause
0:07:22.300,0:07:26.150
…we have a diversity of funding because[br]we have a diversity of users. And so that
0:07:26.150,0:07:29.500
raises a lot of questions. And I think[br]people should ask those questions.
0:07:29.500,0:07:32.489
And Roger, and the rest of the Tor[br]community feels that way, too. But
0:07:32.489,0:07:36.700
it’s important that we don’t single out[br]a specific person. And, in particular,
0:07:36.700,0:07:40.270
to single out Andrea, again. She[br]does not deserve all the heat about
0:07:40.270,0:07:43.969
some of the decisions that the[br]Tor project as a non-profit makes.
0:07:43.969,0:07:48.510
She is a developer who is integral to[br]Tor. If it was not for her a significant
0:07:48.510,0:07:52.039
portion of Tor would not exist. It[br]would not be as bug free as it is.
0:07:52.039,0:07:56.839
And it would not be getting better all the[br]time. So we want people to reach out
0:07:56.839,0:08:02.019
to this alias, if they actually want[br]to talk, and have a forum where
0:08:02.019,0:08:06.020
the whole of Tor can really respond, and[br]think about these things in a positive way,
0:08:06.020,0:08:10.029
and really engage with the press. In a way[br]that we can manage; because at the moment
0:08:10.029,0:08:14.419
we get, I would say, 5 (on[br]average) press requests every day.
0:08:14.419,0:08:19.140
That’s really a lot. And it is also the[br]case that 4 of those requests
0:08:19.140,0:08:23.950
are very well phrased, extremely[br]reasonable questions. And one of them is,
0:08:23.950,0:08:28.339
you know: “Why to[br]choose to run Tor?” And
0:08:28.339,0:08:32.089
we should address all of them. We[br]really should. And at the same time
0:08:32.089,0:08:35.190
we have to recognize that some of these[br]people that are kind of harassing,
0:08:35.190,0:08:37.840
they might trigger me. That one will[br]trigger me, and I would probably
0:08:37.840,0:08:40.650
write back with something kind of shitty.[br]So we want to distribute the work in a way
0:08:40.650,0:08:44.049
where people will be nice. Even to the[br]people that are unreasonable. Because
0:08:44.049,0:08:48.460
at the core – we need to be held to[br]account, and we need people to look to us
0:08:48.460,0:08:52.090
about these things, and to ask us these[br]hard questions. And so this is the address
0:08:52.090,0:08:55.580
to reach out to: [press@torproject.org].[br]Not harassing Andrea online on Twitter.
0:08:55.580,0:09:00.690
Not coming after individual developers.[br]Not posting crazy stuff on the mailing list.
0:09:00.690,0:09:04.520
Wait until we’ve actually talked to you,[br]then post the crazy stuff on the mailing list.
0:09:04.520,0:09:07.510
Or wherever you’re going to post it. And[br]then hopefully we can actually answer
0:09:07.510,0:09:11.830
the questions in a good faith-, helpful[br]way. There’s no reason to talk about
0:09:11.830,0:09:15.210
conspiracy theories, we can just[br]talk about the business plans.
0:09:15.210,0:09:19.380
And into that point wanna make it clear:
0:09:19.380,0:09:23.330
stop being an asshole to people in the[br]community. But this is not negotiable.
0:09:23.330,0:09:27.210
We’re not saying because we don’t want[br]you to harass people that we’re going
0:09:27.210,0:09:30.800
to backdoor Tor. That will never happen.[br]You will find a bullet in the back of my head
0:09:30.800,0:09:35.410
before that happens. And maybe Roger’s,[br]too. Depending on the order of operations.
0:09:35.410,0:09:44.550
laughter and applause
0:09:44.550,0:09:48.240
Roger: Okay, so we’re going to talk[br]a little bit about the various things
0:09:48.240,0:09:52.760
we’ve done over the past year. To[br]give you a very brief introduction to Tor:
0:09:52.760,0:09:56.820
Tor is an anonymity system. You’ve got[br]Alice, the client over there. She builds
0:09:56.820,0:10:00.760
a path through 3 different relays[br]around the world. And the idea is
0:10:00.760,0:10:04.030
that somebody watching her local[br]network connection can’t figure out
0:10:04.030,0:10:07.830
what destination she’s going to. And[br]somebody watching the destinations
0:10:07.830,0:10:11.750
can’t figure out where she’s coming[br]from. And we have quite a few relays
0:10:11.750,0:10:16.440
at this point. Here’s a… the red line is[br]the graph of the number of relays
0:10:16.440,0:10:20.560
we’ve had over the past year. For those[br]of you who remember ‘Heartbleed’
0:10:20.560,0:10:24.450
you can see the big drop in April when[br]we removed a bunch of relays that
0:10:24.450,0:10:29.390
had insecure keys. But this is not the[br]interesting graph. The interesting graph
0:10:29.390,0:10:35.870
is ‘capacity over the past year’. And[br]we’ve gone from a little over 6 GBps
0:10:35.870,0:10:39.990
of capacity up to more[br]than 12 GBps of capacity.
0:10:39.990,0:10:48.140
applause
0:10:48.140,0:10:51.820
And as long as we can make the difference[br]between those 2 lines big enough then
0:10:51.820,0:10:56.200
Tor performance is pretty good. But we rely[br]on all of you to keep on running relays,
0:10:56.200,0:11:01.180
and make them faster etc. so that we[br]can handle all the users who need Tor.
0:11:01.180,0:11:06.350
Okay, another topic. Deterministic[br]builds. Mike Perry and Seth Schoen
0:11:06.350,0:11:10.250
did a great talk a few days ago. So you[br]should go watch the stream on that!
0:11:10.250,0:11:15.100
The very short version is: We have[br]a way of building Tor Browser so that
0:11:15.100,0:11:19.230
everybody can build Tor Browser[br]and produce the same binary.
0:11:19.230,0:11:22.940
And that way you don’t have to worry about[br]problems on your build machine and you can
0:11:22.940,0:11:27.660
actually check that the program we give[br]you, really is based on the source code
0:11:27.660,0:11:29.470
that we say that it is.
0:11:29.470,0:11:33.910
Jacob: And this is of course important[br]because we really don’t want to be
0:11:33.910,0:11:37.940
a focal point where someone comes[br]after us and says: “You have to produce
0:11:37.940,0:11:41.670
a backdoored version”. So it’s very[br]important because we do receive
0:11:41.670,0:11:46.430
a lot of pressure, from a lot of different[br]groups. And we never want to cave.
0:11:46.430,0:11:50.310
And here’s how we think it is the[br]case that we will never cave:
0:11:50.310,0:11:54.470
Free Software, open specifications,[br]reproducible builds,
0:11:54.470,0:11:57.920
things that can be verified[br]with cryptographic signatures.
0:11:57.920,0:12:01.650
That will not only keep us honest[br]against the – what do you call it –
0:12:01.650,0:12:04.870
the angels of our better nature.[br]I don’t believe in angels. But anyway.
0:12:04.870,0:12:09.100
The point is that it will keep us honest.[br]But it will also keep other people at bay.
0:12:09.100,0:12:13.360
From trying to do something harmful to[br]us. Because when something happens
0:12:13.360,0:12:17.860
you will be able to immediately find it.[br]And Mike Perry, by the way, is incredible.
0:12:17.860,0:12:24.730
He probably hates that I’m saying his name[br]right now. Sorry, Mike! Are you here?
0:12:24.730,0:12:27.340
laughter[br]Bastard! laughs
0:12:27.340,0:12:32.020
But Mike Perry is a machine. He also[br]has a heart! But he’s a machine.
0:12:32.020,0:12:36.010
And he’s incredible. And he has been[br]working non-stop on this. And he is really
0:12:36.010,0:12:40.420
ground-breaking in not only doing[br]this for Firefox but really thinking
0:12:40.420,0:12:43.720
about these hard problems, and[br]understanding that if he was just building
0:12:43.720,0:12:47.810
this browser by himself, and he was[br]doing it in a non-verifiable way
0:12:47.810,0:12:51.210
that it would really, actually be[br]a serious problem. Because we distribute
0:12:51.210,0:12:55.930
this software. And so, I mean[br]there is a reason that the NSA
0:12:55.930,0:12:59.890
calls Mike Perry a “worthy adversary”.[br]And it is because he’s amazing!
0:12:59.890,0:13:02.260
applause[br]So let’s give it up for Mike Perry!
0:13:02.260,0:13:07.600
ongoing applause
0:13:07.600,0:13:11.870
Roger: Not only that, but his work, along[br]with Bitcoin’s work has pushed Debian
0:13:11.870,0:13:16.500
and Fedora, and other groups to work[br]on reproducible builds as well. So,
0:13:16.500,0:13:20.520
hopefully the whole security[br]community will get better!
0:13:20.520,0:13:24.810
applause
0:13:24.810,0:13:28.700
Jacob: And to the point about Citizenfour.[br]One of the things that’s been happening
0:13:28.700,0:13:33.390
quite recently is that really respectable[br]nice people like the people at Mozilla
0:13:33.390,0:13:37.440
have decided that they really want[br]us to work together. Which is great.
0:13:37.440,0:13:41.250
Because we wanted to, and we have[br]respected their work for a very long time.
0:13:41.250,0:13:46.779
And so Tor is now partnering with Mozilla.[br]And that means that Mozilla, as a group,
0:13:46.779,0:13:50.400
will be running Tor relays. At first[br]middle nodes, and then, hopefully,
0:13:50.400,0:13:56.770
we believe, exit relays. And that is[br]huge because Mozilla is at the forefront
0:13:56.770,0:14:02.370
of doing a lot of work for end users. Just[br]everyday regular people wanting privacy.
0:14:02.370,0:14:07.589
Things like DoNotTrack e.g.[br]are a way to try to experiment.
0:14:07.589,0:14:11.510
Things like the Tor Browser a way to[br]experiment even further. To really bring
0:14:11.510,0:14:16.400
Privacy-by-Design. And it’s amazing[br]that Mozilla is doing that. And
0:14:16.400,0:14:20.500
we’ve made a partnership with them, and[br]we’re hopeful, cautiously optimistic even,
0:14:20.500,0:14:23.680
that this is going to produce some very[br]good results where our communities can
0:14:23.680,0:14:28.450
sort of fuse, and give Privacy-by-Design[br]software to every person on the planet
0:14:28.450,0:14:31.210
with no exceptions whatsoever.
0:14:31.210,0:14:37.860
applause
0:14:37.860,0:14:42.010
Now we also have a couple of things[br]that we would like to talk about,
0:14:42.010,0:14:44.960
just generally, that are a little bit[br]technical. But at the same time
0:14:44.960,0:14:49.070
we wanna keep it accessible because[br]we think that this talk, well, it’s useful
0:14:49.070,0:14:51.841
to talk about technical details. The most[br]important thing is somebody who has
0:14:51.841,0:14:55.260
never heard of the Tor community before,[br]who watches this video, we want them
0:14:55.260,0:15:00.730
to understand some of the[br]details, and enough, let’s say,
0:15:00.730,0:15:04.650
technical understanding that they’ll be[br]able to go and look it up if they want to,
0:15:04.650,0:15:07.510
but they’ll also understand we’re not[br]just glossing over, completely.
0:15:07.510,0:15:10.320
So, pluggable transports are very[br]important. Right now, the way
0:15:10.320,0:15:15.540
that Tor works is that we connect with an[br]SSL/TLS connection. The protocol SSL/TLS,
0:15:15.540,0:15:19.750
one of the 2, depending on the client[br]library, and the server library. And
0:15:19.750,0:15:23.180
that looks like an SSL connection, for[br]the most part. But as some of you know
0:15:23.180,0:15:28.470
there are people on this planet[br]they collect SSL and TLS data,
0:15:28.470,0:15:32.440
about everything flowing across the[br]internet. That’s really a problem.
