Return to Video

Jacob, arma: State of the Onion

  • 0:00 - 0:10
    silent 31C3 preroll titles
  • 0:10 - 0:16
    applause
  • 0:16 - 0:19
    Roger: Okay, hi everybody! I’m Roger
    Dingledine, and this is Jake Appelbaum.
  • 0:19 - 0:22
    And we’re here to tell you more
    about what’s going on with Tor
  • 0:22 - 0:26
    over the past year. We actually wanted
    to start out asking Laura to give us
  • 0:26 - 0:30
    a little bit of context from her
    perspective, about Citizenfour,
  • 0:30 - 0:34
    and the value of these sorts
    of tools to journalists.
  • 0:34 - 0:40
    applause
  • 0:40 - 0:46
    Laura: So. Am I live? Okay. Roger and Jake
    asked me to say a few things about Tor,
  • 0:46 - 0:50
    and what does it mean for investigative
    journalists. And I can say that certainly
  • 0:50 - 0:54
    the work that I’ve done, on working with
    disclosures by Edward Snowden, and
  • 0:54 - 0:59
    first communicating with him would not
    have been possible. Without the work
  • 0:59 - 1:03
    that these 2 people do. And that everybody
    [does] who contributes to the Tor network.
  • 1:03 - 1:06
    So I’m deeply grateful to everyone here.
  • 1:06 - 1:13
    applause
  • 1:13 - 1:17
    When I was communicating with Snowden
    for several months before I met him
  • 1:17 - 1:22
    in Hongkong we talked often about the Tor
    network, and it’s something that actually
  • 1:22 - 1:27
    he feels is vital for online
    privacy. And, to sort of
  • 1:27 - 1:31
    defeat surveillance. It’s really our
    only tool to be able to do that. And
  • 1:31 - 1:36
    I just wanted to tell one story about what
    happens when journalists don’t use it.
  • 1:36 - 1:39
    I can’t go into lots of details, but
    there’s a very well known investigative
  • 1:39 - 1:43
    journalist who was working on a story.
    He had a source. And the source was
  • 1:43 - 1:48
    in the Intelligence community. And he had
    done some research on his computer,
  • 1:48 - 1:53
    not using Tor. And I was with him when
    he got a phone call. And on the phone,
  • 1:53 - 1:57
    the person was saying: “What the fuck were
    you doing looking up this, this and this?”
  • 1:57 - 2:01
    And this is an example of what
    happens when Intelligence agencies
  • 2:01 - 2:05
    target journalists. So without Tor
    we literally can’t do the work that
  • 2:05 - 2:09
    we need to do. So thank you,
    and please support Tor! Thanks!
  • 2:09 - 2:11
    applause
  • 2:11 - 2:17
    Roger: Well, thank you!
    continued applause
  • 2:17 - 2:22
    Jacob: So to follow-up on what Laura
    has just said: We think it’s important
  • 2:22 - 2:26
    to really expand, not just into the
    technical world, or to talk about
  • 2:26 - 2:31
    the political issues in some abstract
    sense. But also to reach out to culture.
  • 2:31 - 2:34
    So in this case, this is a picture in the
    Reina Sofia which is one of the largest
  • 2:34 - 2:38
    museums in Spain. And that in the middle
    is Mason Juday, and Trevor Paglen,
  • 2:38 - 2:42
    and that’s me on the right. And the only
    time you’ll ever find me on the right!
  • 2:42 - 2:47
    And so it is the case that this is
    a Tor relay. It’s actually 2 Tor relays
  • 2:47 - 2:51
    running on the open hardware device
    Novena, made by bunny and Sean.
  • 2:51 - 2:55
    And it’s actually running as a middle
    relay now, but it may in some point
  • 2:55 - 3:00
    with one configuration change become
    an exit relay. And it is the case that
  • 3:00 - 3:06
    the Reina Sofia is hosting this Tor relay.
    So, now, if… so we live in capitalism…
  • 3:06 - 3:11
    applause
  • 3:11 - 3:15
    So it is the case that if the Police wanna
    seize this relay they got to buy it
  • 3:15 - 3:17
    like every other piece
    of art in the museum.
  • 3:17 - 3:24
    laughter and applause
  • 3:24 - 3:27
    And part of the reason that we’re
    doing this kind of stuff – at least
  • 3:27 - 3:31
    that piece of art which I did with Trevor
    and Mason and Leif Ryge who is also
  • 3:31 - 3:36
    in this room, and Aaron Gibson, also in
    this room – is because we think that
  • 3:36 - 3:40
    culture is important. And we think that
    it’s important to tie the issue of anonymity
  • 3:40 - 3:43
    not just as an abstract idea but as an
    actual thing that is representative
  • 3:43 - 3:47
    not only of our culture but of the world
    we want to live in, overall. For all the
  • 3:47 - 3:52
    cultures of the world. And so, for that
    reason we also have quite recently
  • 3:52 - 3:57
    been thinking a lot about social norms.
    And it is the case that there’s a person
  • 3:57 - 4:01
    in our community, and many persons in our
    community that have come under attack.
  • 4:01 - 4:05
    And have been deeply harassed.
    And we think that that sucks!
  • 4:05 - 4:09
    And we don’t like that. Even though we
    promote anonymity without any question,
  • 4:09 - 4:13
    i.e. no backdoors ever, and we’ll
    get back to that in a minute,
  • 4:13 - 4:16
    it is the case that we really
    want to promote ‘being
  • 4:16 - 4:19
    excellent to each other’. In the
    sort of spirit of Noisebridge!
  • 4:19 - 4:26
    applause
  • 4:26 - 4:29
    And it’s still a little bit American-centric
    but you can get the basic idea.
  • 4:29 - 4:33
    It applies to Europe as well. Just replace
    ‘First Amendment’ with some of your local law.
  • 4:33 - 4:37
    Or a local constitutional right. It isn’t
    the case that we’re saying that you
  • 4:37 - 4:40
    shouldn’t have the right to say things.
    But we are saying “Get the fuck out
  • 4:40 - 4:43
    of our community if you’re going
    to be abusive to women!”
  • 4:43 - 4:51
    applause and cheers
  • 4:51 - 4:55
    And you’ll note that I used the word
    ‘Fuck’ to say it. And I’m sorry about that.
  • 4:55 - 4:59
    Because the point is we all make mistakes.
    And we want to make sure that while
  • 4:59 - 5:03
    it’s true that we have transgressions we
    want to make sure that we can find
  • 5:03 - 5:07
    a place of reconciliation, and we can
    work towards conflict resolution.
  • 5:07 - 5:11
    And it’s important at the same time to
    recognize that there are people who’s
  • 5:11 - 5:16
    real lives are harmed by harassment
    online. In this case one of the people
  • 5:16 - 5:20
    is in this audience. And I hope that they
    won’t mind being named. But we want
  • 5:20 - 5:24
    to give her a shoutout and say
    that we stand behind her 100%.
  • 5:24 - 5:25
    Roger: Yeah, so, …
  • 5:25 - 5:33
    applause
  • 5:33 - 5:38
    So one of our developers on core Tor,
    Andrea, has been harassed on Twitter
  • 5:38 - 5:42
    and elsewhere, really a lot more
    than should happen to anybody.
  • 5:42 - 5:46
    And there are a couple of points
    to make here. One of them is:
  • 5:46 - 5:50
    She’s a woman, and women online
    have been harassed for basically
  • 5:50 - 5:54
    since ‘online’ has existed. Not just
    women, other minorities, pretty much
  • 5:54 - 5:59
    all over the place. Especially recently
    things have been getting worse.
  • 5:59 - 6:05
    The other important point to realize:
    she’s not just being attacked because
  • 6:05 - 6:08
    she happens to be there. She’s being
    attacked because they’re trying to attack
  • 6:08 - 6:13
    the Tor project and all the other people
    in Tor. So, yes, she may be the focus
  • 6:13 - 6:17
    of some of the attacks but we - the rest
    of the Tor community, the rest of the
  • 6:17 - 6:22
    security community - need to stand up
    and take on some of this burden of
  • 6:22 - 6:26
    communicating and interacting,
    and talking about these issues.
  • 6:26 - 6:29
    We can’t just leave it
    to her to defend herself.
  • 6:29 - 6:38
    applause
  • 6:38 - 6:42
    Jacob: And so we want to set a particular
    standard which is that there are
  • 6:42 - 6:44
    lots of journalists that have a lot of
    questions. And we really think that
  • 6:44 - 6:48
    there are a lot of legitimate questions to
    ask. E.g. I think it sucks that we take
  • 6:48 - 6:52
    Department of Defense money, sometimes.
    And sometimes I also think it’s good that
  • 6:52 - 6:55
    people have the ability to feed
    themselves, and have the ability
  • 6:55 - 6:59
    to actually have a home and a family. Now,
    I don’t have those things, really. I mean
  • 6:59 - 7:03
    I can feed myself, but I don’t have a home
    or a family in the same way that, say,
  • 7:03 - 7:08
    the family people on side of Tor do. And
    they need to be paid. It is the case that
  • 7:08 - 7:12
    that is true. And that raises questions.
    Like I, personally, wouldn’t ever take
  • 7:12 - 7:17
    CIA money. And I think that nobody should.
    And I don’t think the CIA should exist.
  • 7:17 - 7:18
    But we have a diversity…
  • 7:18 - 7:22
    applause
  • 7:22 - 7:26
    …we have a diversity of funding because
    we have a diversity of users. And so that
  • 7:26 - 7:30
    raises a lot of questions. And I think
    people should ask those questions.
  • 7:30 - 7:32
    And Roger, and the rest of the Tor
    community feels that way, too. But
  • 7:32 - 7:37
    it’s important that we don’t single out
    a specific person. And, in particular,
  • 7:37 - 7:40
    to single out Andrea, again. She
    does not deserve all the heat about
  • 7:40 - 7:44
    some of the decisions that the
    Tor project as a non-profit makes.
  • 7:44 - 7:49
    She is a developer who is integral to
    Tor. If it was not for her a significant
  • 7:49 - 7:52
    portion of Tor would not exist. It
    would not be as bug free as it is.