0:15:32.440,0:15:36.550
It turns out we thought in some cases[br]that it was just censorship that mattered.
0:15:36.550,0:15:40.410
But it turns out broad classification[br]of traffic is really, actually, a problem
0:15:40.410,0:15:44.960
not just for blocking but also for later[br]doing identification of traffic flows.
0:15:44.960,0:15:47.740
So I’ve already lost the non-technical[br]people in the audience, so, let me
0:15:47.740,0:15:51.580
rephrase that and say: We have these other[br]ways of connecting to the Tor network.
0:15:51.580,0:15:55.740
And they don’t look just like a secure[br]banking transaction. They look instead
0:15:55.740,0:16:01.250
like DNS, or HTTP – that is your regular[br]web browsing or name resolution.
0:16:01.250,0:16:04.990
And we have a lot of different pluggable[br]transports. And some of them are cool.
0:16:04.990,0:16:08.040
Some of them make it look like you’re[br]connecting to Google. When in fact you’re
0:16:08.040,0:16:11.180
connecting to the Tor Project. And it’s[br]because you, in fact, are connecting
0:16:11.180,0:16:16.660
to Google. Leif Ryge, are you[br]in the room, here? Maybe, no?
0:16:16.660,0:16:19.960
This is really… you guys,[br]and your anonymity!
0:16:19.960,0:16:23.890
laughter[br]It is the case…
0:16:23.890,0:16:27.070
he showed this to me, I mentioned this to[br]some other people and David Fifield,
0:16:27.070,0:16:30.870
I think, either independently rediscovered[br]it. There’s also the GoAgent people
0:16:30.870,0:16:35.390
that discovered this. You can connect[br]to Google with an SSL connection,
0:16:35.390,0:16:38.430
and the certificate will say:[br]dadada.google.com. And you of course
0:16:38.430,0:16:42.740
verify it. And it is of course signed,[br]probably by Adam Langley, personally.
0:16:42.740,0:16:48.120
And… maybe it’s just the Google[br]CAs. And then you give it a different
0:16:48.120,0:16:53.270
HTTP host header. So you say: actually[br]I wanna talk to Appspot. I wanna talk
0:16:53.270,0:16:58.470
to torbridge.appspot.com.[br]And inside of the TLS connection,
0:16:58.470,0:17:01.149
which looks like it’s a connection to[br]Google which is one of the most popular
0:17:01.149,0:17:05.119
websites on the internet you then make[br]essentially an encrypted connection
0:17:05.119,0:17:09.980
through that. And then from there[br]to the Tor network. Using Google,
0:17:09.980,0:17:13.859
but also Cloudflare – they don’t[br]just provide you with captchas!
0:17:13.859,0:17:19.329
laughter and applause[br]laughs
0:17:19.329,0:17:23.170
Poor Cloudflare guy! We were joking[br]we should stand outside his office
0:17:23.170,0:17:26.009
and make him answer[br]captchas to get in the door!
0:17:26.009,0:17:30.460
laughter and applause
0:17:30.460,0:17:34.260
All of those people clapping wish you[br]would solve the Cloudflare captcha issue!
0:17:34.260,0:17:39.810
So it also works with other compute[br]clusters. And other CDNs.
0:17:39.810,0:17:43.300
And so this is really awesome because[br]it means that now you can connect
0:17:43.300,0:17:47.280
through those CDNs to the Tor network,[br]using Meek (?) and other pluggable transports
0:17:47.280,0:17:52.620
like that. So that’s a huge win.[br]And deploying it by default
0:17:52.620,0:17:54.140
– I think we have another slide for that…
0:17:54.140,0:17:58.270
Roger: Nope, that’s it![br]We’ve got a different one, yes.
0:17:58.270,0:18:03.440
So, one of the neat things about Meek (?) is:[br]because it works on all these different
0:18:03.440,0:18:07.910
sorts of providers – Akamai[br]and all the CDNs out there –
0:18:07.910,0:18:12.840
a lot of those are still reachable from[br]places like China. Lots of our pluggable
0:18:12.840,0:18:16.370
transports don’t work so well in China,[br]but meek does, at this point.
0:18:16.370,0:18:20.200
So there are a lot of happy users.[br]Here’s a graph of an earlier
0:18:20.200,0:18:24.230
pluggable transport that we had,[br]called ‘obfs3’. It still works in China,
0:18:24.230,0:18:28.030
and Iran, and Syria and lots[br]of places around the world.
0:18:28.030,0:18:31.920
But the sort of blue/aqua line is
0:18:31.920,0:18:36.540
how much use we’ve seen of[br]obfs3. And you can tell exactly
0:18:36.540,0:18:41.590
when we put out the new Tor browser[br]release that had obfs3 built-in
0:18:41.590,0:18:46.890
and easy-to-use by ordinary people.[br]So one of the really important pushes
0:18:46.890,0:18:50.850
we’ve been doing is trying to make[br]– rather than trying to explain
0:18:50.850,0:18:54.090
how pluggable transports work, and[br]teach you everything – just make them
0:18:54.090,0:18:57.370
really simple. Make them part of Tor[br]browser, you just click on “My Tor
0:18:57.370,0:19:01.690
isn’t working so I wanna use some[br]other way to make my Tor work”.
0:19:01.690,0:19:06.260
And we’ve got 10.000 people at this[br]point who are happily using obfs3.
0:19:06.260,0:19:10.930
I think a lot of them are in[br]Syria and Iran at this point.
0:19:10.930,0:19:17.640
applause
0:19:17.640,0:19:21.150
Something else we’ve been doing over[br]the past year is working really hard
0:19:21.150,0:19:26.020
on improving the robustness,[br]and testing infrastructure,
0:19:26.020,0:19:29.960
and unit tests for the core Tor[br]source code. So Nick Mathewson
0:19:29.960,0:19:34.230
and Andrea Shepard in particular[br]have been really working on robustness
0:19:34.230,0:19:39.700
to make this something we can rely[br]on, as a building block in tails,
0:19:39.700,0:19:43.770
in Tor browser, in all the other[br]applications that rely on Tor.
0:19:43.770,0:19:47.190
So in the background things were[br]getting a lot stronger. Hopefully that
0:19:47.190,0:19:51.960
will serve us very well[br]in the battles to come.
0:19:51.960,0:19:59.220
applause
0:19:59.220,0:20:02.280
Jacob: So this fine gentleman[br]who was a teen heartthrob
0:20:02.280,0:20:03.980
on Italian television many years ago…
0:20:03.980,0:20:06.530
Arturo: Thank you for doxing me![br]Jacob: Sorry.
0:20:06.530,0:20:08.260
both laugh
0:20:08.260,0:20:10.450
If only you’d been using Tor!
0:20:10.450,0:20:16.020
Arturo: Yeah, TV over Tor. So…[br]A project that we started a couple
0:20:16.020,0:20:23.620
of years ago with Jake is sort of related[br]I guess to the Tor project’s goals of
0:20:23.620,0:20:29.740
increasing privacy and having a better[br]understanding on how people’s lives
0:20:29.740,0:20:35.380
are impacted through technology. And this[br]project is called OONI, or the ‘Open
0:20:35.380,0:20:40.010
Observatory of Network Interference’. And[br]what it is, before being a piece of software
0:20:40.010,0:20:46.080
is a set of principles, and best practices[br]and specifications written in English
0:20:46.080,0:20:52.860
for how it is best to conduct network[br]related measurements. That sort of
0:20:52.860,0:20:57.510
measurements that we’re interested in[br]running have to do with identifying
0:20:57.510,0:21:04.130
network irregularities. These are symptoms[br]that can be a sign of presence of
0:21:04.130,0:21:10.710
surveillance or censorship, on the network[br]that you’re testing. And we use
0:21:10.710,0:21:15.860
a methodology that has been peer-reviewed,[br]of which we have published a paper.
0:21:15.860,0:21:21.200
It’s implemented using free software. And[br]all of the data that we collect is made
0:21:21.200,0:21:26.800
available to the public. So that you can[br]look at it, analyze it and draw your
0:21:26.800,0:21:33.160
own conclusions from it.[br]applause
0:21:33.160,0:21:37.560
And so we believe that this effort is[br]something that is helpful and useful
0:21:37.560,0:21:43.179
to people such as journalists, researchers,[br]activists or just simple citizens that are
0:21:43.179,0:21:48.679
interested in being more aware, and have[br]a better understanding that is based
0:21:48.679,0:21:55.559
on facts instead of just anecdotes, on[br]what is the reality of internet censorship
0:21:55.559,0:22:00.059
in their country. And we believe that[br]historical data is especially important
0:22:00.059,0:22:05.660
because it gives us an understanding of[br]how these censorship and surveillance
0:22:05.660,0:22:12.670
apparatuses evolve over time. So[br]I would like to invite you all to run
0:22:12.670,0:22:21.730
Ooniprobe today, if you copy and paste[br]this command line inside of a Debian-based
0:22:21.730,0:22:26.730
system. Obviously… perhaps you should[br]read what is inside it before running it.
0:22:26.730,0:22:31.310
applause
0:22:31.310,0:22:34.630
But once you do that you will have[br]a Ooniprobe setup and you will be
0:22:34.630,0:22:40.570
collecting measurements for your country.[br]If instead you would like to have
0:22:40.570,0:22:46.890
an actual hardware device we have a very[br]limited number of them. But if you’re
0:22:46.890,0:22:49.799
from an interesting country and you’re[br]interested in running Ooniprobe
0:22:49.799,0:22:54.420
we can give you a little Raspberry Pi with[br]an LCD screen that you can take home,
0:22:54.420,0:23:00.860
connect to your network and adopt[br]a Ooniprobe in your home network.
0:23:00.860,0:23:09.130
To learn more about this you should come[br]later today at Noisy Square, at 6 P.M.
0:23:09.130,0:23:11.750
to learn more about it.
0:23:11.750,0:23:13.020
Roger: Thank you!
0:23:13.020,0:23:17.500
applause
0:23:17.500,0:23:20.570
Jacob: And, just to finish up here,[br]I mean, OONI is a human rights
0:23:20.570,0:23:26.070
observation project which Arturo and[br]Aaron Gibson – also somewhere in the room,
0:23:26.070,0:23:32.130
I’m sure he won’t stand up so I won’t even[br]ask him. It’s great! Because we went from
0:23:32.130,0:23:35.400
a world where there was no open[br]measurement, with only secret tools,
0:23:35.400,0:23:39.110
essentially, where people acted like[br]secret agents, going in the countries
0:23:39.110,0:23:42.320
to do measurements. There wasn’t really[br]an understanding of the risks that
0:23:42.320,0:23:45.860
were involved, how the tests function,[br]where non-technical people could have
0:23:45.860,0:23:50.830
reasonable explanations. And now we have[br]open measurement tools, we have open data
0:23:50.830,0:23:55.080
standards, we have really like a framework[br]for understanding this as a human right
0:23:55.080,0:23:59.250
to observe the world around you. And then[br]also to share that data, and to actually
0:23:59.250,0:24:03.290
discuss that data, what it means. And to[br]be able to set standards for it.
0:24:03.290,0:24:06.330
And hopefully that means that people have[br]informed consent when they engage
0:24:06.330,0:24:10.600
in something that could be risky, like running[br]Ooni in a place like… that is dangerous
0:24:10.600,0:24:13.030
like the United States or Cuba,[br]or something like China.
0:24:13.030,0:24:18.000
applause[br]And so, Arturo personally though, is
0:24:18.000,0:24:21.610
the heart and soul of Ooni. And it is[br]really important that we see that
0:24:21.610,0:24:25.580
the Tor community is huge. It’s really[br]huge, it’s made up of a lot of people
0:24:25.580,0:24:29.670
doing a lot of different things. And part[br]of Ooni is Tor. We need Tor to be able
0:24:29.670,0:24:33.929
to have a secure communications channel[br]back to another system, we need that
0:24:33.929,0:24:38.230
so that people can log into these[br]Ooniprobes e.g. over Tor Hidden Services.
0:24:38.230,0:24:42.610
That kind of fusion of things where we[br]have anonymity but at the same time
0:24:42.610,0:24:45.980
we have this data set that is in some[br]cases identifying, in some cases
0:24:45.980,0:24:49.910
it’s not identifying, depending on the[br]test. We need an anonymous communications
0:24:49.910,0:24:53.630
channel to do that kind of human rights[br]observation. And so… just so we can
0:24:53.630,0:24:57.070
make Arturo a little… feel a little[br]appreciated I just wanna give him
0:24:57.070,0:25:00.500
another round of applause, for making this[br]human rights observation project.
0:25:00.500,0:25:08.240
applause[br]Jacob joins the applause
0:25:08.240,0:25:12.990
Roger: So I encourage all of you not only[br]to run Ooniprobe in interesting places,
0:25:12.990,0:25:17.660
and in boring places because they might[br]become interesting. But also to help write
0:25:17.660,0:25:22.500
new tests, and work on the design of these[br]things, so that we can detect and notice
0:25:22.500,0:25:27.289
new problems on the internet more quickly.[br]Something else we’ve been up to over
0:25:27.289,0:25:32.920
the past year is Tor Weekly News. We were[br]really excited by Linux Weekly News etc.
0:25:32.920,0:25:37.990
and… so every week there’s a new[br]blog post and mail that summarizes
0:25:37.990,0:25:41.820
what’s happened over the past week.[br]We encourage you to look at all these.
0:25:41.820,0:25:45.870
A special shout-out to harmony and[br]lunar for helping to make this happen
0:25:45.870,0:25:47.950
over the past year. Thank you!
0:25:47.950,0:25:52.679
applause
0:25:52.679,0:25:57.370
Jacob: Finally there’s a Tor list you can[br]be on, that you really wanna be on!
0:25:57.370,0:26:01.460
Roger: Being on lists is good. One of the[br]other features we’ve been really excited
0:26:01.460,0:26:06.590
about over the past year: EFF has been[br]helping with Outreach. EFF ran
0:26:06.590,0:26:10.820
a Tor relay challenge to try to get a lot[br]of people running relays. And I think
0:26:10.820,0:26:17.150
they have several thousand relays that[br]signed up because of the relay challenge.
0:26:17.150,0:26:19.549
Pushing a lot of traffic.[br]So that’s really great!
0:26:19.549,0:26:23.339
applause
0:26:23.339,0:26:27.040
And at the same time not only did they[br]get a lot of more people running relays
0:26:27.040,0:26:31.750
but they also did some great advocacy[br]and outreach for getting more exit relays
0:26:31.750,0:26:36.440
in universities, and basically teaching[br]people why Tor is important. We all need
0:26:36.440,0:26:40.200
to be doing more of that! We’ll[br]touch on that a little bit more later.
0:26:40.200,0:26:44.190
So you all I hope remember what was[br]going on in Turkey, earlier this year.
0:26:44.190,0:26:48.419
Here’s a cool graph of Tor use in Turkey[br]when they started to block Youtube
0:26:48.419,0:26:52.170
and other things. Then people realized,[br]I need to get some tools to get around
0:26:52.170,0:26:56.830
that censorship. But you probably[br]weren’t paying attention when Iraq
0:26:56.830,0:27:01.430
filtered Facebook, and suddenly a lot of[br]people in Iraq needed to get some sort
0:27:01.430,0:27:05.570
of way to get around their censorship. So[br]there are a bunch of interesting graphs
0:27:05.570,0:27:10.470
like this on the Tor Metrics project, of[br]what’s been going on over the past year.
0:27:10.470,0:27:13.290
Jacob: And we actually…[br]– if you could go back, yeah.
0:27:13.290,0:27:17.510
One thing that’s really interesting about[br]this is: Karsten Loesing who is, I think,
0:27:17.510,0:27:20.530
also not going to stand up, maybe you[br]will? Are you here? I don’t see you,
0:27:20.530,0:27:25.929
Karsten? No? No, okay. He does all[br]the metrics, this anonymous, shadowy
0:27:25.929,0:27:29.650
metrics figure. And if you go to[br]metrics.torproject.org you’ll see
0:27:29.650,0:27:33.830
open data that is properly anonymized[br]– you would expect that from us –
0:27:33.830,0:27:38.539
as well as actual documents that explain[br]the anonymity, the counting techniques,
0:27:38.539,0:27:42.140
that explain the privacy conserving[br]statistics. And you can see these graphs,
0:27:42.140,0:27:46.050
you can generate them based on certain[br]parameters. If you are interested
0:27:46.050,0:27:50.320
in seeing e.g. geopolitical events,[br]and how they tie in to the internet,
0:27:50.320,0:27:54.870
this project is part of what inspired[br]Ooni. This is how we get statistics
0:27:54.870,0:27:58.289
and interesting things about the Tor[br]network itself. From Tor clients,
0:27:58.289,0:28:02.150
from Tor relays, from Tor bridges.[br]And it tells you all sorts of things.
0:28:02.150,0:28:08.700
Platform information, version number of[br]the software, which country someone
0:28:08.700,0:28:13.440
might be connecting from etc. Where[br]they’re hosted… If you are interested
0:28:13.440,0:28:17.900
looking at this website and finding spikes[br]like this you may in fact be able to
0:28:17.900,0:28:22.590
find out that there is a censorship event[br]in that country, and we haven’t noticed it.
0:28:22.590,0:28:26.410
There are a lot of countries in the world[br]if we split it up by country. And sometimes
0:28:26.410,0:28:31.460
50.000 Tor users fall off the Tor network[br]because another American company has sold
0:28:31.460,0:28:36.780
that country censorship equipment. We[br]need help finding these events, and then
0:28:36.780,0:28:41.340
understanding their context. So if in your[br]country something like that happens
0:28:41.340,0:28:45.830
looking at this data can help us not only[br]to advocate for anonymity in such a place
0:28:45.830,0:28:48.910
but it can help us to also technically[br]realize we need to fix a thing,
0:28:48.910,0:28:51.799
change a thing… And it’s through this[br]data that we can have a dialog
0:28:51.799,0:28:55.550
about those things. So if you have no[br]technical ability at all but you’re
0:28:55.550,0:28:59.260
interested and understand where you[br]come from – look at this data set, try
0:28:59.260,0:29:03.450
to understand it, and then reach out to us[br]and hopefully we can learn about that.
0:29:03.450,0:29:06.289
That’s how we learn about this, that’s how[br]we learned about the previous thing.
0:29:06.289,0:29:09.860
And many years ago we gave a Tor talk[br]about how countries and governments
0:29:09.860,0:29:15.470
and corporations try to censor Tor. And[br]of course, a lot has happened since then.
0:29:15.470,0:29:18.510
There’s a lot of those things, and very[br]difficult to keep up with them. So
0:29:18.510,0:29:22.820
we really need the community’s help to[br]contextualize, to explain and define
0:29:22.820,0:29:25.750
these things.
0:29:25.750,0:29:30.970
Roger: Okay. Next section of the talk,[br]‘things that excited journalists over
0:29:30.970,0:29:35.270
the past year’. That actually turned out[br]to be not-so-big a deal. And we’re gonna
0:29:35.270,0:29:39.220
try to blow through a lot of them quickly,[br]so that we can get to the stuff that
0:29:39.220,0:29:45.669
actually was a big deal. So I guess in[br]August or something there was going to be
0:29:45.669,0:29:50.190
a Blackhat talk about how you can[br]just totally break Tor, and then
0:29:50.190,0:29:55.080
the Blackhat talk got pulled. Turns out[br]that it was a group at CMU who were
0:29:55.080,0:30:00.200
doing some research on Tor. And I begged[br]them for a long time to get a little bit
0:30:00.200,0:30:04.720
of information about what attack they had.[br]Eventually they sent me a little bit of
0:30:04.720,0:30:08.510
information. And then we were all[br]thinking about how to fix it. And then
0:30:08.510,0:30:12.280
Nick Mathewson, one of the Tor developers,[br]said: “Why don’t I just deploy
0:30:12.280,0:30:17.490
a detection thing on the real Tor network,[br]just in case somebody is doing this?” And
0:30:17.490,0:30:21.210
then it turns out somebody was doing this.[br]And then I sent mail to the Cert (?) people
0:30:21.210,0:30:25.789
saying: “Hey, are you, like, are you like[br]running those 100 relays that are doing
0:30:25.789,0:30:31.690
this attack on Tor users right now?” And[br]I never heard back from them after that.
0:30:31.690,0:30:36.570
So that’s sort of a… this is a sad[br]story for a lot of different reasons.
0:30:36.570,0:30:41.070
But I guess the good news is we identified[br]the relays that were doing the attack,
0:30:41.070,0:30:45.020
we cut them out of the network, and we[br]deployed a defense that will first of all
0:30:45.020,0:30:49.000
make that particular attack not[br]work anymore. And also detect it
0:30:49.000,0:30:52.010
when somebody else is trying[br]to do an attack like this.
0:30:52.010,0:30:53.610
Jacob: This, of course, is…
0:30:53.610,0:30:59.720
applause
0:30:59.720,0:31:05.020
This is a hard lesson, for 2 reasons.[br]The first reason is that that it’s awful
0:31:05.020,0:31:07.750
to do those kinds of attacks on the real[br]Tor network. And there’s a question about
0:31:07.750,0:31:12.530
responsibility. But the second lesson is[br]that when these kinds of things happen,
0:31:12.530,0:31:17.179
and we have the ability to actually[br]understand them we can respond to them.
0:31:17.179,0:31:21.370
It’s really awful that the talk[br]was pulled, and it is really awful
0:31:21.370,0:31:24.640
that these people were not able to give[br]us more information. And it’s also really
0:31:24.640,0:31:28.030
awful that they were apparently carrying[br]out the attack. And there were lots
0:31:28.030,0:31:31.831
of open questions about it. But in general[br]we believe that we’ve mitigated the attack
0:31:31.831,0:31:36.450
which is important. But we also[br]advocated for that talk to go forward.
0:31:36.450,0:31:40.549
Because we think that, of course, the[br]answer to even really frustrating speech
0:31:40.549,0:31:45.710
is more speech! So we wanna know more[br]about it. It somehow is very disturbing
0:31:45.710,0:31:49.090
that that talk was pulled. And they should[br]be able to present their research,
0:31:49.090,0:31:52.650
even if there’s anger on our face it’s[br]important for our users to know as much
0:31:52.650,0:31:57.520
as we can, so that we can move[br]forward with protecting Tor users.
0:31:57.520,0:32:02.500
Roger: Okay, so, another exciting[br]topic from a couple of months ago:
0:32:02.500,0:32:04.630
Russia apparently put out[br]a call-for-research work…
0:32:04.630,0:32:06.990
loud splashing noise from Jake[br]opening a loaded water bottle
0:32:06.990,0:32:10.580
…to come up with attacks on Tor.[br]Jacob: It’s another attack on Tor!
0:32:10.580,0:32:14.970
Roger: Enjoy your water, Jake.[br]I hope that was worth it. laughs
0:32:14.970,0:32:16.530
Jacob: laughs It was really[br]worth it. Was very thirsty.