  • 7:52 - 7:57
    And it would not be getting better all the
    time. So we want people to reach out
  • 7:57 - 8:02
    to this alias, if they actually want
    to talk, and have a forum where
  • 8:02 - 8:06
    the whole of Tor can really respond, and
    think about these things in a positive way,
  • 8:06 - 8:10
    and really engage with the press. In a way
    that we can manage; because at the moment
  • 8:10 - 8:14
    we get, I would say, 5 (on
    average) press requests every day.
  • 8:14 - 8:19
    That’s really a lot. And it is also the
    case that 4 of those requests
  • 8:19 - 8:24
    are very well phrased, extremely
    reasonable questions. And one of them is,
  • 8:24 - 8:28
    you know: “Why to
    choose to run Tor?” And
  • 8:28 - 8:32
    we should address all of them. We
    really should. And at the same time
  • 8:32 - 8:35
    we have to recognize that some of these
    people that are kind of harassing,
  • 8:35 - 8:38
    they might trigger me. That one will
    trigger me, and I would probably
  • 8:38 - 8:41
    write back with something kind of shitty.
    So we want to distribute the work in a way
  • 8:41 - 8:44
    where people will be nice. Even to the
    people that are unreasonable. Because
  • 8:44 - 8:48
    at the core – we need to be held to
    account, and we need people to look to us
  • 8:48 - 8:52
    about these things, and to ask us these
    hard questions. And so this is the address
  • 8:52 - 8:56
    to reach out to: [press@torproject.org].
    Not harassing Andrea online on Twitter.
  • 8:56 - 9:01
    Not coming after individual developers.
    Not posting crazy stuff on the mailing list.
  • 9:01 - 9:05
    Wait until we’ve actually talked to you,
    then post the crazy stuff on the mailing list.
  • 9:05 - 9:08
    Or wherever you’re going to post it. And
    then hopefully we can actually answer
  • 9:08 - 9:12
    the questions in a good faith-, helpful
    way. There’s no reason to talk about
  • 9:12 - 9:15
    conspiracy theories, we can just
    talk about the business plans.
  • 9:15 - 9:19
    And into that point wanna make it clear:
  • 9:19 - 9:23
    stop being an asshole to people in the
    community. But this is not negotiable.
  • 9:23 - 9:27
    We’re not saying because we don’t want
    you to harass people that we’re going
  • 9:27 - 9:31
    to backdoor Tor. That will never happen.
    You will find a bullet in the back of my head
  • 9:31 - 9:35
    before that happens. And maybe Roger’s,
    too. Depending on the order of operations.
  • 9:35 - 9:45
    laughter and applause
  • 9:45 - 9:48
    Roger: Okay, so we’re going to talk
    a little bit about the various things
  • 9:48 - 9:53
    we’ve done over the past year. To
    give you a very brief introduction to Tor:
  • 9:53 - 9:57
    Tor is an anonymity system. You’ve got
    Alice, the client over there. She builds
  • 9:57 - 10:01
    a path through 3 different relays
    around the world. And the idea is
  • 10:01 - 10:04
    that somebody watching her local
    network connection can’t figure out
  • 10:04 - 10:08
    what destination she’s going to. And
    somebody watching the destinations
  • 10:08 - 10:12
    can’t figure out where she’s coming
    from. And we have quite a few relays
  • 10:12 - 10:16
    at this point. Here’s a… the red line is
    the graph of the number of relays
  • 10:16 - 10:21
    we’ve had over the past year. For those
    of you who remember ‘Heartbleed’
  • 10:21 - 10:24
    you can see the big drop in April when
    we removed a bunch of relays that
  • 10:24 - 10:29
    had insecure keys. But this is not the
    interesting graph. The interesting graph
  • 10:29 - 10:36
    is ‘capacity over the past year’. And
    we’ve gone from a little over 6 GBps
  • 10:36 - 10:40
    of capacity up to more
    than 12 GBps of capacity.
  • 10:40 - 10:48
    applause
  • 10:48 - 10:52
    And as long as we can make the difference
    between those 2 lines big enough then
  • 10:52 - 10:56
    Tor performance is pretty good. But we rely
    on all of you to keep on running relays,
  • 10:56 - 11:01
    and make them faster etc. so that we
    can handle all the users who need Tor.
  • 11:01 - 11:06
    Okay, another topic. Deterministic
    builds. Mike Perry and Seth Schoen
  • 11:06 - 11:10
    did a great talk a few days ago. So you
    should go watch the stream on that!
  • 11:10 - 11:15
    The very short version is: We have
    a way of building Tor Browser so that
  • 11:15 - 11:19
    everybody can build Tor Browser
    and produce the same binary.
  • 11:19 - 11:23
    And that way you don’t have to worry about
    problems on your build machine and you can
  • 11:23 - 11:28
    actually check that the program we give
    you, really is based on the source code
  • 11:28 - 11:29
    that we say that it is.
  • 11:29 - 11:34
    Jacob: And this is of course important
    because we really don’t want to be
  • 11:34 - 11:38
    a focal point where someone comes
    after us and says: “You have to produce
  • 11:38 - 11:42
    a backdoored version”. So it’s very
    important because we do receive
  • 11:42 - 11:46
    a lot of pressure, from a lot of different
    groups. And we never want to cave.
  • 11:46 - 11:50
    And here’s how we think it is the
    case that we will never cave:
  • 11:50 - 11:54
    Free Software, open specifications,
    reproducible builds,
  • 11:54 - 11:58
    things that can be verified
    with cryptographic signatures.
  • 11:58 - 12:02
    That will not only keep us honest
    against the – what do you call it –
  • 12:02 - 12:05
    the angels of our better nature.
    I don’t believe in angels. But anyway.
  • 12:05 - 12:09
    The point is that it will keep us honest.
    But it will also keep other people at bay.
  • 12:09 - 12:13
    From trying to do something harmful to
    us. Because when something happens
  • 12:13 - 12:18
    you will be able to immediately find it.
    And Mike Perry, by the way, is incredible.
  • 12:18 - 12:25
    He probably hates that I’m saying his name
    right now. Sorry, Mike! Are you here?
  • 12:25 - 12:27
    laughter
    Bastard! laughs
  • 12:27 - 12:32
    But Mike Perry is a machine. He also
    has a heart! But he’s a machine.
  • 12:32 - 12:36
    And he’s incredible. And he has been
    working non-stop on this. And he is really
  • 12:36 - 12:40
    ground-breaking in not only doing
    this for Firefox but really thinking
  • 12:40 - 12:44
    about these hard problems, and
    understanding that if he was just building
  • 12:44 - 12:48
    this browser by himself, and he was
    doing it in a non-verifiable way
  • 12:48 - 12:51
    that it would really, actually be
    a serious problem. Because we distribute
  • 12:51 - 12:56
    this software. And so, I mean
    there is a reason that the NSA
  • 12:56 - 13:00
    calls Mike Perry a “worthy adversary”.
    And it is because he’s amazing!
  • 13:00 - 13:02
    applause
    So let’s give it up for Mike Perry!
  • 13:02 - 13:08
    ongoing applause
  • 13:08 - 13:12
    Roger: Not only that, but his work, along
    with Bitcoin’s work has pushed Debian
  • 13:12 - 13:16
    and Fedora, and other groups to work
    on reproducible builds as well. So,
  • 13:16 - 13:21
    hopefully the whole security
    community will get better!
  • 13:21 - 13:25
    applause
  • 13:25 - 13:29
    Jacob: And to the point about Citizenfour.
    One of the things that’s been happening
  • 13:29 - 13:33
    quite recently is that really respectable
    nice people like the people at Mozilla
  • 13:33 - 13:37
    have decided that they really want
    us to work together. Which is great.
  • 13:37 - 13:41
    Because we wanted to, and we have
    respected their work for a very long time.
  • 13:41 - 13:47
    And so Tor is now partnering with Mozilla.
    And that means that Mozilla, as a group,
  • 13:47 - 13:50
    will be running Tor relays. At first
    middle nodes, and then, hopefully,
  • 13:50 - 13:57
    we believe, exit relays. And that is
    huge because Mozilla is at the forefront
  • 13:57 - 14:02
    of doing a lot of work for end users. Just
    everyday regular people wanting privacy.
  • 14:02 - 14:08
    Things like DoNotTrack e.g.
    are a way to try to experiment.
  • 14:08 - 14:12
    Things like the Tor Browser a way to
    experiment even further. To really bring
  • 14:12 - 14:16
    Privacy-by-Design. And it’s amazing
    that Mozilla is doing that. And
  • 14:16 - 14:20
    we’ve made a partnership with them, and
    we’re hopeful, cautiously optimistic even,
  • 14:20 - 14:24
    that this is going to produce some very
    good results where our communities can
  • 14:24 - 14:28
    sort of fuse, and give Privacy-by-Design
    software to every person on the planet
  • 14:28 - 14:31
    with no exceptions whatsoever.
  • 14:31 - 14:38
    applause
  • 14:38 - 14:42
    Now we also have a couple of things
    that we would like to talk about,
  • 14:42 - 14:45
    just generally, that are a little bit
    technical. But at the same time
  • 14:45 - 14:49
    we wanna keep it accessible because
    we think that this talk, well, it’s useful
  • 14:49 - 14:52
    to talk about technical details. The most
    important thing is somebody who has
  • 14:52 - 14:55
    never heard of the Tor community before,
    who watches this video, we want them
  • 14:55 - 15:01
    to understand some of the
    details, and enough, let’s say,
  • 15:01 - 15:05
    technical understanding that they’ll be
    able to go and look it up if they want to,
  • 15:05 - 15:08
    but they’ll also understand we’re not
    just glossing over, completely.
  • 15:08 - 15:10
    So, pluggable transports are very
    important. Right now, the way
  • 15:10 - 15:16
    that Tor works is that we connect with an
    SSL/TLS connection. The protocol SSL/TLS,
  • 15:16 - 15:20
    one of the 2, depending on the client
    library, and the server library. And
  • 15:20 - 15:23
    that looks like an SSL connection, for
    the most part. But as some of you know
  • 15:23 - 15:28
    there are people on this planet
    they collect SSL and TLS data,
  • 15:28 - 15:32
    about everything flowing across the
    internet. That’s really a problem.