0:32:16.530,0:32:19.919
Roger: So Russia put out a[br]call-for-research proposals
0:32:19.919,0:32:25.930
on attacking Tor. Somebody mistranslated[br]that phrase from Russian into ‘prize’,
0:32:25.930,0:32:31.200
or ‘bounty’, or ‘contest’. And then we had[br]all these articles, saying “Russia is
0:32:31.200,0:32:36.080
holding a contest to break Tor” when[br]actually, no, they just wanted somebody
0:32:36.080,0:32:41.560
to work on research on Tor attacks.[br]So this would be like the U.S. National
0:32:41.560,0:32:46.730
Science Foundation holds a contest[br]for Tor research. That’s not actually
0:32:46.730,0:32:50.280
how government funding works.[br]Mistranslations cause a lot of
0:32:50.280,0:32:55.030
exciting journalist articles but as[br]far as I can tell it turned out to be
0:32:55.030,0:32:59.850
basically nothing. Also it was basically[br]‘no money’. So, maybe something
0:32:59.850,0:33:03.069
will come of this, we’ll see. Something[br]else that’s been bothering me a lot,
0:33:03.069,0:33:08.260
lately: Cryptowall, now called[br]‘Cryptolocker’. So, there are jerks
0:33:08.260,0:33:12.230
out there who break into your[br]mobile phone of some sort,
0:33:12.230,0:33:17.159
give you malware, viruses, something[br]like that. They encrypt your files,
0:33:17.159,0:33:22.050
and then they send you basically a ransom[br]note saying “We’ve encrypted your file,
0:33:22.050,0:33:27.320
if you want it back send some Bitcoin over[br]here!” So this is bad, so far. But then
0:33:27.320,0:33:31.320
the part that really upsets me is they[br]say: “And if you don’t know how to do this
0:33:31.320,0:33:35.960
go to our website torproject.org and[br]download the Tor Browser in order
0:33:35.960,0:33:42.620
to pay us”. Fuck them! I do not want[br]people doing this with our software!
0:33:42.620,0:33:49.220
applause
0:33:49.220,0:33:51.890
Jacob: Yeah, fuck them. I mean I don’t[br]really have a lot to contribute to that.
0:33:51.890,0:33:56.510
I mean it’s really… Hidden Services have[br]a really bad rap, and it’s frustrating,
0:33:56.510,0:33:59.900
right? There’s a… of course this[br]quantitative and qualitative analysis
0:33:59.900,0:34:03.890
that we can have here. And the reality[br]of the situation is that one Globaleaks
0:34:03.890,0:34:08.270
leaking interface is ‘one.onion’ (?), for[br]example. What is the value of that?
0:34:08.270,0:34:13.540
Versus 10.000 Hidden Services run by these[br]jerks? And it’s very hard to understand
0:34:13.540,0:34:16.989
the social value of these things, except[br]to say that we really need things like
0:34:16.989,0:34:21.710
Hidden Services. And jackasses like this[br]are really making it hard for us to defend
0:34:21.710,0:34:26.199
the right to publish anonymously. And so,[br]if you know who these people are please
0:34:26.199,0:34:30.549
ask them to stop! I don’t even know[br]what the ask is there. But they really
0:34:30.549,0:34:33.109
should stop. Or maybe there’s some[br]interesting things that you can do.
0:34:33.109,0:34:37.159
I don’t know. But we really, really[br]don’t like that this is someone’s
0:34:37.159,0:34:41.229
first introduction to Tor! That they think[br]that we’re responsible for this. We
0:34:41.229,0:34:44.549
most certainly are not responsible for[br]these things. We certainly do not deploy
0:34:44.549,0:34:51.000
malware. And Hidden Services are actually[br]very important for a lot of people.
0:34:51.000,0:34:53.930
These people are not those people!
0:34:53.930,0:34:59.949
applause
0:34:59.949,0:35:03.539
Roger: Another ‘exciting’ story,[br]a month or 2 ago, was,
0:35:03.539,0:35:08.289
“81% of Tor users can be de-anonymized…”[br]and then some more words, depending on
0:35:08.289,0:35:13.210
which article you read. So it turns out[br]that one of our friends, Sambuddho, who is
0:35:13.210,0:35:19.309
a professor in India now, did some work[br]on analyzing traffic correlation attacks
0:35:19.309,0:35:24.210
in the lab. He found, in the lab, that[br]some of his attacks worked sometime,
0:35:24.210,0:35:29.410
great… And then some journalists found it,[br]and said: “Ah! This must be the reason why
0:35:29.410,0:35:33.849
Tor is insecure today”. So he wrote[br]an article, it got Slashdot, it got
0:35:33.849,0:35:38.210
all the other news stories. And suddenly[br]everybody knew that Tor was broken
0:35:38.210,0:35:43.759
because “81% of Tor users…”.[br]So it turns out that Sambuddho himself
0:35:43.759,0:35:47.699
stood up and said actually: “No, you[br]misunderstood my article”. But
0:35:47.699,0:35:51.910
that didn’t matter because nobody listened[br]to the author of the paper at that point.
0:35:51.910,0:35:57.390
So I guess there’s a broader issue that[br]we’re struggling with here, in terms of
0:35:57.390,0:36:02.430
how to explain the details of these[br]things because traffic correlation attacks
0:36:02.430,0:36:08.560
are a big deal. They probably do work[br]if you have enough traffic around
0:36:08.560,0:36:12.079
the internet, and you’re looking at the[br]right places. You probably can do
0:36:12.079,0:36:17.549
the attack. But that paper did not do the[br]attack. So I keep finding myself saying:
0:36:17.549,0:36:21.880
“No no no, you’re misunderstanding the[br]paper, the paper doesn’t tell us anything,
0:36:21.880,0:36:25.749
but the attack is real! But the paper[br]doesn’t tell us anything”. And this is
0:36:25.749,0:36:30.049
really confusing to journalists because[br]it sounds like I’m disagreeing with myself
0:36:30.049,0:36:35.059
with these 2 different sentences. So we[br]need to come up with some way to
0:36:35.059,0:36:39.770
be able to explain: “Here are all of the[br]real attacks, that are really actually
0:36:39.770,0:36:44.979
worrisome, and it’s great that researchers[br]are working on them. And they probably
0:36:44.979,0:36:50.839
are a big deal, in some way. But no, that[br]paper that you’re pointing at right now
0:36:50.839,0:36:55.839
is not the reason why they’re a big[br]deal”. We also saw this in the context
0:36:55.839,0:36:59.790
of an NSA paper which was published[br]a couple of days ago, thanks to
0:36:59.790,0:37:02.690
some other folks.[br]Jacob: Sad, ‘some other folks’!
0:37:02.690,0:37:04.950
Roger: ‘Some other folks’. I won’t specify
0:37:04.950,0:37:10.020
exactly which other folks. And they[br]similarly had a traffic correlation attack.
0:37:10.020,0:37:15.579
And in the paper it’s really a bad one.[br]It’s the same as the paper that was
0:37:15.579,0:37:20.140
published in 2003, in the open literature.[br]There was a much better paper
0:37:20.140,0:37:25.309
published in 2004, in the open literature,[br]that apparently these folks didn’t read.
0:37:25.309,0:37:29.619
So I don’t wanna say traffic correlation[br]attacks don’t work, but all these papers
0:37:29.619,0:37:35.609
that we’re looking at don’t show…[br]aren’t very good papers.
0:37:35.609,0:37:39.120
Jacob: So one of the solutions to a lot[br]of journalists that don’t understand
0:37:39.120,0:37:42.710
technology is that it’s actually quite[br]easy to be a journalist by comparison
0:37:42.710,0:37:47.319
to being a technologist. It’s possible[br]to write about things in a factually
0:37:47.319,0:37:51.359
correct way, sometimes you don’t always[br]reach the right audiences, that can
0:37:51.359,0:37:55.489
actually be difficult. It depends. So you[br]have to write for different reading
0:37:55.489,0:37:59.390
comprehension levels, e.g. And we tried[br]to write for people who understand
0:37:59.390,0:38:03.249
the internet. At least when I write as[br]a journalist. And so, when I sometimes
0:38:03.249,0:38:07.210
take off my Tor hat I put on my journalistic[br]hat. And part of the reason is that
0:38:07.210,0:38:10.369
in order to even tell you about some[br]of the things that we learn, if I don’t
0:38:10.369,0:38:14.599
put on my journalistic hat I get a nice[br]pair of handcuffs. So it’s very important
0:38:14.599,0:38:17.719
to have journalistic protection so that we[br]can inform you about these things.
0:38:17.719,0:38:23.430
So e.g. it is the case that XKeyscore[br]rules – we published some of them.
0:38:23.430,0:38:28.589
Not ‘we’, Tor. But me and this set of[br]people at the top, of this by-line here.
0:38:28.589,0:38:33.420
In NDR. Some of you know NDR, it’s a very[br]large German publication. I also publish
0:38:33.420,0:38:37.730
with Der Spiegel, as a journalist. In this[br]case we published XKeyscore rules.
0:38:37.730,0:38:41.609
Where we specifically learned an important[br]lesson. And the important lesson was,
0:38:41.609,0:38:44.660
even if you’re a journalist explaining[br]things exactly technically correctly
0:38:44.660,0:38:47.739
– people will still get it wrong. It’s just[br]not the journalists that get it wrong.
0:38:47.739,0:38:50.640
It’s the readers. Very frustrating.
0:38:50.640,0:38:55.079
People decided that because the NSA[br]definitely has XKeyscore rules that is
0:38:55.079,0:38:58.529
rules for surveilling the internet, where[br]they’re looking at big traffic buffers.
0:38:58.529,0:39:03.890
TEMPORA e.g. the British surveillance[br]system that is built on XKeyscore.
0:39:03.890,0:39:08.190
With a – probably – week-long buffer of[br]all internet traffic. That’s a big buffer,
0:39:08.190,0:39:15.249
by the way. Doing these XKeyscore[br]rules, running across that traffic set,
0:39:15.249,0:39:18.130
they would find that people were[br]connecting to directory authorities.
0:39:18.130,0:39:20.959
One of those directory authorities is[br]mine, actually, quite ironically. And
0:39:20.959,0:39:25.760
then Sebastian Hahn, and other people[br]in this audience. And some people said:
0:39:25.760,0:39:30.839
“Oh, don’t use Tor because the NSA will[br]be monitoring you!” That is exactly
0:39:30.839,0:39:35.660
the wrong take-away. Because there are[br]XKeyscore rules on the order of tens of
0:39:35.660,0:39:39.890
thousands, from what we can tell.[br]So everything you do is going through
0:39:39.890,0:39:43.000
these giant surveillance systems. And[br]what you’ll learn when you monitor
0:39:43.000,0:39:48.579
someone using Tor is that they’re[br]using Tor potentially, in that buffer.
0:39:48.579,0:39:51.299
Which is different than ‘they learn[br]for sure that you were going to
0:39:51.299,0:39:55.769
the Chaos Computer Club’s web site’,[br]or that you were going to a dating site.
0:39:55.769,0:39:59.430
So it’s the difference between ‘they learn[br]some keeny (?) bit of information about you’,
0:39:59.430,0:40:02.920
that you’re using an anonymity[br]system, versus ‘they learned exactly
0:40:02.920,0:40:06.469
what you were doing on the internet’. Now[br]if there were only a few XKeyscore rules
0:40:06.469,0:40:10.849
at all, and it was just that about Tor[br]then that conclusion people reach
0:40:10.849,0:40:15.260
would be correct. But it’s exactly not[br]true. The XKeyscore system is so powerful
0:40:15.260,0:40:18.900
that if you have a logo for a company,[br]so anyone here that runs a company,
0:40:18.900,0:40:23.440
and you put a logo inside of a document,[br]the XKeyscore system can find that logo
0:40:23.440,0:40:28.489
in all of the documents flowing across the[br]internet in real-time. And alert someone
0:40:28.489,0:40:34.079
that someone has sent a .DOC or a PDF with[br]that image inside of it. And alert them.
0:40:34.079,0:40:38.229
So that they can intercept it. So the[br]lesson is not “Don’t use Tor because
0:40:38.229,0:40:43.200
XKeyscore may put your metadata into[br]a database, in the so-called ‘corporate
0:40:43.200,0:40:47.930
repositories’”. The lesson is “Holy shit,[br]there’s this gigantic buffering system
0:40:47.930,0:40:52.259
which has search capabilities that even[br]allow you to search inside of documents.
0:40:52.259,0:40:55.740
Really, really advanced capabilities where[br]they can select that traffic and put it
0:40:55.740,0:41:00.069
somewhere else”. “Use an anonymity[br]system!” And also: “Look, they’re
0:41:00.069,0:41:04.789
targeting anonymity systems, even in the[br]United States, which, at least for the NSA
0:41:04.789,0:41:08.239
they’re not supposed to be doing those[br]kinds of things”. They literately were
0:41:08.239,0:41:11.369
caught lying here. They’re doing[br]bulk internet surveillance even
0:41:11.369,0:41:16.109
in the United States. Using these[br]kinds of systems. That’s really scary.
0:41:16.109,0:41:19.680
But the real big lesson to take away from[br]that is, actually, that they’re doing this
0:41:19.680,0:41:22.440
for all the protocols that they can[br]write fingerprints for. And they have
0:41:22.440,0:41:28.770
a generic language where they can actually[br]describe protocols. And so we published
0:41:28.770,0:41:32.529
a number of those, we = NDR. And I would[br]really recommend you read and understand
0:41:32.529,0:41:35.749
that. But the lesson, again, is not[br]“Oh no, they’re going to detect you’re
0:41:35.749,0:41:40.190
using Tor”. We have never said that Tor[br]can e.g. protect you against someone
0:41:40.190,0:41:45.130
seeing that you’re using it. Especially in[br]the long term. But rather the point is
0:41:45.130,0:41:49.509
exactly the scariest point. This mass[br]internet surveillance is real. And
0:41:49.509,0:41:55.579
it is the case that it is real-time.[br]And it’s a real problem.
0:41:55.579,0:42:02.540
applause
0:42:02.540,0:42:05.910
Roger: If you’re using Tor they see that[br]you’re using Tor. If you’re not using Tor
0:42:05.910,0:42:09.630
they see exactly where you’re going.[br]You end up in a list of people who went
0:42:09.630,0:42:13.150
to ‘this’ website, or ‘this’ website,[br]or used ‘this’ service, or sent
0:42:13.150,0:42:18.589
‘this’ document. And the diversity of[br]Tor users is part of the safety, where,
0:42:18.589,0:42:21.779
just because they know you’re using[br]Tor doesn’t tell them that much.
0:42:21.779,0:42:24.890
One of the other things I’ve been[br]wrestling with after looking at a bunch
0:42:24.890,0:42:29.039
of these documents lately is the whole[br]‘how do we protect against pervasive
0:42:29.039,0:42:33.079
surveillance’. And this is an entire talk[br]on its own. We’ve been doing some
0:42:33.079,0:42:39.380
design changes. We pushed out some changes[br]in Tor that protect you more against
0:42:39.380,0:42:42.980
pervasive surveillance. We – for the[br]technical people out there – we’ve reduced
0:42:42.980,0:42:47.799
the number of guard relays that you use[br]by default from 3 to 1. So there are
0:42:47.799,0:42:52.609
fewer places on the internet that get to[br]see your Tor traffic. That’s a good start.
0:42:52.609,0:42:56.009
One of the other lessons we’ve been[br]realizing: The internet is more centralized
0:42:56.009,0:43:01.479
than we’d like. So it’s easy to say[br]“Oh, we just need more exit relays,
0:43:01.479,0:43:05.230
and then we’ll have more protection[br]against these things”. But if we put
0:43:05.230,0:43:09.450
another exit relay in that same data[br]sensor (?) in Frankfurt that they’re
0:43:09.450,0:43:13.719
already watching that’s not actually going[br]to give us more safety against these
0:43:13.719,0:43:18.950
pervasive surveillance adversaries.[br]Something else I realized: so we used
0:43:18.950,0:43:23.119
to talk about how Tor does these two[br]different things. We’ve got anonymity,
0:43:23.119,0:43:27.059
we’re trying to protect against somebody[br]trying to learn what you’re doing, and
0:43:27.059,0:43:30.470
we’ve got circumvention, censorship[br]circumvention. We’re trying to protect
0:43:30.470,0:43:33.589
against somebody trying to prevent[br]you from going somewhere.
0:43:33.589,0:43:37.980
But it turns out in the surveillance[br]case they do deep packet inspection
0:43:37.980,0:43:42.200
to figure out what protocol you’re[br]doing, to find out what you’re up to.
0:43:42.200,0:43:45.710
And in the censorship case they do[br]deep packet inspection to figure out
0:43:45.710,0:43:49.730
what protocol you’re using, to decide[br]whether to block it. So it’s actually…
0:43:49.730,0:43:55.049
these fields are much more related[br]than we had realized before. And
0:43:55.049,0:43:59.140
it took us a while, I’m really happy that[br]we have these documents to look at,
0:43:59.140,0:44:03.599
so that we have a better understanding[br]of how this global surveillance
0:44:03.599,0:44:10.660
and censorship works. Long ago, so in[br]2007, I ended up doing a talk at the NSA,
0:44:10.660,0:44:14.619
to try to convince them that we were not[br]the bad guys. And you can read the notes
0:44:14.619,0:44:18.530
that they took about my talk at the[br]NSA. Because they’re published
0:44:18.530,0:44:22.660
in the Washington Post. So I encourage you[br]to go read what the NSA thought of my talk
0:44:22.660,0:44:28.440
to them. That same year I ended up going[br]to GCHQ, to give a talk to them, to try
0:44:28.440,0:44:31.799
to convince them that we were not the[br]bad people. And I thought to myself:
0:44:31.799,0:44:35.230
“I don’t want to give them anything[br]useful. I don’t want to talk about
0:44:35.230,0:44:39.599
anonymity, because I know they’re going[br]to try to break anonymity. So I’m going
0:44:39.599,0:44:43.270
to give them a talk that has nothing to do[br]with anything that they should care about.
0:44:43.270,0:44:48.359
I’m going to talk about the censorship[br]arms race in China, and DPI, and stuff
0:44:48.359,0:44:53.509
like that, that they shouldn’t care[br]about at all”. Boy, were we wrong!
0:44:53.509,0:44:59.420
applause
0:44:59.420,0:45:03.389
So the other thing to think about here,[br]there are a bunch of different pluggable
0:45:03.389,0:45:08.300
transports that could come in handy[br]against the surveillance adversary.
0:45:08.300,0:45:12.380
We have, so far, been thinking of[br]pluggable transports in terms of
0:45:12.380,0:45:16.140
‘there’s somebody trying to censor your[br]connection, they’re doing DPI, or they’re
0:45:16.140,0:45:20.590
looking for addresses, and they’re trying[br]to block things’. One of the things
0:45:20.590,0:45:24.680
we learned from this past summer’s[br]documents: imagine an adversary
0:45:24.680,0:45:29.140
who builds a list of all the public Tor[br]relays. And then they build a list of
0:45:29.140,0:45:33.059
all of the IP addresses that connect[br]to those Tor relays. Now they know
0:45:33.059,0:45:36.421
all the bridges, and many of the users.[br]And now they build a list of all the
0:45:36.421,0:45:41.400
IP addresses that connect to those IP[br]addresses. And they go a few hops out,
0:45:41.400,0:45:46.610
and now they know all the public relays,[br]all the bridges, all the users, all of
0:45:46.610,0:45:50.079
the other things that are connected to[br]Tor. And they can keep track of which ones
0:45:50.079,0:45:55.849
they should log traffic for, for the next[br]6 months, rather than the next week.
0:45:55.849,0:46:00.599
That’s a really scary adversary. Some of[br]the pluggable transports we’ve been
0:46:00.599,0:46:06.009
working on could actually come in handy[br]here. So ‘Flash proxy’ is one of the ones
0:46:06.009,0:46:10.709
you heard about in last year’s talk. The[br]basic idea of a Flash proxy is to get
0:46:10.709,0:46:16.940
users running web browsers to volunteer[br]running web-RTC, or something like that
0:46:16.940,0:46:22.150
to basically be a short-lived bridge[br]between the censored user and
0:46:22.150,0:46:26.979
the Tor Network. So the idea is that you[br]get millions of people running browsers,
0:46:26.979,0:46:31.450
and then you can proxy from inside China,[br]or Syria, or America, or wherever
0:46:31.450,0:46:36.650
the problem is, through the browser into[br]the Tor Network. But from the surveillance
0:46:36.650,0:46:42.170
perspective suddenly they end up with[br]an enormous list of millions of people
0:46:42.170,0:46:46.209
around the world that are[br]basically buffering the Tor user
0:46:46.209,0:46:50.089
from the Tor Network. So if they[br]start with this list of IP addresses,
0:46:50.089,0:46:52.710
and they’re trying to build a list of[br]everything, now they end up
0:46:52.710,0:46:56.210
with millions of IP addresses[br]that have nothing to do with Tor.
0:46:56.210,0:46:59.640
And they have to realize, at the time[br]they’re watching, that they want to go
0:46:59.640,0:47:03.769
one more hop out. So I don’t[br]know if that will work. But this is
0:47:03.769,0:47:08.680
an interesting research area that more[br]people need to look at: How can we,
0:47:08.680,0:47:12.880
against an adversary who’s trying to build[br]a list of everybody who has anything to do
0:47:12.880,0:47:17.749
with Tor, how can we have[br]Tor users not end up on that list.
0:47:17.749,0:47:22.729
What sort of transports or tunneling[br]through Google app spot (?),
0:47:22.729,0:47:27.440
or other tools like that can we use[br]to break that chain, so it’s not as easy
0:47:27.440,0:47:32.709
for them to track down[br]where all the users are.
0:47:32.709,0:47:36.500
Okay, Silk Road 2, we’ve had a lot[br]of questions about. I think it’s called
0:47:36.500,0:47:41.099
Operation Onimous (?). I actually talked[br]to an American law enforcement person
0:47:41.099,0:47:46.250
who was involved in this. And he[br]told me, from his perspective, exactly
0:47:46.250,0:47:50.720
how it happened. Apparently the[br]Silk Road 2 guy wrote his name down
0:47:50.720,0:47:54.979
somewhere. So they brought him in,[br]and started asking him questions. And
0:47:54.979,0:47:58.760
as soon as they started asking him[br]questions he started naming names.
0:47:58.760,0:48:02.479
And they counted up to 16 names, and[br]they went and arrested all those people,
0:48:02.479,0:48:05.730
and collected their computers. And then[br]they put out a press release, saying
0:48:05.730,0:48:10.140
that they had an amazing Tor attack.
0:48:10.140,0:48:13.019
applause
0:48:13.019,0:48:18.069
So there are a couple of lessons here. One[br]of them is: Yes, it’s another case where
0:48:18.069,0:48:25.250
opsec failed. But the other lesson that[br]we learn is: These large law enforcement
0:48:25.250,0:48:32.729
adversaries are happy to use press spin[br]and lies, and whatever else it takes
0:48:32.729,0:48:36.779
to try to scare people away from[br]having safety on the internet.
0:48:36.779,0:48:40.390
Jacob: This is a really… to me,[br]especially, if I take off my Tor hat
0:48:40.390,0:48:44.820
and put on my journalistic hat, as if[br]I can actually take off hats etc., but
0:48:44.820,0:48:49.019
it’s really terrifying that journalists[br]don’t actually ask hard questions
0:48:49.019,0:48:54.950
about that. You know, the Europol people[br]that spoke to the press, they talked
0:48:54.950,0:48:59.119
about this as if they had some incredible[br]attack, they talked about 0-day,
0:48:59.119,0:49:02.999
they talked about how, you know,[br]they had broken Tor, “You’re not safe
0:49:02.999,0:49:05.750
on the Dark Web”. We don’t even use the[br]term ‘Dark Web’. That’s how you know
0:49:05.750,0:49:13.509
that they’re full of shit. But it’s…[br]applause
0:49:13.509,0:49:18.480
That’s sort of like when people have Tor[br]in all caps (?)(?)(?)(?)(?)(?), dark web,
0:49:18.480,0:49:22.809
that kind of stuff, this is a bad sign. But[br]the way they talk about it, it was clear
0:49:22.809,0:49:27.230
that they, as far as we can tell, they[br]don’t have that. But they really hyped it.