  • 15:32 - 15:37
    It turns out we thought in some cases
    that it was just censorship that mattered.
  • 15:37 - 15:40
    But it turns out broad classification
    of traffic is really, actually, a problem
  • 15:40 - 15:45
    not just for blocking but also for later
    doing identification of traffic flows.
  • 15:45 - 15:48
    So I’ve already lost the non-technical
    people in the audience, so, let me
  • 15:48 - 15:52
    rephrase that and say: We have these other
    ways of connecting to the Tor network.
  • 15:52 - 15:56
    And they don’t look just like a secure
    banking transaction. They look instead
  • 15:56 - 16:01
    like DNS, or HTTP – that is your regular
    web browsing or name resolution.
  • 16:01 - 16:05
    And we have a lot of different pluggable
    transports. And some of them are cool.
  • 16:05 - 16:08
    Some of them make it look like you’re
    connecting to Google. When in fact you’re
  • 16:08 - 16:11
    connecting to the Tor Project. And it’s
    because you, in fact, are connecting
  • 16:11 - 16:17
    to Google. Leif Ryge, are you
    in the room, here? Maybe, no?
  • 16:17 - 16:20
    This is really… you guys,
    and your anonymity!
  • 16:20 - 16:24
    laughter
    It is the case…
  • 16:24 - 16:27
    he showed this to me, I mentioned this to
    some other people and David Fifield,
  • 16:27 - 16:31
    I think, either independently rediscovered
    it. There’s also the GoAgent people
  • 16:31 - 16:35
    that discovered this. You can connect
    to Google with an SSL connection,
  • 16:35 - 16:38
    and the certificate will say:
    dadada.google.com. And you of course
  • 16:38 - 16:43
    verify it. And it is of course signed,
    probably by Adam Langley, personally.
  • 16:43 - 16:48
    And… maybe it’s just the Google
    CAs. And then you give it a different
  • 16:48 - 16:53
    HTTP host header. So you say: actually
    I wanna talk to Appspot. I wanna talk
  • 16:53 - 16:58
    to torbridge.appspot.com.
    And inside of the TLS connection,
  • 16:58 - 17:01
    which looks like it’s a connection to
    Google which is one of the most popular
  • 17:01 - 17:05
    websites on the internet you then make
    essentially an encrypted connection
  • 17:05 - 17:10
    through that. And then from there
    to the Tor network. Using Google,
  • 17:10 - 17:14
    but also Cloudflare – they don’t
    just provide you with captchas!
  • 17:14 - 17:19
    laughter and applause
    laughs
  • 17:19 - 17:23
    Poor Cloudflare guy! We were joking
    we should stand outside his office
  • 17:23 - 17:26
    and make him answer
    captchas to get in the door!
  • 17:26 - 17:30
    laughter and applause
  • 17:30 - 17:34
    All of those people clapping wish you
    would solve the Cloudflare captcha issue!
  • 17:34 - 17:40
    So it also works with other compute
    clusters. And other CDNs.
  • 17:40 - 17:43
    And so this is really awesome because
    it means that now you can connect
  • 17:43 - 17:47
    through those CDNs to the Tor network,
    using Meek (?) and other pluggable transports
  • 17:47 - 17:53
    like that. So that’s a huge win.
    And deploying it by default
  • 17:53 - 17:54
    – I think we have another slide for that…
  • 17:54 - 17:58
    Roger: Nope, that’s it!
    We’ve got a different one, yes.
  • 17:58 - 18:03
    So, one of the neat things about Meek (?) is:
    because it works on all these different
  • 18:03 - 18:08
    sorts of providers – Akamai
    and all the CDNs out there –
  • 18:08 - 18:13
    a lot of those are still reachable from
    places like China. Lots of our pluggable
  • 18:13 - 18:16
    transports don’t work so well in China,
    but meek does, at this point.
  • 18:16 - 18:20
    So there are a lot of happy users.
    Here’s a graph of an earlier
  • 18:20 - 18:24
    pluggable transport that we had,
    called ‘obfs3’. It still works in China,
  • 18:24 - 18:28
    and Iran, and Syria and lots
    of places around the world.
  • 18:28 - 18:32
    But the sort of blue/aqua line is
  • 18:32 - 18:37
    how much use we’ve seen of
    obfs3. And you can tell exactly
  • 18:37 - 18:42
    when we put out the new Tor browser
    release that had obfs3 built-in
  • 18:42 - 18:47
    and easy-to-use by ordinary people.
    So one of the really important pushes
  • 18:47 - 18:51
    we’ve been doing is trying to make
    – rather than trying to explain
  • 18:51 - 18:54
    how pluggable transports work, and
    teach you everything – just make them
  • 18:54 - 18:57
    really simple. Make them part of Tor
    browser, you just click on “My Tor
  • 18:57 - 19:02
    isn’t working so I wanna use some
    other way to make my Tor work”.
  • 19:02 - 19:06
    And we’ve got 10.000 people at this
    point who are happily using obfs3.
  • 19:06 - 19:11
    I think a lot of them are in
    Syria and Iran at this point.
  • 19:11 - 19:18
    applause
  • 19:18 - 19:21
    Something else we’ve been doing over
    the past year is working really hard
  • 19:21 - 19:26
    on improving the robustness,
    and testing infrastructure,
  • 19:26 - 19:30
    and unit tests for the core Tor
    source code. So Nick Mathewson
  • 19:30 - 19:34
    and Andrea Shepard in particular
    have been really working on robustness
  • 19:34 - 19:40
    to make this something we can rely
    on, as a building block in tails,
  • 19:40 - 19:44
    in Tor browser, in all the other
    applications that rely on Tor.
  • 19:44 - 19:47
    So in the background things were
    getting a lot stronger. Hopefully that
  • 19:47 - 19:52
    will serve us very well
    in the battles to come.
  • 19:52 - 19:59
    applause
  • 19:59 - 20:02
    Jacob: So this fine gentleman
    who was a teen heartthrob
  • 20:02 - 20:04
    on Italian television many years ago…
  • 20:04 - 20:07
    Arturo: Thank you for doxing me!
    Jacob: Sorry.
  • 20:07 - 20:08
    both laugh
  • 20:08 - 20:10
    If only you’d been using Tor!
  • 20:10 - 20:16
    Arturo: Yeah, TV over Tor. So…
    A project that we started a couple
  • 20:16 - 20:24
    of years ago with Jake is sort of related
    I guess to the Tor project’s goals of
  • 20:24 - 20:30
    increasing privacy and having a better
    understanding on how people’s lives
  • 20:30 - 20:35
    are impacted through technology. And this
    project is called OONI, or the ‘Open
  • 20:35 - 20:40
    Observatory of Network Interference’. And
    what it is, before being a piece of software
  • 20:40 - 20:46
    is a set of principles, and best practices
    and specifications written in English
  • 20:46 - 20:53
    for how it is best to conduct network
    related measurements. That sort of
  • 20:53 - 20:58
    measurements that we’re interested in
    running have to do with identifying
  • 20:58 - 21:04
    network irregularities. These are symptoms
    that can be a sign of presence of
  • 21:04 - 21:11
    surveillance or censorship, on the network
    that you’re testing. And we use
  • 21:11 - 21:16
    a methodology that has been peer-reviewed,
    of which we have published a paper.
  • 21:16 - 21:21
    It’s implemented using free software. And
    all of the data that we collect is made
  • 21:21 - 21:27
    available to the public. So that you can
    look at it, analyze it and draw your
  • 21:27 - 21:33
    own conclusions from it.
    applause
  • 21:33 - 21:38
    And so we believe that this effort is
    something that is helpful and useful
  • 21:38 - 21:43
    to people such as journalists, researchers,
    activists or just simple citizens that are
  • 21:43 - 21:49
    interested in being more aware, and have
    a better understanding that is based
  • 21:49 - 21:56
    on facts instead of just anecdotes, on
    what is the reality of internet censorship
  • 21:56 - 22:00
    in their country. And we believe that
    historical data is especially important
  • 22:00 - 22:06
    because it gives us an understanding of
    how these censorship and surveillance
  • 22:06 - 22:13
    apparatuses evolve over time. So
    I would like to invite you all to run
  • 22:13 - 22:22
    Ooniprobe today, if you copy and paste
    this command line inside of a Debian-based
  • 22:22 - 22:27
    system. Obviously… perhaps you should
    read what is inside it before running it.
  • 22:27 - 22:31
    applause
  • 22:31 - 22:35
    But once you do that you will have
    a Ooniprobe setup and you will be
  • 22:35 - 22:41
    collecting measurements for your country.
    If instead you would like to have
  • 22:41 - 22:47
    an actual hardware device we have a very
    limited number of them. But if you’re
  • 22:47 - 22:50
    from an interesting country and you’re
    interested in running Ooniprobe
  • 22:50 - 22:54
    we can give you a little Raspberry Pi with
    an LCD screen that you can take home,
  • 22:54 - 23:01
    connect to your network and adopt
    a Ooniprobe in your home network.
  • 23:01 - 23:09
    To learn more about this you should come
    later today at Noisy Square, at 6 P.M.
  • 23:09 - 23:12
    to learn more about it.
  • 23:12 - 23:13
    Roger: Thank you!
  • 23:13 - 23:18
    applause
  • 23:18 - 23:21
    Jacob: And, just to finish up here,
    I mean, OONI is a human rights
  • 23:21 - 23:26
    observation project which Arturo and
    Aaron Gibson – also somewhere in the room,
  • 23:26 - 23:32
    I’m sure he won’t stand up so I won’t even
    ask him. It’s great! Because we went from
  • 23:32 - 23:35
    a world where there was no open
    measurement, with only secret tools,
  • 23:35 - 23:39
    essentially, where people acted like
    secret agents, going in the countries
  • 23:39 - 23:42
    to do measurements. There wasn’t really
    an understanding of the risks that
  • 23:42 - 23:46
    were involved, how the tests function,
    where non-technical people could have
  • 23:46 - 23:51
    reasonable explanations. And now we have
    open measurement tools, we have open data
  • 23:51 - 23:55
    standards, we have really like a framework
    for understanding this as a human right
  • 23:55 - 23:59
    to observe the world around you. And then
    also to share that data, and to actually
  • 23:59 - 24:03
    discuss that data, what it means. And to
    be able to set standards for it.