0:49:27.230,0:49:32.529
As much as they possibly could. I mean,[br]it is, effectively, and I think it is even
0:49:32.529,0:49:36.970
technically a psychological operation[br]against the civilian population. They
0:49:36.970,0:49:41.589
want to scare you into believing that Tor[br]doesn’t work. Because, in fact, it does work,
0:49:41.589,0:49:45.999
and it is a problem for them. So any time[br]they can ever have some kind of win-it-all
0:49:45.999,0:49:49.489
they always spin it as if they’re great,[br]powerful adversaries, and it’s
0:49:49.489,0:49:54.189
us-versus-them. And that’s exactly wrong.[br]It is not us-versus-them. Because we all
0:49:54.189,0:49:57.900
need anonymity. We all absolutely need[br]that. And they shouldn’t be treating us
0:49:57.900,0:50:02.819
as adversaries. They, in fact, are also[br]Tor users, quite ironically. So it is
0:50:02.819,0:50:06.150
interesting though, because they know that[br]they haven’t done that. But they don’t
0:50:06.150,0:50:09.059
want you to know that they haven’t done[br]that. In fact, they want you to know
0:50:09.059,0:50:11.529
the opposite. Of course we could be[br]wrong. They could have some
0:50:11.529,0:50:17.989
super-secret exploit, but as far as we can[br]tell that just is not the case. So, what’s
0:50:17.989,0:50:20.920
to be learned from this? We used to think[br]it was just American law enforcement
0:50:20.920,0:50:24.709
that were scary jerks. Now it’s also[br]European. I don’t know if that’s
0:50:24.709,0:50:28.670
the right buzzing(?). But hopefully some[br]of you will go and work at Europol,
0:50:28.670,0:50:31.929
and tell us what’s really going on.
0:50:31.929,0:50:37.739
applause
0:50:37.739,0:50:42.799
Roger: Speaking of Hidden Services. We[br]have a new design in mind, that will have
0:50:42.799,0:50:47.839
some stronger crypto properties, and make[br]it harder to enumerate Hidden Services.
0:50:47.839,0:50:52.059
It won’t solve some of the big anonymity[br]questions that are still open research
0:50:52.059,0:50:55.640
questions. But there are a lot of[br]improvements we’d like to make,
0:50:55.640,0:50:59.789
to make the crypto more secure, and[br]performance changes etc. And we’d been
0:50:59.789,0:51:04.529
thinking about doing some sort of crowd[br]funding, kickstarter-like thing, to make
0:51:04.529,0:51:08.630
Hidden Services work better. We’ve got[br]a funder who cares about understanding
0:51:08.630,0:51:12.790
Hidden Services, but that’s not the same[br]as actually making them more secure.
0:51:12.790,0:51:17.329
So we’d love to chat with you after this[br]about how to make one of those
0:51:17.329,0:51:19.839
kickstarters actually work.
0:51:19.839,0:51:25.529
Jacob: Right, so, if you have questions[br]we have some amount of time for questions.
0:51:25.529,0:51:28.489
And while you line up at the microphone[br]I’ll tell you a quick story. So if you
0:51:28.489,0:51:31.120
have questions please line up at the[br]microphone, so we can do this.
0:51:31.120,0:51:34.010
This is a picture of a man who was[br]assassinated in San Francisco.
0:51:34.010,0:51:36.509
His name is Harvey Milk. Anybody[br]here – ever hear of Harvey Milk?
0:51:36.509,0:51:38.809
applause
0:51:38.809,0:51:43.319
Great. Harvey Milk was basically the[br]first out-gay politician in, I think,
0:51:43.319,0:51:47.569
the United States. He was a city council[br]member in San Francisco. And this was
0:51:47.569,0:51:52.059
during a huge fever pitch apora (?) where…[br]basically it was the battle between:
0:51:52.059,0:51:56.999
“Are people who are gay people or not?”[br]And what he said is: Go home and
0:51:56.999,0:52:00.190
tell your brothers, your mothers, your[br]sisters, your family members and
0:52:00.190,0:52:03.890
your co-workers that you’re gay. Tell[br]them that, so that when they advocate
0:52:03.890,0:52:08.549
for violence against gay people, when[br]they advocate for harm against you
0:52:08.549,0:52:13.609
that they know they’re talking about you.[br]Not an abstract boogieman. But someone
0:52:13.609,0:52:18.790
that they actually know, and that they[br]love. We need every person in this room,
0:52:18.790,0:52:22.699
every person watching this video later to[br]go home and talk about how you needed
0:52:22.699,0:52:26.749
anonymity, for 5 or 10 minutes. How you[br]needed it every day to do your job.
0:52:26.749,0:52:30.949
We need people to reach out. Now that’s[br]a sad story with Harvey Milk which is
0:52:30.949,0:52:33.760
that he and mayor Moscone of San[br]Francisco were actually killed by
0:52:33.760,0:52:38.539
a very crazy person, that was also in city[br]government, in the American traditional
0:52:38.539,0:52:43.549
extreme gun violence. He was shot and[br]killed. And that person actually got away
0:52:43.549,0:52:48.049
with it. The so-called ‘Twinkie defense’.[br]So we’re not trying to draw that parallel.
0:52:48.049,0:52:53.220
Just to be clear please don’t shoot us and[br]kill us! Not even funny, unfortunately.
0:52:53.220,0:52:57.890
But to understand that we are really[br]under threat, a lot of pressure. There’s
0:52:57.890,0:53:02.410
a lot of pressure. We get pressure from[br]law enforcement investigation agencies
0:53:02.410,0:53:08.239
to backdoor Tor, and we tell them:[br]“No”, and that takes a lot of stress
0:53:08.239,0:53:12.079
and dumps it on us. And we need support[br]from a lot of people, to tell them
0:53:12.079,0:53:16.459
to back off. It can’t just be us that[br]say that. Or we will lose some day.
0:53:16.459,0:53:20.499
And there are also very scary adversaries[br]that do not care at all about the law.
0:53:20.499,0:53:25.000
Not that those guys care about the law but[br]really don’t care about the law at all.
0:53:25.000,0:53:29.430
And we need people to understand how[br]important anonymity is, and make sure
0:53:29.430,0:53:35.040
that that goes into every conversation.[br]So really, go home and teach your friends
0:53:35.040,0:53:38.489
and your family members about your[br]need for anonymity. This lesson
0:53:38.489,0:53:42.299
from Harvey Milk was very useful. It is[br]the case that now, in California where
0:53:42.299,0:53:46.180
there is a huge fever pitch (?) battle about[br]this that you can e.g. be gay and be
0:53:46.180,0:53:50.760
a school teacher. That was one of the[br]battles that Harvey Milk helped win.
0:53:50.760,0:53:58.759
applause
0:53:58.759,0:54:02.520
So, with that I think[br]that we have time for…
0:54:02.520,0:54:06.200
Herald: Yeah, we have like 10 minutes left[br]for questions. So, thank you so much
0:54:06.200,0:54:09.689
for the talk! It’s really inspiring.[br]Thank you for keeping up the work!
0:54:09.689,0:54:17.259
applause
0:54:17.259,0:54:20.233
Really! Although you do this every year[br]it never gets old. And I think your…
0:54:20.233,0:54:24.119
every year you give people the chance to[br]leave the Congress with a feeling of hope
0:54:24.119,0:54:26.869
and purpose. So, thank you so much for[br]everything you do and every minute
0:54:26.869,0:54:30.489
you spend on this project. So we start[br]with a question from the internet.
0:54:30.489,0:54:32.339
applause
0:54:32.339,0:54:34.739
Jacob: We’d like to take a few questions[br]from the internet all at once,
0:54:34.739,0:54:36.889
if possible, so we can try to answer[br]them as quickly as possible.
0:54:36.889,0:54:38.469
Signal Angel: Okay.[br]Herald: Alright.
0:54:38.469,0:54:41.569
Signal Angel: So, the first one: Yesterday[br]you said that SSH is broken. So
0:54:41.569,0:54:45.719
what should we use to safely[br]administrate our Tor relays?
0:54:45.719,0:54:49.950
Jacob: Hah! That’s great. So,[br]first of all! Next set of questions!
0:54:49.950,0:54:53.259
Signal Angel: So the next one is: How much[br]money would be needed to get independent
0:54:53.259,0:54:56.170
from Government funding,[br]and is that even desired?
0:54:56.170,0:54:59.229
Jacob: Ah, do you want me to do both?[br]Roger: Sure.
0:54:59.229,0:55:00.529
Jacob: Okay.[br]Signal Angel: Hope so.
0:55:00.529,0:55:05.579
Jacob: Okay. First question: Consider[br]using a Tor Hidden Service, and then
0:55:05.579,0:55:09.079
SSH’ing into that Tor Hidden Service.[br]Composition of cryptographic components
0:55:09.079,0:55:15.680
is probably very important. A detail about[br]SSH: We don’t know what is going on.
0:55:15.680,0:55:19.299
We only know what was claimed in those[br]documents. That’s a really scary claim.
0:55:19.299,0:55:24.170
This creates a political problem. The U.S.[br]Congress and other political bodies
0:55:24.170,0:55:27.680
should really be asking the secret[br]services if they really have a database
0:55:27.680,0:55:31.160
called CAPRI OS where they store[br]SSH decrypts. And how they populate
0:55:31.160,0:55:35.209
that database. Because that is critical[br]infrastructure. We can’t solve that problem
0:55:35.209,0:55:39.259
with the knowledge that we have right now.[br]But we know now: There is a problem.
0:55:39.259,0:55:42.520
What is that problem? So, composition[br]of those systems: It seems to be,
0:55:42.520,0:55:45.899
the documents say that they haven’t broken[br]the crypto in Tor Hidden Services. So
0:55:45.899,0:55:51.499
put those two together. And also consider[br]that cryptography only buys you time.
0:55:51.499,0:55:55.640
It really isn’t the case that all the[br]crypto we have today is going to be good
0:55:55.640,0:55:59.579
maybe in 150 years. If Sci-Fi quantum[br]computers ever come out, and they
0:55:59.579,0:56:03.119
actually work, Shor’s algorithm and[br]other things really seem to suggest
0:56:03.119,0:56:07.160
we have a lot of trouble ahead. And the[br]second part, about money: Yeah, we would
0:56:07.160,0:56:10.999
love to replace Government funding. I mean[br]at least I would. But that isn’t to say
0:56:10.999,0:56:14.549
that we don’t respect that there are[br]people that do fund us to do good things.
0:56:14.549,0:56:20.099
We do take money from agencies who e.g.[br]the Department of Human Rights and Labor,
0:56:20.099,0:56:22.470
at the State Department. They’re sort of[br]like the advertising arm for the
0:56:22.470,0:56:26.519
gun-running part of the State Department,[br]as Julian Assange would say. And they
0:56:26.519,0:56:30.029
actually care about Human Rights. They[br]care that you have access to anonymity.
0:56:30.029,0:56:35.039
It’s weird because the State Department[br]– the rest of it – might not care. But,
0:56:35.039,0:56:38.670
we really, really would like to off-set[br]that money. But we’d like to grow.
0:56:38.670,0:56:42.959
We’d like to be able to hire 100 people[br]in this room to work on this full-time.
0:56:42.959,0:56:47.999
Because the planet needs anonymity. But[br]that requires that we find that money.
0:56:47.999,0:56:52.219
And the best place at the moment is by[br]writing grant proposals. And that is how
0:56:52.219,0:56:55.539
we have in fact done that. And that[br]allows us also to operate openly.
0:56:55.539,0:56:59.599
So we don’t have e.g. clearances. And we[br]try to publish everything we can about it.
0:56:59.599,0:57:03.539
And if you ever write a FOIA we always[br]tell the agency that has received the
0:57:03.539,0:57:09.480
Freedom Of Information request: Give the[br]requestor everything. Give it all to them.
0:57:09.480,0:57:13.280
We have nothing to hide about this, we[br]want you to see that. We want you to see
0:57:13.280,0:57:17.059
that when a government agency has paid[br]us money that we have done it for THIS
0:57:17.059,0:57:20.700
line item, and THIS line item. And we’ve[br]done it as well as we could do it, and
0:57:20.700,0:57:24.420
it is in line with the open research, and[br]we have really done a good thing,
0:57:24.420,0:57:26.250
that helps people.
0:57:26.250,0:57:30.979
Roger: So I’d love to diversify our[br]funding. I’d love to have foundations,
0:57:30.979,0:57:37.929
I’d love to have the EFF model where[br]individuals fund because we do great things
0:57:37.929,0:57:42.839
– look at what we did over the past year –[br]and in fact, right here: Look at what we
0:57:42.839,0:57:46.660
did over the past year. We’ve done so[br]amazing things, we’re gonna do some more
0:57:46.660,0:57:50.849
amazing things next year. We need your[br]help to actually make all of this happen.
0:57:50.849,0:57:55.229
Jacob: Anybody here[br]a Bitcoin millionaire?
0:57:55.229,0:57:57.340
Because we now take Bitcoin!
0:57:57.340,0:58:02.630
applause
0:58:02.630,0:58:05.260
Herald: Alright, let’s take[br]a question from microphone 1.
0:58:05.260,0:58:09.180
Question: Just a short question:[br]is there a follow-up on the
0:58:09.180,0:58:14.539
Thomas White tor-talk mailing list thing?
0:58:14.539,0:58:18.579
Roger: So, Thomas White runs a few exit[br]relays. Some of them are quite large,
0:58:18.579,0:58:24.519
I’m very happy he does that. It is quite[br]normal for exit relays to come and go.
0:58:24.519,0:58:29.470
He is in England, and as far as I can tell[br]England is not a very good place to be
0:58:29.470,0:58:36.249
these days. But he’s trying to fix his[br]country from inside which is really great.
0:58:36.249,0:58:40.920
Basically the short version is: It’s not[br]a big deal. He runs some exit relays,
0:58:40.920,0:58:45.160
somebody tries to take them down, there[br]are 6000 relays in the network right now,
0:58:45.160,0:58:48.609
they go up and down, it’s normal.
0:58:48.609,0:58:52.630
Question: Is this related to the Tor[br]blog post, that Thomas White thing,
0:58:52.630,0:58:55.380
where you said there’s an upcoming…
0:58:55.380,0:58:59.630
Roger: It is unrelated, except for the[br]fact that everybody was watching.
0:58:59.630,0:59:03.130
So then, when he wrote a tor-talk mail[br]saying “Hey, I’m concerned about my
0:59:03.130,0:59:06.760
exit relays”, suddenly all the journalists[br]said: “Oh my god, they must be
0:59:06.760,0:59:09.069
the same thing!” So, no, unrelated!
0:59:09.069,0:59:11.180
Jacob: There are a lot of people that[br]have been attacking the Tor network.
0:59:11.180,0:59:13.940
You’ve probably seen there’ve been[br]Denial-of-Service attacks, and things
0:59:13.940,0:59:18.029
like that on the Tor directory[br]authorities. This is what I was saying
0:59:18.029,0:59:22.319
one or two slides ago when I said “Please[br]tell people the value of Tor, and that
0:59:22.319,0:59:26.789
you need it”. Because when people do[br]Denial-of-Service attacks, when they see
0:59:26.789,0:59:30.709
servers, we really need, in a peer2peer[br]network way, to draw up more relays
0:59:30.709,0:59:34.449
to actually increase the bandwidth[br]capacity, to increase the exit capacity.
0:59:34.449,0:59:38.609
And it’s very important to do that. Right?[br]I mean it’s very, very serious that
0:59:38.609,0:59:41.670
those things happen. But it’s also[br]important that the design of the network
0:59:41.670,0:59:45.099
is designed with the expectation that[br]thieves will steal computer systems,
0:59:45.099,0:59:50.749
that jerks will denial-of-service them[br]etc. So if you can run an exit relay,
0:59:50.749,0:59:53.789
thank you! Thank you for doing that.[br]Next question?
0:59:53.789,0:59:55.869
applause[br]Herald: Yeah. Let’s take a question
0:59:55.869,0:59:56.890
from microphone 2.
0:59:56.890,1:00:00.979
Question: First of all a quick shoutout to[br]your Ooni friend. Please don’t ask people
1:00:00.979,1:00:06.299
to run arbitrary code over the internet.[br]Curl-piper’s age (?) is not good style.
1:00:06.299,1:00:09.829
Roger: There’s a deb (?) that we’re working[br]on also that should be a lot better.
1:00:09.829,1:00:13.000
Jacob: Yeah, ‘apt-get install ooniprobe’[br]will also work.
1:00:13.000,1:00:18.510
Question: Do you have any plans[br]of implementing IPv6, finally?
1:00:18.510,1:00:24.839
Jacob: So there is IPv6, so Linus[br]Nordberg, one of the finest Tor people
1:00:24.839,1:00:32.029
I’ve ever met, he, in fact, helped add[br]IPv6 support, initial IPv6 support
1:00:32.029,1:00:36.809
to the Tor network. So, e.g. you can,[br]in fact, exit through the Tor network
1:00:36.809,1:00:42.660
with IPv4 or IPv6. It is the case that the[br]Tor relays in the network still all need
1:00:42.660,1:00:48.559
IPv4, not just IPv6. My Tor directory[br]authority which runs in California,
1:00:48.559,1:00:52.619
it has an IPv4 and an IPv6 address,[br]so if you have an IPv6 address you can
1:00:52.619,1:00:55.799
bootstrap, you can connect to that.[br]You could do some interesting
1:00:55.799,1:00:59.469
pluggable-transport stuff as well. So[br]that is on the road map. This is another
1:00:59.469,1:01:03.460
example of: If you really care about that[br]issue please send us your Bitcoins!
1:01:03.460,1:01:07.619
And it would be really fantastic because[br]we really want that! But right now,
1:01:07.619,1:01:12.640
you can use Tor as a v4-v6 gateway.[br]You really can do that, and we would
1:01:12.640,1:01:15.980
encourage that. It’s another example[br]of some kind of neat feature of Tor
1:01:15.980,1:01:18.289
which you would never think an[br]anonymity system would have.
1:01:18.289,1:01:23.079
Roger: And in Iran, right now, where IPv6[br]is not censored because the soft…
1:01:23.079,1:01:26.931
the censorship stuff they have from[br]America and Europe didn’t think
1:01:26.931,1:01:30.779
to censor IPv6…[br]laughter and applause
1:01:30.779,1:01:34.989
applause
1:01:34.989,1:01:41.079
so you can use a bridge right now in Iran[br]that connects over IPv6. Works great.
1:01:41.079,1:01:43.769
Jacob: Yeah. Next question?[br]Herald: Alright, microphone 4!
1:01:43.769,1:01:46.869
Question: So we heard lots of really[br]encouraging success stories about Tor
1:01:46.869,1:01:50.890
working against a global passive[br]adversary. But we know that Tor
1:01:50.890,1:01:54.819
wasn’t designed for this use case.[br]The question is: What needs to happen
1:01:54.819,1:01:59.099
in order for Tor to actually being[br]able to handle this, officially?
1:01:59.099,1:02:01.890
Is this just research, or some[br]more development work?
1:02:01.890,1:02:06.779
Roger: There’s a lot of really hard open[br]research questions there. So if you’re…
1:02:06.779,1:02:10.890
so, I get… basically one of the[br]issues is what we call the
1:02:10.890,1:02:15.190
end-to-end traffic correlation attack. So[br]if you can see the flow over here coming
1:02:15.190,1:02:18.699
into the Tor network, and you can see the[br]corresponding flow over here, coming out
1:02:18.699,1:02:23.020
of it, then you do some simple statistics,[br]and you say: “Hey, wait a minute, these
1:02:23.020,1:02:27.359
line up!” And there are a bunch of[br]different directions on how to make that
1:02:27.359,1:02:32.680
harder. Basically what you want to[br]do is drive up the false-positive rate.
1:02:32.680,1:02:37.660
So you see a flow here, and there are[br]actually 1000 flows that look like they
1:02:37.660,1:02:41.779
sort of match. And maybe you can do[br]that by adding a little bit of padding,
1:02:41.779,1:02:46.619
or delays, or batching or something. The[br]research, as we understand it right now,
1:02:46.619,1:02:51.049
means that you have to add hours[br]of delay, not seconds of delay.
1:02:51.049,1:02:56.739
That’s kind of crummy. So another way[br]of phrasing that: Imagine a graph,
1:02:56.739,1:03:02.670
the X axis is how much overhead[br]we’re adding. And the Y axis is
1:03:02.670,1:03:06.739
how much security we get against the[br]end-to-end correlation attack. We have
1:03:06.739,1:03:13.049
zero data points on that graph. We have[br]no idea what the curve looks like.
1:03:13.049,1:03:16.249
Jacob: There’s also another point which[br]is: Roger has an assumption. He says
1:03:16.249,1:03:20.809
if we have a high false-positive rate,[br]that that’s a good thing. Well, maybe,
1:03:20.809,1:03:23.440
maybe actually, that’s exactly the[br]wrong thing. Maybe the result is
1:03:23.440,1:03:27.630
that 1000 people get rounded up instead[br]of 1. The reality is that there is
1:03:27.630,1:03:31.030
no system that – as far as we know –[br]is actually safer than that. Of course
1:03:31.030,1:03:34.300
we would say that, we work on Tor. But as[br]an example: One of the XKeyscore things
1:03:34.300,1:03:37.890
that I’ve seen in this research which[br]we published in the NDR story is that
1:03:37.890,1:03:41.180
they were doing an attack on Hotspot Shield[br]where they were actually doing
1:03:41.180,1:03:45.299
traffic correlation where they were able[br]to de-anonymize VPN users because of
1:03:45.299,1:03:49.190
it’s a single hop. And then they were[br]also able to do Quantuminsert to attack
1:03:49.190,1:03:54.390
specific users using the VPN. We haven’t[br]seen evidence of them doing that to Tor.
1:03:54.390,1:03:57.680
That also doesn’t mean that every VPN[br]is broken. It just means that VPN
1:03:57.680,1:04:00.729
has a different threat model. There’s[br]lot of attacks that are like that, and
1:04:00.729,1:04:05.400
the problem is the internet is a dangerous[br]place. So, I mean, Banksy said it best:
1:04:05.400,1:04:09.229
He said, in the future people will be[br]anonymous for 15 minutes. And
1:04:09.229,1:04:13.249
I think he may have over-estimated[br]that. Depending on the attacker.
1:04:13.249,1:04:17.209
Roger: There’s a conference called the[br]Privacy Enhancing Technology Symposium,
1:04:17.209,1:04:21.390
petsymposium.org where all of the[br]Anonymous Communications researchers
1:04:21.390,1:04:26.619
get together each year to consider exactly[br]these sorts of research questions. So,
1:04:26.619,1:04:30.359
it’s not just an engineering question,[br]there’s a lot of basic science left
1:04:30.359,1:04:33.199
in terms of how to make[br]these things harder.
1:04:33.199,1:04:35.219
Herald: Alright, the last question[br]is one from the internet.
1:04:35.219,1:04:40.259
Signal Angel: Okay, so, does running[br]a Ooniprobe involve any legal risks?
1:04:40.259,1:04:43.249
Jacob: Okay, so, great! We can take[br]different questions, cause we’re gonna say
1:04:43.249,1:04:44.519
“Talk to Arturo!”
1:04:44.519,1:04:46.899
Herald: Alright, so, microphone 3!