  • 24:03 - 24:06
    And hopefully that means that people have
    informed consent when they engage
  • 24:06 - 24:11
    in something that could be risky, like running
    Ooni in a place like… that is dangerous
  • 24:11 - 24:13
    like the United States or Cuba,
    or something like China.
  • 24:13 - 24:18
    applause
    And so, Arturo personally though, is
  • 24:18 - 24:22
    the heart and soul of Ooni. And it is
    really important that we see that
  • 24:22 - 24:26
    the Tor community is huge. It’s really
    huge, it’s made up of a lot of people
  • 24:26 - 24:30
    doing a lot of different things. And part
    of Ooni is Tor. We need Tor to be able
  • 24:30 - 24:34
    to have a secure communications channel
    back to another system, we need that
  • 24:34 - 24:38
    so that people can log into these
    Ooniprobes e.g. over Tor Hidden Services.
  • 24:38 - 24:43
    That kind of fusion of things where we
    have anonymity but at the same time
  • 24:43 - 24:46
    we have this data set that is in some
    cases identifying, in some cases
  • 24:46 - 24:50
    it’s not identifying, depending on the
    test. We need an anonymous communications
  • 24:50 - 24:54
    channel to do that kind of human rights
    observation. And so… just so we can
  • 24:54 - 24:57
    make Arturo a little… feel a little
    appreciated I just wanna give him
  • 24:57 - 25:00
    another round of applause, for making this
    human rights observation project.
  • 25:00 - 25:08
    applause
    Jacob joins the applause
  • 25:08 - 25:13
    Roger: So I encourage all of you not only
    to run Ooniprobe in interesting places,
  • 25:13 - 25:18
    and in boring places because they might
    become interesting. But also to help write
  • 25:18 - 25:22
    new tests, and work on the design of these
    things, so that we can detect and notice
  • 25:22 - 25:27
    new problems on the internet more quickly.
    Something else we’ve been up to over
  • 25:27 - 25:33
    the past year is Tor Weekly News. We were
    really excited by Linux Weekly News etc.
  • 25:33 - 25:38
    and… so every week there’s a new
    blog post and mail that summarizes
  • 25:38 - 25:42
    what’s happened over the past week.
    We encourage you to look at all these.
  • 25:42 - 25:46
    A special shout-out to harmony and
    lunar for helping to make this happen
  • 25:46 - 25:48
    over the past year. Thank you!
  • 25:48 - 25:53
    applause
  • 25:53 - 25:57
    Jacob: Finally there’s a Tor list you can
    be on, that you really wanna be on!
  • 25:57 - 26:01
    Roger: Being on lists is good. One of the
    other features we’ve been really excited
  • 26:01 - 26:07
    about over the past year: EFF has been
    helping with Outreach. EFF ran
  • 26:07 - 26:11
    a Tor relay challenge to try to get a lot
    of people running relays. And I think
  • 26:11 - 26:17
    they have several thousand relays that
    signed up because of the relay challenge.
  • 26:17 - 26:20
    Pushing a lot of traffic.
    So that’s really great!
  • 26:20 - 26:23
    applause
  • 26:23 - 26:27
    And at the same time not only did they
    get a lot of more people running relays
  • 26:27 - 26:32
    but they also did some great advocacy
    and outreach for getting more exit relays
  • 26:32 - 26:36
    in universities, and basically teaching
    people why Tor is important. We all need
  • 26:36 - 26:40
    to be doing more of that! We’ll
    touch on that a little bit more later.
  • 26:40 - 26:44
    So you all I hope remember what was
    going on in Turkey, earlier this year.
  • 26:44 - 26:48
    Here’s a cool graph of Tor use in Turkey
    when they started to block Youtube
  • 26:48 - 26:52
    and other things. Then people realized,
    I need to get some tools to get around
  • 26:52 - 26:57
    that censorship. But you probably
    weren’t paying attention when Iraq
  • 26:57 - 27:01
    filtered Facebook, and suddenly a lot of
    people in Iraq needed to get some sort
  • 27:01 - 27:06
    of way to get around their censorship. So
    there are a bunch of interesting graphs
  • 27:06 - 27:10
    like this on the Tor Metrics project, of
    what’s been going on over the past year.
  • 27:10 - 27:13
    Jacob: And we actually…
    – if you could go back, yeah.
  • 27:13 - 27:18
    One thing that’s really interesting about
    this is: Karsten Loesing who is, I think,
  • 27:18 - 27:21
    also not going to stand up, maybe you
    will? Are you here? I don’t see you,
  • 27:21 - 27:26
    Karsten? No? No, okay. He does all
    the metrics, this anonymous, shadowy
  • 27:26 - 27:30
    metrics figure. And if you go to
    metrics.torproject.org you’ll see
  • 27:30 - 27:34
    open data that is properly anonymized
    – you would expect that from us –
  • 27:34 - 27:39
    as well as actual documents that explain
    the anonymity, the counting techniques,
  • 27:39 - 27:42
    that explain the privacy conserving
    statistics. And you can see these graphs,
  • 27:42 - 27:46
    you can generate them based on certain
    parameters. If you are interested
  • 27:46 - 27:50
    in seeing e.g. geopolitical events,
    and how they tie in to the internet,
  • 27:50 - 27:55
    this project is part of what inspired
    Ooni. This is how we get statistics
  • 27:55 - 27:58
    and interesting things about the Tor
    network itself. From Tor clients,
  • 27:58 - 28:02
    from Tor relays, from Tor bridges.
    And it tells you all sorts of things.
  • 28:02 - 28:09
    Platform information, version number of
    the software, which country someone
  • 28:09 - 28:13
    might be connecting from etc. Where
    they’re hosted… If you are interested
  • 28:13 - 28:18
    looking at this website and finding spikes
    like this you may in fact be able to
  • 28:18 - 28:23
    find out that there is a censorship event
    in that country, and we haven’t noticed it.
  • 28:23 - 28:26
    There are a lot of countries in the world
    if we split it up by country. And sometimes
  • 28:26 - 28:31
    50.000 Tor users fall off the Tor network
    because another American company has sold
  • 28:31 - 28:37
    that country censorship equipment. We
    need help finding these events, and then
  • 28:37 - 28:41
    understanding their context. So if in your
    country something like that happens
  • 28:41 - 28:46
    looking at this data can help us not only
    to advocate for anonymity in such a place
  • 28:46 - 28:49
    but it can help us to also technically
    realize we need to fix a thing,
  • 28:49 - 28:52
    change a thing… And it’s through this
    data that we can have a dialog
  • 28:52 - 28:56
    about those things. So if you have no
    technical ability at all but you’re
  • 28:56 - 28:59
    interested and understand where you
    come from – look at this data set, try
  • 28:59 - 29:03
    to understand it, and then reach out to us
    and hopefully we can learn about that.
  • 29:03 - 29:06
    That’s how we learn about this, that’s how
    we learned about the previous thing.
  • 29:06 - 29:10
    And many years ago we gave a Tor talk
    about how countries and governments
  • 29:10 - 29:15
    and corporations try to censor Tor. And
    of course, a lot has happened since then.
  • 29:15 - 29:19
    There’s a lot of those things, and very
    difficult to keep up with them. So
  • 29:19 - 29:23
    we really need the community’s help to
    contextualize, to explain and define
  • 29:23 - 29:26
    these things.
  • 29:26 - 29:31
    Roger: Okay. Next section of the talk,
    ‘things that excited journalists over
  • 29:31 - 29:35
    the past year’. That actually turned out
    to be not-so-big a deal. And we’re gonna
  • 29:35 - 29:39
    try to blow through a lot of them quickly,
    so that we can get to the stuff that
  • 29:39 - 29:46
    actually was a big deal. So I guess in
    August or something there was going to be
  • 29:46 - 29:50
    a Blackhat talk about how you can
    just totally break Tor, and then
  • 29:50 - 29:55
    the Blackhat talk got pulled. Turns out
    that it was a group at CMU who were
  • 29:55 - 30:00
    doing some research on Tor. And I begged
    them for a long time to get a little bit
  • 30:00 - 30:05
    of information about what attack they had.
    Eventually they sent me a little bit of
  • 30:05 - 30:09
    information. And then we were all
    thinking about how to fix it. And then
  • 30:09 - 30:12
    Nick Mathewson, one of the Tor developers,
    said: “Why don’t I just deploy
  • 30:12 - 30:17
    a detection thing on the real Tor network,
    just in case somebody is doing this?” And
  • 30:17 - 30:21
    then it turns out somebody was doing this.
    And then I sent mail to the Cert (?) people
  • 30:21 - 30:26
    saying: “Hey, are you, like, are you like
    running those 100 relays that are doing
  • 30:26 - 30:32
    this attack on Tor users right now?” And
    I never heard back from them after that.
  • 30:32 - 30:37
    So that’s sort of a… this is a sad
    story for a lot of different reasons.
  • 30:37 - 30:41
    But I guess the good news is we identified
    the relays that were doing the attack,
  • 30:41 - 30:45
    we cut them out of the network, and we
    deployed a defense that will first of all
  • 30:45 - 30:49
    make that particular attack not
    work anymore. And also detect it
  • 30:49 - 30:52
    when somebody else is trying
    to do an attack like this.
  • 30:52 - 30:54
    Jacob: This, of course, is…
  • 30:54 - 31:00
    applause
  • 31:00 - 31:05
    This is a hard lesson, for 2 reasons.
    The first reason is that that it’s awful
  • 31:05 - 31:08
    to do those kinds of attacks on the real
    Tor network. And there’s a question about
  • 31:08 - 31:13
    responsibility. But the second lesson is
    that when these kinds of things happen,
  • 31:13 - 31:17
    and we have the ability to actually
    understand them we can respond to them.