1:04:46.899,1:04:51.549
Question: Okay, as a new[br]Tor relay operator I’ve got…
1:04:51.549,1:04:57.829
applause[br]Jacob: Take a bow!
1:04:57.829,1:05:04.209
Question: So, since about 2 months I run[br]3 relays, rather high bandwidth, and
1:05:04.209,1:05:10.380
on 2 of these I had quite strange things[br]happen. One case: A kernel crash in the
1:05:10.380,1:05:16.640
Intel e1000 driver, the other one having[br]the top-of-the-rack switch just reboot,
1:05:16.640,1:05:22.199
which is by the way a Juniper switch.[br]So I’m kind of concerned about this
1:05:22.199,1:05:26.390
operational security. You[br]know, could you trust that?
1:05:26.390,1:05:31.779
Jacob: Yeah, absolutely. So the short[br]version of it is: Agencies like the NSA,
1:05:31.779,1:05:34.920
depending on where you’re located, might[br]compromise something like your Juniper
1:05:34.920,1:05:38.859
switch upstream. They sit on Zerodays[br]for critical infrastructure, that includes
1:05:38.859,1:05:44.740
core routers, and switches. But[br]it may not be such a big thing.
1:05:44.740,1:05:49.670
It really depends on where you’re located.[br]It could also be that the hardware sucks.
1:05:49.670,1:05:52.790
laughter[br]And that the software is not good. And
1:05:52.790,1:05:56.839
when you, of course, are pushing,[br]let’s say gigabits of traffic through it
1:05:56.839,1:06:01.789
it falls over. It’s really hard to know.[br]That’s a really good question,
1:06:01.789,1:06:07.080
which is very specific, and kind of[br]hard for us to address without data.
1:06:07.080,1:06:13.070
Question: Sorry, I’m concerned that the[br]attack, like this, you know, they could,
1:06:13.070,1:06:17.939
actually, compromise the machine without[br]knowing, or compromise the exact uplink.
1:06:17.939,1:06:21.650
And this would actually be a viable[br]attack, like very low-key,
1:06:21.650,1:06:24.489
you don’t see it, as [an] operator,[br]maybe, if you’re not very careful.
1:06:24.489,1:06:28.079
And you can watch all the traffic[br]going inside, going outside the box.
1:06:28.079,1:06:32.769
Jacob: It would be fantastic[br]if you can prove that theory.
1:06:32.769,1:06:36.959
Because, of course, if you can, maybe we[br]can find other information that allows us
1:06:36.959,1:06:41.019
to stop those types of things to[br]happen, or e.g. can in some way
1:06:41.019,1:06:45.660
allow us to fix the problems that are[br]being exploited. The reality is that
1:06:45.660,1:06:48.630
general purpose computers[br]are quite frankly not very secure,
1:06:48.630,1:06:51.759
and special purpose computers[br]aren’t doing much better.
1:06:51.759,1:06:55.140
Roger: I worry not only about active[br]attacks like that but about passive attacks
1:06:55.140,1:06:59.269
where they already have some sort of[br]surveillance device up-stream from you
1:06:59.269,1:07:03.939
in you co-location facility, or something[br]like that. So, yes. These are all
1:07:03.939,1:07:09.859
really big concerns. One of the defenses[br]that Tor has is diversity around the world.
1:07:09.859,1:07:14.199
So, hopefully they won’t be able to do[br]that to all of the relays. But yeah,
1:07:14.199,1:07:16.769
this is a big issue. We should[br]keep talking about it.
1:07:16.769,1:07:20.589
Herald: Alright, I just wanna come back[br]to the question before, for a second.
1:07:20.589,1:07:22.719
Because there was a question from the[br]internet. So the people are not able
1:07:22.719,1:07:27.949
to talk. Ooniprobe guy, hey, could you[br]maybe answer the question, like,
1:07:27.949,1:07:30.640
right now, or maybe on Twitter,[br]or post a link or something?
1:07:30.640,1:07:33.390
Because I happen to believe that[br]it’s a very important question.
1:07:33.390,1:07:35.640
You remember the question?[br]If there are legal restric…
1:07:35.640,1:07:40.809
Arturo: Yeah well, I mean the thing is[br]that we don’t really know like what are
1:07:40.809,1:07:43.049
the… who was it that[br]was asking the question?
1:07:43.049,1:07:46.049
Jacob: The internet?[br]Arturo: Ah, the internet. Okay.
1:07:46.049,1:07:51.099
laughter and applause[br]Jacob laughs
1:07:51.099,1:07:58.660
So I guess we can’t know all of the[br]legal risks involved in every country.
1:07:58.660,1:08:02.609
It is definitely the case that in some[br]countries you may get in trouble
1:08:02.609,1:08:11.039
for visiting some websites that are[br]considered illegal. So, I can go
1:08:11.039,1:08:16.189
in more detail into this if you[br]come later to Noisy Square at 6.
1:08:16.189,1:08:17.670
Herald: The internet can’t[br]come, that’s the problem!
1:08:17.670,1:08:20.240
Arturo: Ah, the internet can’t come, shit![br]Okay! laughter
1:08:20.240,1:08:26.790
So,… laughs[br]applause
1:08:26.790,1:08:29.440
Jacob: There’re a lot of jokes in that!
1:08:29.440,1:08:33.770
Arturo: The short answer is that you[br]should look at the test specifications,
1:08:33.770,1:08:38.920
that are written in English, and they have[br]at the bottom some notes that detail
1:08:38.920,1:08:46.190
what can be some of the risks involved.[br]But we are not lawyers. So we don’t know
1:08:46.190,1:08:50.939
what are the risks for all of the[br]countries. So you should probably speak
1:08:50.939,1:08:56.399
to somebody that knows about these things[br]in your country. And it’s experimental
1:08:56.399,1:09:03.069
software, and there are not many people[br]that are doing this. So we generally can’t
1:09:03.069,1:09:08.209
say. Hope that answers your question.[br]Question: Thanks a lot, yeah, thanks.
1:09:08.209,1:09:11.420
Herald: Alright, I guess, just to sum[br]it up: Be careful whatever you do.
1:09:11.420,1:09:15.719
laughter and applause[br]Alright, so, Jake was just asking
1:09:15.719,1:09:19.740
if maybe we could just gather a couple[br]of questions, and then ask about them
1:09:19.740,1:09:21.730
outside. Did I get that right?[br]Jacob: Yeah, so if everyone who is
1:09:21.730,1:09:25.459
at a microphone, disperse to the correct[br]microphone, if you could just ask all your
1:09:25.459,1:09:29.080
questions, then everyone else who’s here[br]that wants to hear the answers will know
1:09:29.080,1:09:32.040
that you should stick around and talk[br]to us afterwards. We won’t answer
1:09:32.040,1:09:34.660
all these questions unless there’s[br]a really burning one. But that way
1:09:34.660,1:09:37.000
the guys that are standing at the[br]microphone, or the gals that are
1:09:37.000,1:09:40.470
standing at the microphone or other, can[br]actually ask them right now, and if you’re
1:09:40.470,1:09:43.399
interested come and find us right[br]afterwards. We’re going to probably
1:09:43.399,1:09:46.880
go to the tea house upstairs, or[br]maybe I shouldn’t have said that.
1:09:46.880,1:09:49.089
laughter[br]Herald: Alright, so we’re gonna do it
1:09:49.089,1:09:51.449
like this. We’re gonna rush through this.[br]And we’re just gonna hear a lot of
1:09:51.449,1:09:55.920
interesting questions, but no answers. If[br]you wanna hear the answers stay tuned
1:09:55.920,1:10:00.090
and don’t switch the channel. So we take[br]a couple of questions. Microphone 5.
1:10:00.090,1:10:03.600
And be quick about it.[br]Question: In regards to robustness and
1:10:03.600,1:10:07.190
the Mozilla partnership: Are there any[br]thoughts about incrementally replacing
1:10:07.190,1:10:10.540
the C++ infrastructure[br]with Rust? Eventually?
1:10:10.540,1:10:14.680
Herald: Microphone 4![br]Is it open, microphone 4?
1:10:14.680,1:10:22.980
Question: Can you compare Tor with JAP[br]from TU Dresden in aspects of anonymity?
1:10:22.980,1:10:25.790
Herald: Okay, the other[br]guy at microphone 4!
1:10:25.790,1:10:29.740
Question: To your knowledge has anyone got[br]into trouble for running a non-exit relay?
1:10:29.740,1:10:32.950
And do you have any tips for people that[br]wanna help by running a non-exit relay?
1:10:32.950,1:10:34.860
Herald: Okay, microphone 1, 2 guys.
1:10:34.860,1:10:39.020
Question: I have a question, or[br]a suggestion for the funding problematic.
1:10:39.020,1:10:43.660
Have you… you’re teaming up with Mozilla,[br]have you ever considered like producing
1:10:43.660,1:10:47.960
own smartphones, because there’s a huge[br]margin. I also think there’s a problem
1:10:47.960,1:10:55.500
like… why most people don’t use[br]cryptography is because there’s no
1:10:55.500,1:11:01.010
easy-to-use, out-of-the-box, cool product[br]that’s like… that goes out and has a story
1:11:01.010,1:11:02.810
or anything, like the marketing on Apple.
1:11:02.810,1:11:05.310
Herald: Alright, the other[br]guy at microphone 1.
1:11:05.310,1:11:09.900
Question: So a couple of minutes before[br]the talk started someone did a Sibyl (?)
1:11:09.900,1:11:14.110
attack on Tor. And we should fix that[br]a.s.a.p. So please don’t disappear
1:11:14.110,1:11:17.450
for the next few hours.[br]Jacob rages, laughing, theatrically
1:11:17.450,1:11:19.030
Thanks!
1:11:19.030,1:11:21.840
Roger: It never ends.[br]Jacob: It never ends!
1:11:21.840,1:11:24.320
Herald: Alright. Two questions[br]from microphone 3.
1:11:24.320,1:11:27.870
Question: So when they took[br]down Silkroad they took
1:11:27.870,1:11:31.670
a lot of Bitcoins with them. I wonder[br]what the [U.S.] Government is doing
1:11:31.670,1:11:34.690
with the large amount of anonymized cash.
1:11:34.690,1:11:37.220
Roger: They auctioned it off.[br]Jacob: They sell it. Next question.
1:11:37.220,1:11:39.240
Question: And I think they[br]should give it to you.
1:11:39.240,1:11:41.810
Herald: Alright. Last question![br]Jacob: I fully agree!
1:11:41.810,1:11:45.810
Question: So to combat against the[br]‘misinformed journalists’ thing
1:11:45.810,1:11:50.550
why not have a dashboard, very[br]prominently displayed on the Tor Project
1:11:50.550,1:11:54.730
listing all of the academic, open[br]like known problems with Tor,
1:11:54.730,1:11:58.290
and always have the journalists go there[br]first to get the source of information,
1:11:58.290,1:12:00.400
rather than misunderstanding[br]academic research.
1:12:00.400,1:12:02.760
Jacob: Fantastic, so if you wanna know…
1:12:02.760,1:12:04.790
Herald: Alright, if you found any of these[br]questions interesting, and you’re also
1:12:04.790,1:12:08.940
interested in the answers stick around, go[br]to Noisy Square, speak to these two guys,
1:12:08.940,1:12:12.100
and get all your answers. Other than[br]that, you heard it a Brillion times, but:
1:12:12.100,1:12:15.980
go home, start a relay! My friends and I[br]did two years ago, after Jake’s keynote.
1:12:15.980,1:12:18.760
It’s really not that hard. You can make[br]a difference. And thank you so much,
1:12:18.760,1:12:20.300
for Roger and Jake, as every year!
1:12:20.300,1:12:27.500
applause
1:12:27.500,1:12:29.250
silent postroll titles
1:12:29.250,1:12:38.826
subtitles created by c3subtitles.de[br]in the year 2017. Join, and help us!