  • 31:17 - 31:21
    It’s really awful that the talk
    was pulled, and it is really awful
  • 31:21 - 31:25
    that these people were not able to give
    us more information. And it’s also really
  • 31:25 - 31:28
    awful that they were apparently carrying
    out the attack. And there were lots
  • 31:28 - 31:32
    of open questions about it. But in general
    we believe that we’ve mitigated the attack
  • 31:32 - 31:36
    which is important. But we also
    advocated for that talk to go forward.
  • 31:36 - 31:41
    Because we think that, of course, the
    answer to even really frustrating speech
  • 31:41 - 31:46
    is more speech! So we wanna know more
    about it. It somehow is very disturbing
  • 31:46 - 31:49
    that that talk was pulled. And they should
    be able to present their research,
  • 31:49 - 31:53
    even if there’s anger on our face it’s
    important for our users to know as much
  • 31:53 - 31:58
    as we can, so that we can move
    forward with protecting Tor users.
  • 31:58 - 32:02
    Roger: Okay, so, another exciting
    topic from a couple of months ago:
  • 32:02 - 32:05
    Russia apparently put out
    a call-for-research work…
  • 32:05 - 32:07
    loud splashing noise from Jake
    opening a loaded water bottle
  • 32:07 - 32:11
    …to come up with attacks on Tor.
    Jacob: It’s another attack on Tor!
  • 32:11 - 32:15
    Roger: Enjoy your water, Jake.
    I hope that was worth it. laughs
  • 32:15 - 32:17
    Jacob: laughs It was really
    worth it. Was very thirsty.
  • 32:17 - 32:20
    Roger: So Russia put out a
    call-for-research proposals
  • 32:20 - 32:26
    on attacking Tor. Somebody mistranslated
    that phrase from Russian into ‘prize’,
  • 32:26 - 32:31
    or ‘bounty’, or ‘contest’. And then we had
    all these articles, saying “Russia is
  • 32:31 - 32:36
    holding a contest to break Tor” when
    actually, no, they just wanted somebody
  • 32:36 - 32:42
    to work on research on Tor attacks.
    So this would be like the U.S. National
  • 32:42 - 32:47
    Science Foundation holds a contest
    for Tor research. That’s not actually
  • 32:47 - 32:50
    how government funding works.
    Mistranslations cause a lot of
  • 32:50 - 32:55
    exciting journalist articles but as
    far as I can tell it turned out to be
  • 32:55 - 33:00
    basically nothing. Also it was basically
    ‘no money’. So, maybe something
  • 33:00 - 33:03
    will come of this, we’ll see. Something
    else that’s been bothering me a lot,
  • 33:03 - 33:08
    lately: Cryptowall, now called
    ‘Cryptolocker’. So, there are jerks
  • 33:08 - 33:12
    out there who break into your
    mobile phone of some sort,
  • 33:12 - 33:17
    give you malware, viruses, something
    like that. They encrypt your files,
  • 33:17 - 33:22
    and then they send you basically a ransom
    note saying “We’ve encrypted your file,
  • 33:22 - 33:27
    if you want it back send some Bitcoin over
    here!” So this is bad, so far. But then
  • 33:27 - 33:31
    the part that really upsets me is they
    say: “And if you don’t know how to do this
  • 33:31 - 33:36
    go to our website torproject.org and
    download the Tor Browser in order
  • 33:36 - 33:43
    to pay us”. Fuck them! I do not want
    people doing this with our software!
  • 33:43 - 33:49
    applause
  • 33:49 - 33:52
    Jacob: Yeah, fuck them. I mean I don’t
    really have a lot to contribute to that.
  • 33:52 - 33:57
    I mean it’s really… Hidden Services have
    a really bad rap, and it’s frustrating,
  • 33:57 - 34:00
    right? There’s a… of course this
    quantitative and qualitative analysis
  • 34:00 - 34:04
    that we can have here. And the reality
    of the situation is that one Globaleaks
  • 34:04 - 34:08
    leaking interface is ‘one.onion’ (?), for
    example. What is the value of that?
  • 34:08 - 34:14
    Versus 10.000 Hidden Services run by these
    jerks? And it’s very hard to understand
  • 34:14 - 34:17
    the social value of these things, except
    to say that we really need things like
  • 34:17 - 34:22
    Hidden Services. And jackasses like this
    are really making it hard for us to defend
  • 34:22 - 34:26
    the right to publish anonymously. And so,
    if you know who these people are please
  • 34:26 - 34:31
    ask them to stop! I don’t even know
    what the ask is there. But they really
  • 34:31 - 34:33
    should stop. Or maybe there’s some
    interesting things that you can do.
  • 34:33 - 34:37
    I don’t know. But we really, really
    don’t like that this is someone’s
  • 34:37 - 34:41
    first introduction to Tor! That they think
    that we’re responsible for this. We
  • 34:41 - 34:45
    most certainly are not responsible for
    these things. We certainly do not deploy
  • 34:45 - 34:51
    malware. And Hidden Services are actually
    very important for a lot of people.
  • 34:51 - 34:54
    These people are not those people!
  • 34:54 - 35:00
    applause
  • 35:00 - 35:04
    Roger: Another ‘exciting’ story,
    a month or 2 ago, was,
  • 35:04 - 35:08
    “81% of Tor users can be de-anonymized…”
    and then some more words, depending on
  • 35:08 - 35:13
    which article you read. So it turns out
    that one of our friends, Sambuddho, who is
  • 35:13 - 35:19
    a professor in India now, did some work
    on analyzing traffic correlation attacks
  • 35:19 - 35:24
    in the lab. He found, in the lab, that
    some of his attacks worked sometime,
  • 35:24 - 35:29
    great… And then some journalists found it,
    and said: “Ah! This must be the reason why
  • 35:29 - 35:34
    Tor is insecure today”. So he wrote
    an article, it got Slashdot, it got
  • 35:34 - 35:38
    all the other news stories. And suddenly
    everybody knew that Tor was broken
  • 35:38 - 35:44
    because “81% of Tor users…”.
    So it turns out that Sambuddho himself
  • 35:44 - 35:48
    stood up and said actually: “No, you
    misunderstood my article”. But
  • 35:48 - 35:52
    that didn’t matter because nobody listened
    to the author of the paper at that point.
  • 35:52 - 35:57
    So I guess there’s a broader issue that
    we’re struggling with here, in terms of
  • 35:57 - 36:02
    how to explain the details of these
    things because traffic correlation attacks
  • 36:02 - 36:09
    are a big deal. They probably do work
    if you have enough traffic around
  • 36:09 - 36:12
    the internet, and you’re looking at the
    right places. You probably can do
  • 36:12 - 36:18
    the attack. But that paper did not do the
    attack. So I keep finding myself saying:
  • 36:18 - 36:22
    “No no no, you’re misunderstanding the
    paper, the paper doesn’t tell us anything,
  • 36:22 - 36:26
    but the attack is real! But the paper
    doesn’t tell us anything”. And this is
  • 36:26 - 36:30
    really confusing to journalists because
    it sounds like I’m disagreeing with myself
  • 36:30 - 36:35
    with these 2 different sentences. So we
    need to come up with some way to
  • 36:35 - 36:40
    be able to explain: “Here are all of the
    real attacks, that are really actually
  • 36:40 - 36:45
    worrisome, and it’s great that researchers
    are working on them. And they probably
  • 36:45 - 36:51
    are a big deal, in some way. But no, that
    paper that you’re pointing at right now
  • 36:51 - 36:56
    is not the reason why they’re a big
    deal”. We also saw this in the context
  • 36:56 - 37:00
    of an NSA paper which was published
    a couple of days ago, thanks to
  • 37:00 - 37:03
    some other folks.
    Jacob: Sad, ‘some other folks’!
  • 37:03 - 37:05
    Roger: ‘Some other folks’. I won’t specify
  • 37:05 - 37:10
    exactly which other folks. And they
    similarly had a traffic correlation attack.
  • 37:10 - 37:16
    And in the paper it’s really a bad one.
    It’s the same as the paper that was
  • 37:16 - 37:20
    published in 2003, in the open literature.
    There was a much better paper
  • 37:20 - 37:25
    published in 2004, in the open literature,
    that apparently these folks didn’t read.
  • 37:25 - 37:30
    So I don’t wanna say traffic correlation
    attacks don’t work, but all these papers
  • 37:30 - 37:36
    that we’re looking at don’t show…
    aren’t very good papers.
  • 37:36 - 37:39
    Jacob: So one of the solutions to a lot
    of journalists that don’t understand
  • 37:39 - 37:43
    technology is that it’s actually quite
    easy to be a journalist by comparison
  • 37:43 - 37:47
    to being a technologist. It’s possible
    to write about things in a factually
  • 37:47 - 37:51
    correct way, sometimes you don’t always
    reach the right audiences, that can
  • 37:51 - 37:55
    actually be difficult. It depends. So you
    have to write for different reading
  • 37:55 - 37:59
    comprehension levels, e.g. And we tried
    to write for people who understand
  • 37:59 - 38:03
    the internet. At least when I write as
    a journalist. And so, when I sometimes
  • 38:03 - 38:07
    take off my Tor hat I put on my journalistic
    hat. And part of the reason is that
  • 38:07 - 38:10
    in order to even tell you about some
    of the things that we learn, if I don’t
  • 38:10 - 38:15
    put on my journalistic hat I get a nice
    pair of handcuffs. So it’s very important
  • 38:15 - 38:18
    to have journalistic protection so that we
    can inform you about these things.
  • 38:18 - 38:23
    So e.g. it is the case that XKeyscore
    rules – we published some of them.
  • 38:23 - 38:29
    Not ‘we’, Tor. But me and this set of
    people at the top, of this by-line here.
  • 38:29 - 38:33
    In NDR. Some of you know NDR, it’s a very
    large German publication. I also publish
  • 38:33 - 38:38
    with Der Spiegel, as a journalist. In this
    case we published XKeyscore rules.
  • 38:38 - 38:42
    Where we specifically learned an important
    lesson. And the important lesson was,
  • 38:42 - 38:45
    even if you’re a journalist explaining
    things exactly technically correctly
  • 38:45 - 38:48
    – people will still get it wrong. It’s just
    not the journalists that get it wrong.
  • 38:48 - 38:51
    It’s the readers. Very frustrating.
  • 38:51 - 38:55
    People decided that because the NSA
    definitely has XKeyscore rules that is
  • 38:55 - 38:59
    rules for surveilling the internet, where
    they’re looking at big traffic buffers.
  • 38:59 - 39:04
    TEMPORA e.g. the British surveillance
    system that is built on XKeyscore.
  • 39:04 - 39:08
    With a – probably – week-long buffer of
    all internet traffic. That’s a big buffer,
  • 39:08 - 39:15
    by the way. Doing these XKeyscore
    rules, running across that traffic set,
  • 39:15 - 39:18
    they would find that people were
    connecting to directory authorities.
  • 39:18 - 39:21
    One of those directory authorities is
    mine, actually, quite ironically. And
  • 39:21 - 39:26
    then Sebastian Hahn, and other people
    in this audience. And some people said:
  • 39:26 - 39:31
    “Oh, don’t use Tor because the NSA will
    be monitoring you!” That is exactly
  • 39:31 - 39:36
    the wrong take-away. Because there are
    XKeyscore rules on the order of tens of
  • 39:36 - 39:40
    thousands, from what we can tell.
    So everything you do is going through
  • 39:40 - 39:43
    these giant surveillance systems. And
    what you’ll learn when you monitor
  • 39:43 - 39:49
    someone using Tor is that they’re
    using Tor potentially, in that buffer.
  • 39:49 - 39:51
    Which is different than ‘they learn
    for sure that you were going to
  • 39:51 - 39:56
    the Chaos Computer Club’s web site’,
    or that you were going to a dating site.
  • 39:56 - 39:59
    So it’s the difference between ‘they learn
    some keeny (?) bit of information about you’,
  • 39:59 - 40:03
    that you’re using an anonymity
    system, versus ‘they learned exactly
  • 40:03 - 40:06
    what you were doing on the internet’. Now
    if there were only a few XKeyscore rules
  • 40:06 - 40:11
    at all, and it was just that about Tor
    then that conclusion people reach
  • 40:11 - 40:15
    would be correct. But it’s exactly not
    true. The XKeyscore system is so powerful
  • 40:15 - 40:19
    that if you have a logo for a company,
    so anyone here that runs a company,
  • 40:19 - 40:23
    and you put a logo inside of a document,
    the XKeyscore system can find that logo
  • 40:23 - 40:28
    in all of the documents flowing across the
    internet in real-time. And alert someone
  • 40:28 - 40:34
    that someone has sent a .DOC or a PDF with
    that image inside of it. And alert them.
  • 40:34 - 40:38
    So that they can intercept it. So the
    lesson is not “Don’t use Tor because
  • 40:38 - 40:43
    XKeyscore may put your metadata into
    a database, in the so-called ‘corporate
  • 40:43 - 40:48
    repositories’”. The lesson is “Holy shit,
    there’s this gigantic buffering system
  • 40:48 - 40:52
    which has search capabilities that even
    allow you to search inside of documents.
  • 40:52 - 40:56
    Really, really advanced capabilities where
    they can select that traffic and put it
  • 40:56 - 41:00
    somewhere else”. “Use an anonymity
    system!” And also: “Look, they’re
  • 41:00 - 41:05
    targeting anonymity systems, even in the
    United States, which, at least for the NSA
  • 41:05 - 41:08
    they’re not supposed to be doing those
    kinds of things”. They literately were
  • 41:08 - 41:11
    caught lying here. They’re doing
    bulk internet surveillance even
  • 41:11 - 41:16
    in the United States. Using these
    kinds of systems. That’s really scary.
  • 41:16 - 41:20
    But the real big lesson to take away from
    that is, actually, that they’re doing this
  • 41:20 - 41:22
    for all the protocols that they can
    write fingerprints for. And they have
  • 41:22 - 41:29
    a generic language where they can actually
    describe protocols. And so we published
  • 41:29 - 41:33
    a number of those, we = NDR. And I would
    really recommend you read and understand
  • 41:33 - 41:36
    that. But the lesson, again, is not
    “Oh no, they’re going to detect you’re
  • 41:36 - 41:40
    using Tor”. We have never said that Tor
    can e.g. protect you against someone
  • 41:40 - 41:45
    seeing that you’re using it. Especially in
    the long term. But rather the point is
  • 41:45 - 41:50
    exactly the scariest point. This mass
    internet surveillance is real. And
  • 41:50 - 41:56
    it is the case that it is real-time.
    And it’s a real problem.
  • 41:56 - 42:03
    applause
  • 42:03 - 42:06
    Roger: If you’re using Tor they see that
    you’re using Tor. If you’re not using Tor
  • 42:06 - 42:10
    they see exactly where you’re going.
    You end up in a list of people who went
  • 42:10 - 42:13
    to ‘this’ website, or ‘this’ website,
    or used ‘this’ service, or sent
  • 42:13 - 42:19
    ‘this’ document. And the diversity of
    Tor users is part of the safety, where,
  • 42:19 - 42:22
    just because they know you’re using
    Tor doesn’t tell them that much.
  • 42:22 - 42:25
    One of the other things I’ve been
    wrestling with after looking at a bunch
  • 42:25 - 42:29
    of these documents lately is the whole
    ‘how do we protect against pervasive
  • 42:29 - 42:33
    surveillance’. And this is an entire talk
    on its own. We’ve been doing some
  • 42:33 - 42:39
    design changes. We pushed out some changes
    in Tor that protect you more against
  • 42:39 - 42:43
    pervasive surveillance. We – for the
    technical people out there – we’ve reduced
  • 42:43 - 42:48
    the number of guard relays that you use
    by default from 3 to 1. So there are
  • 42:48 - 42:53
    fewer places on the internet that get to
    see your Tor traffic. That’s a good start.
  • 42:53 - 42:56
    One of the other lessons we’ve been
    realizing: The internet is more centralized
  • 42:56 - 43:01
    than we’d like. So it’s easy to say
    “Oh, we just need more exit relays,
  • 43:01 - 43:05
    and then we’ll have more protection
    against these things”. But if we put
  • 43:05 - 43:09
    another exit relay in that same data
    sensor (?) in Frankfurt that they’re
  • 43:09 - 43:14
    already watching that’s not actually going
    to give us more safety against these
  • 43:14 - 43:19
    pervasive surveillance adversaries.
    Something else I realized: so we used
  • 43:19 - 43:23
    to talk about how Tor does these two
    different things. We’ve got anonymity,
  • 43:23 - 43:27
    we’re trying to protect against somebody
    trying to learn what you’re doing, and
  • 43:27 - 43:30
    we’ve got circumvention, censorship
    circumvention. We’re trying to protect
  • 43:30 - 43:34
    against somebody trying to prevent
    you from going somewhere.
  • 43:34 - 43:38
    But it turns out in the surveillance
    case they do deep packet inspection
  • 43:38 - 43:42
    to figure out what protocol you’re
    doing, to find out what you’re up to.
  • 43:42 - 43:46
    And in the censorship case they do
    deep packet inspection to figure out
  • 43:46 - 43:50
    what protocol you’re using, to decide
    whether to block it. So it’s actually…
  • 43:50 - 43:55
    these fields are much more related
    than we had realized before. And
  • 43:55 - 43:59
    it took us a while, I’m really happy that
    we have these documents to look at,
  • 43:59 - 44:04
    so that we have a better understanding
    of how this global surveillance
  • 44:04 - 44:11
    and censorship works. Long ago, so in
    2007, I ended up doing a talk at the NSA,
  • 44:11 - 44:15
    to try to convince them that we were not
    the bad guys. And you can read the notes
  • 44:15 - 44:19
    that they took about my talk at the
    NSA. Because they’re published
  • 44:19 - 44:23
    in the Washington Post. So I encourage you
    to go read what the NSA thought of my talk
  • 44:23 - 44:28
    to them. That same year I ended up going
    to GCHQ, to give a talk to them, to try
  • 44:28 - 44:32
    to convince them that we were not the
    bad people. And I thought to myself:
  • 44:32 - 44:35
    “I don’t want to give them anything
    useful. I don’t want to talk about
  • 44:35 - 44:40
    anonymity, because I know they’re going
    to try to break anonymity. So I’m going
  • 44:40 - 44:43
    to give them a talk that has nothing to do
    with anything that they should care about.
  • 44:43 - 44:48
    I’m going to talk about the censorship
    arms race in China, and DPI, and stuff
  • 44:48 - 44:54
    like that, that they shouldn’t care
    about at all”. Boy, were we wrong!
  • 44:54 - 44:59
    applause
  • 44:59 - 45:03
    So the other thing to think about here,
    there are a bunch of different pluggable
  • 45:03 - 45:08
    transports that could come in handy
    against the surveillance adversary.
  • 45:08 - 45:12
    We have, so far, been thinking of
    pluggable transports in terms of
  • 45:12 - 45:16
    ‘there’s somebody trying to censor your
    connection, they’re doing DPI, or they’re
  • 45:16 - 45:21
    looking for addresses, and they’re trying
    to block things’. One of the things
  • 45:21 - 45:25
    we learned from this past summer’s
    documents: imagine an adversary
  • 45:25 - 45:29
    who builds a list of all the public Tor
    relays. And then they build a list of
  • 45:29 - 45:33
    all of the IP addresses that connect
    to those Tor relays. Now they know
  • 45:33 - 45:36
    all the bridges, and many of the users.
    And now they build a list of all the
  • 45:36 - 45:41
    IP addresses that connect to those IP
    addresses. And they go a few hops out,
  • 45:41 - 45:47
    and now they know all the public relays,
    all the bridges, all the users, all of
  • 45:47 - 45:50
    the other things that are connected to
    Tor. And they can keep track of which ones
  • 45:50 - 45:56
    they should log traffic for, for the next
    6 months, rather than the next week.
  • 45:56 - 46:01
    That’s a really scary adversary. Some of
    the pluggable transports we’ve been
  • 46:01 - 46:06
    working on could actually come in handy
    here. So ‘Flash proxy’ is one of the ones
  • 46:06 - 46:11
    you heard about in last year’s talk. The
    basic idea of a Flash proxy is to get
  • 46:11 - 46:17
    users running web browsers to volunteer
    running web-RTC, or something like that
  • 46:17 - 46:22
    to basically be a short-lived bridge
    between the censored user and
  • 46:22 - 46:27
    the Tor Network. So the idea is that you
    get millions of people running browsers,
  • 46:27 - 46:31
    and then you can proxy from inside China,
    or Syria, or America, or wherever
  • 46:31 - 46:37
    the problem is, through the browser into
    the Tor Network. But from the surveillance
  • 46:37 - 46:42
    perspective suddenly they end up with
    an enormous list of millions of people
  • 46:42 - 46:46
    around the world that are
    basically buffering the Tor user
  • 46:46 - 46:50
    from the Tor Network. So if they
    start with this list of IP addresses,
  • 46:50 - 46:53
    and they’re trying to build a list of
    everything, now they end up
  • 46:53 - 46:56
    with millions of IP addresses
    that have nothing to do with Tor.
  • 46:56 - 47:00
    And they have to realize, at the time
    they’re watching, that they want to go
  • 47:00 - 47:04
    one more hop out. So I don’t
    know if that will work. But this is
  • 47:04 - 47:09
    an interesting research area that more
    people need to look at: How can we,
  • 47:09 - 47:13
    against an adversary who’s trying to build
    a list of everybody who has anything to do
  • 47:13 - 47:18
    with Tor, how can we have
    Tor users not end up on that list.
  • 47:18 - 47:23
    What sort of transports or tunneling
    through Google app spot (?),
  • 47:23 - 47:27
    or other tools like that can we use
    to break that chain, so it’s not as easy
  • 47:27 - 47:33
    for them to track down
    where all the users are.
  • 47:33 - 47:36
    Okay, Silk Road 2, we’ve had a lot
    of questions about. I think it’s called
  • 47:36 - 47:41
    Operation Onimous (?). I actually talked
    to an American law enforcement person
  • 47:41 - 47:46
    who was involved in this. And he
    told me, from his perspective, exactly
  • 47:46 - 47:51
    how it happened. Apparently the
    Silk Road 2 guy wrote his name down
  • 47:51 - 47:55
    somewhere. So they brought him in,
    and started asking him questions. And
  • 47:55 - 47:59
    as soon as they started asking him
    questions he started naming names.
  • 47:59 - 48:02
    And they counted up to 16 names, and
    they went and arrested all those people,
  • 48:02 - 48:06
    and collected their computers. And then
    they put out a press release, saying
  • 48:06 - 48:10
    that they had an amazing Tor attack.
  • 48:10 - 48:13
    applause
  • 48:13 - 48:18
    So there are a couple of lessons here. One
    of them is: Yes, it’s another case where
  • 48:18 - 48:25
    opsec failed. But the other lesson that
    we learn is: These large law enforcement
  • 48:25 - 48:33
    adversaries are happy to use press spin
    and lies, and whatever else it takes
  • 48:33 - 48:37
    to try to scare people away from
    having safety on the internet.
  • 48:37 - 48:40
    Jacob: This is a really… to me,
    especially, if I take off my Tor hat
  • 48:40 - 48:45
    and put on my journalistic hat, as if
    I can actually take off hats etc., but
  • 48:45 - 48:49
    it’s really terrifying that journalists
    don’t actually ask hard questions
  • 48:49 - 48:55
    about that. You know, the Europol people
    that spoke to the press, they talked
  • 48:55 - 48:59
    about this as if they had some incredible
    attack, they talked about 0-day,
  • 48:59 - 49:03
    they talked about how, you know,
    they had broken Tor, “You’re not safe
  • 49:03 - 49:06
    on the Dark Web”. We don’t even use the
    term ‘Dark Web’. That’s how you know
  • 49:06 - 49:14
    that they’re full of shit. But it’s…
    applause
  • 49:14 - 49:18
    That’s sort of like when people have Tor
    in all caps (?)(?)(?)(?)(?)(?), dark web,
  • 49:18 - 49:23
    that kind of stuff, this is a bad sign. But
    the way they talk about it, it was clear
  • 49:23 - 49:27
    that they, as far as we can tell, they
    don’t have that. But they really hyped it.
  • 49:27 - 49:33
    As much as they possibly could. I mean,
    it is, effectively, and I think it is even
  • 49:33 - 49:37
    technically a psychological operation
    against the civilian population. They
  • 49:37 - 49:42
    want to scare you into believing that Tor
    doesn’t work. Because, in fact, it does work,
  • 49:42 - 49:46
    and it is a problem for them. So any time
    they can ever have some kind of win-it-all
  • 49:46 - 49:49
    they always spin it as if they’re great,
    powerful adversaries, and it’s
  • 49:49 - 49:54
    us-versus-them. And that’s exactly wrong.
    It is not us-versus-them. Because we all
  • 49:54 - 49:58
    need anonymity. We all absolutely need
    that. And they shouldn’t be treating us
  • 49:58 - 50:03
    as adversaries. They, in fact, are also
    Tor users, quite ironically. So it is
  • 50:03 - 50:06
    interesting though, because they know that
    they haven’t done that. But they don’t
  • 50:06 - 50:09
    want you to know that they haven’t done
    that. In fact, they want you to know
  • 50:09 - 50:12
    the opposite. Of course we could be
    wrong. They could have some
  • 50:12 - 50:18
    super-secret exploit, but as far as we can
    tell that just is not the case. So, what’s
  • 50:18 - 50:21
    to be learned from this? We used to think
    it was just American law enforcement
  • 50:21 - 50:25
    that were scary jerks. Now it’s also
    European. I don’t know if that’s
  • 50:25 - 50:29
    the right buzzing(?). But hopefully some
    of you will go and work at Europol,
  • 50:29 - 50:32
    and tell us what’s really going on.
  • 50:32 - 50:38
    applause
  • 50:38 - 50:43
    Roger: Speaking of Hidden Services. We
    have a new design in mind, that will have
  • 50:43 - 50:48
    some stronger crypto properties, and make
    it harder to enumerate Hidden Services.
  • 50:48 - 50:52
    It won’t solve some of the big anonymity
    questions that are still open research
  • 50:52 - 50:56
    questions. But there are a lot of
    improvements we’d like to make,
  • 50:56 - 51:00
    to make the crypto more secure, and
    performance changes etc. And we’d been
  • 51:00 - 51:05
    thinking about doing some sort of crowd
    funding, kickstarter-like thing, to make
  • 51:05 - 51:09
    Hidden Services work better. We’ve got
    a funder who cares about understanding
  • 51:09 - 51:13
    Hidden Services, but that’s not the same
    as actually making them more secure.
  • 51:13 - 51:17
    So we’d love to chat with you after this
    about how to make one of those
  • 51:17 - 51:20
    kickstarters actually work.
  • 51:20 - 51:26
    Jacob: Right, so, if you have questions
    we have some amount of time for questions.
  • 51:26 - 51:28
    And while you line up at the microphone
    I’ll tell you a quick story. So if you
  • 51:28 - 51:31
    have questions please line up at the
    microphone, so we can do this.
  • 51:31 - 51:34
    This is a picture of a man who was
    assassinated in San Francisco.
  • 51:34 - 51:37
    His name is Harvey Milk. Anybody
    here – ever hear of Harvey Milk?
  • 51:37 - 51:39
    applause
  • 51:39 - 51:43
    Great. Harvey Milk was basically the
    first out-gay politician in, I think,
  • 51:43 - 51:48
    the United States. He was a city council
    member in San Francisco. And this was
  • 51:48 - 51:52
    during a huge fever pitch apora (?) where…
    basically it was the battle between:
  • 51:52 - 51:57
    “Are people who are gay people or not?”
    And what he said is: Go home and
  • 51:57 - 52:00
    tell your brothers, your mothers, your
    sisters, your family members and
  • 52:00 - 52:04
    your co-workers that you’re gay. Tell
    them that, so that when they advocate
  • 52:04 - 52:09
    for violence against gay people, when
    they advocate for harm against you
  • 52:09 - 52:14
    that they know they’re talking about you.
    Not an abstract boogieman. But someone
  • 52:14 - 52:19
    that they actually know, and that they
    love. We need every person in this room,
  • 52:19 - 52:23
    every person watching this video later to
    go home and talk about how you needed
  • 52:23 - 52:27
    anonymity, for 5 or 10 minutes. How you
    needed it every day to do your job.
  • 52:27 - 52:31
    We need people to reach out. Now that’s
    a sad story with Harvey Milk which is
  • 52:31 - 52:34
    that he and mayor Moscone of San
    Francisco were actually killed by
  • 52:34 - 52:39
    a very crazy person, that was also in city
    government, in the American traditional
  • 52:39 - 52:44
    extreme gun violence. He was shot and
    killed. And that person actually got away
  • 52:44 - 52:48
    with it. The so-called ‘Twinkie defense’.
    So we’re not trying to draw that parallel.
  • 52:48 - 52:53
    Just to be clear please don’t shoot us and
    kill us! Not even funny, unfortunately.
  • 52:53 - 52:58
    But to understand that we are really
    under threat, a lot of pressure. There’s
  • 52:58 - 53:02
    a lot of pressure. We get pressure from
    law enforcement investigation agencies
  • 53:02 - 53:08
    to backdoor Tor, and we tell them:
    “No”, and that takes a lot of stress
  • 53:08 - 53:12
    and dumps it on us. And we need support
    from a lot of people, to tell them
  • 53:12 - 53:16
    to back off. It can’t just be us that
    say that. Or we will lose some day.
  • 53:16 - 53:20
    And there are also very scary adversaries
    that do not care at all about the law.
  • 53:20 - 53:25
    Not that those guys care about the law but
    really don’t care about the law at all.
  • 53:25 - 53:29
    And we need people to understand how
    important anonymity is, and make sure
  • 53:29 - 53:35
    that that goes into every conversation.
    So really, go home and teach your friends
  • 53:35 - 53:38
    and your family members about your
    need for anonymity. This lesson
  • 53:38 - 53:42
    from Harvey Milk was very useful. It is
    the case that now, in California where
  • 53:42 - 53:46
    there is a huge fever pitch (?) battle about
    this that you can e.g. be gay and be
  • 53:46 - 53:51
    a school teacher. That was one of the
    battles that Harvey Milk helped win.
  • 53:51 - 53:59
    applause
  • 53:59 - 54:03
    So, with that I think
    that we have time for…
  • 54:03 - 54:06
    Herald: Yeah, we have like 10 minutes left
    for questions. So, thank you so much
  • 54:06 - 54:10
    for the talk! It’s really inspiring.
    Thank you for keeping up the work!
  • 54:10 - 54:17
    applause
  • 54:17 - 54:20
    Really! Although you do this every year
    it never gets old. And I think your…
  • 54:20 - 54:24
    every year you give people the chance to
    leave the Congress with a feeling of hope
  • 54:24 - 54:27
    and purpose. So, thank you so much for
    everything you do and every minute
  • 54:27 - 54:30
    you spend on this project. So we start
    with a question from the internet.
  • 54:30 - 54:32
    applause
  • 54:32 - 54:35
    Jacob: We’d like to take a few questions
    from the internet all at once,
  • 54:35 - 54:37
    if possible, so we can try to answer
    them as quickly as possible.
  • 54:37 - 54:38
    Signal Angel: Okay.
    Herald: Alright.
  • 54:38 - 54:42
    Signal Angel: So, the first one: Yesterday
    you said that SSH is broken. So
  • 54:42 - 54:46
    what should we use to safely
    administrate our Tor relays?
  • 54:46 - 54:50
    Jacob: Hah! That’s great. So,
    first of all! Next set of questions!
  • 54:50 - 54:53
    Signal Angel: So the next one is: How much
    money would be needed to get independent
  • 54:53 - 54:56
    from Government funding,
    and is that even desired?
  • 54:56 - 54:59
    Jacob: Ah, do you want me to do both?
    Roger: Sure.
  • 54:59 - 55:01
    Jacob: Okay.
    Signal Angel: Hope so.
  • 55:01 - 55:06
    Jacob: Okay. First question: Consider
    using a Tor Hidden Service, and then
  • 55:06 - 55:09
    SSH’ing into that Tor Hidden Service.
    Composition of cryptographic components
  • 55:09 - 55:16
    is probably very important. A detail about
    SSH: We don’t know what is going on.
  • 55:16 - 55:19
    We only know what was claimed in those
    documents. That’s a really scary claim.
  • 55:19 - 55:24
    This creates a political problem. The U.S.
    Congress and other political bodies
  • 55:24 - 55:28
    should really be asking the secret
    services if they really have a database
  • 55:28 - 55:31
    called CAPRI OS where they store
    SSH decrypts. And how they populate
  • 55:31 - 55:35
    that database. Because that is critical
    infrastructure. We can’t solve that problem
  • 55:35 - 55:39
    with the knowledge that we have right now.
    But we know now: There is a problem.
  • 55:39 - 55:43
    What is that problem? So, composition
    of those systems: It seems to be,
  • 55:43 - 55:46
    the documents say that they haven’t broken
    the crypto in Tor Hidden Services. So
  • 55:46 - 55:51
    put those two together. And also consider
    that cryptography only buys you time.
  • 55:51 - 55:56
    It really isn’t the case that all the
    crypto we have today is going to be good
  • 55:56 - 56:00
    maybe in 150 years. If Sci-Fi quantum
    computers ever come out, and they
  • 56:00 - 56:03
    actually work, Shor’s algorithm and
    other things really seem to suggest
  • 56:03 - 56:07
    we have a lot of trouble ahead. And the
    second part, about money: Yeah, we would
  • 56:07 - 56:11
    love to replace Government funding. I mean
    at least I would. But that isn’t to say
  • 56:11 - 56:15
    that we don’t respect that there are
    people that do fund us to do good things.
  • 56:15 - 56:20
    We do take money from agencies who e.g.
    the Department of Human Rights and Labor,
  • 56:20 - 56:22
    at the State Department. They’re sort of
    like the advertising arm for the
  • 56:22 - 56:27
    gun-running part of the State Department,
    as Julian Assange would say. And they
  • 56:27 - 56:30
    actually care about Human Rights. They
    care that you have access to anonymity.
  • 56:30 - 56:35
    It’s weird because the State Department
    – the rest of it – might not care. But,
  • 56:35 - 56:39
    we really, really would like to off-set
    that money. But we’d like to grow.
  • 56:39 - 56:43
    We’d like to be able to hire 100 people
    in this room to work on this full-time.
  • 56:43 - 56:48
    Because the planet needs anonymity. But
    that requires that we find that money.
  • 56:48 - 56:52
    And the best place at the moment is by
    writing grant proposals. And that is how
  • 56:52 - 56:56
    we have in fact done that. And that
    allows us also to operate openly.
  • 56:56 - 57:00
    So we don’t have e.g. clearances. And we
    try to publish everything we can about it.
  • 57:00 - 57:04
    And if you ever write a FOIA we always
    tell the agency that has received the
  • 57:04 - 57:09
    Freedom Of Information request: Give the
    requestor everything. Give it all to them.
  • 57:09 - 57:13
    We have nothing to hide about this, we
    want you to see that. We want you to see
  • 57:13 - 57:17
    that when a government agency has paid
    us money that we have done it for THIS
  • 57:17 - 57:21
    line item, and THIS line item. And we’ve
    done it as well as we could do it, and
  • 57:21 - 57:24
    it is in line with the open research, and
    we have really done a good thing,
  • 57:24 - 57:26
    that helps people.
  • 57:26 - 57:31
    Roger: So I’d love to diversify our
    funding. I’d love to have foundations,
  • 57:31 - 57:38
    I’d love to have the EFF model where
    individuals fund because we do great things
  • 57:38 - 57:43
    – look at what we did over the past year –
    and in fact, right here: Look at what we
  • 57:43 - 57:47
    did over the past year. We’ve done so
    amazing things, we’re gonna do some more
  • 57:47 - 57:51
    amazing things next year. We need your
    help to actually make all of this happen.
  • 57:51 - 57:55
    Jacob: Anybody here
    a Bitcoin millionaire?
  • 57:55 - 57:57
    Because we now take Bitcoin!
  • 57:57 - 58:03
    applause
  • 58:03 - 58:05
    Herald: Alright, let’s take
    a question from microphone 1.
  • 58:05 - 58:09
    Question: Just a short question:
    is there a follow-up on the
  • 58:09 - 58:15
    Thomas White tor-talk mailing list thing?
  • 58:15 - 58:19
    Roger: So, Thomas White runs a few exit
    relays. Some of them are quite large,
  • 58:19 - 58:25
    I’m very happy he does that. It is quite
    normal for exit relays to come and go.
  • 58:25 - 58:29
    He is in England, and as far as I can tell
    England is not a very good place to be
  • 58:29 - 58:36
    these days. But he’s trying to fix his
    country from inside which is really great.
  • 58:36 - 58:41
    Basically the short version is: It’s not
    a big deal. He runs some exit relays,
  • 58:41 - 58:45
    somebody tries to take them down, there
    are 6000 relays in the network right now,
  • 58:45 - 58:49
    they go up and down, it’s normal.
  • 58:49 - 58:53
    Question: Is this related to the Tor
    blog post, that Thomas White thing,
  • 58:53 - 58:55
    where you said there’s an upcoming…
  • 58:55 - 59:00
    Roger: It is unrelated, except for the
    fact that everybody was watching.
  • 59:00 - 59:03
    So then, when he wrote a tor-talk mail
    saying “Hey, I’m concerned about my
  • 59:03 - 59:07
    exit relays”, suddenly all the journalists
    said: “Oh my god, they must be
  • 59:07 - 59:09
    the same thing!” So, no, unrelated!
  • 59:09 - 59:11
    Jacob: There are a lot of people that
    have been attacking the Tor network.
  • 59:11 - 59:14
    You’ve probably seen there’ve been
    Denial-of-Service attacks, and things
  • 59:14 - 59:18
    like that on the Tor directory
    authorities. This is what I was saying
  • 59:18 - 59:22
    one or two slides ago when I said “Please
    tell people the value of Tor, and that
  • 59:22 - 59:27
    you need it”. Because when people do
    Denial-of-Service attacks, when they see
  • 59:27 - 59:31
    servers, we really need, in a peer2peer
    network way, to draw up more relays
  • 59:31 - 59:34
    to actually increase the bandwidth
    capacity, to increase the exit capacity.
  • 59:34 - 59:39
    And it’s very important to do that. Right?
    I mean it’s very, very serious that
  • 59:39 - 59:42
    those things happen. But it’s also
    important that the design of the network
  • 59:42 - 59:45
    is designed with the expectation that
    thieves will steal computer systems,
  • 59:45 - 59:51
    that jerks will denial-of-service them
    etc. So if you can run an exit relay,
  • 59:51 - 59:54
    thank you! Thank you for doing that.
    Next question?
  • 59:54 - 59:56
    applause
    Herald: Yeah. Let’s take a question
  • 59:56 - 59:57
    from microphone 2.
  • 59:57 - 60:01
    Question: First of all a quick shoutout to
    your Ooni friend. Please don’t ask people
  • 60:01 - 60:06
    to run arbitrary code over the internet.
    Curl-piper’s age (?) is not good style.
  • 60:06 - 60:10
    Roger: There’s a deb (?) that we’re working
    on also that should be a lot better.
  • 60:10 - 60:13
    Jacob: Yeah, ‘apt-get install ooniprobe’
    will also work.
  • 60:13 - 60:19
    Question: Do you have any plans
    of implementing IPv6, finally?
  • 60:19 - 60:25
    Jacob: So there is IPv6, so Linus
    Nordberg, one of the finest Tor people
  • 60:25 - 60:32
    I’ve ever met, he, in fact, helped add
    IPv6 support, initial IPv6 support
  • 60:32 - 60:37
    to the Tor network. So, e.g. you can,
    in fact, exit through the Tor network
  • 60:37 - 60:43
    with IPv4 or IPv6. It is the case that the
    Tor relays in the network still all need
  • 60:43 - 60:49
    IPv4, not just IPv6. My Tor directory
    authority which runs in California,
  • 60:49 - 60:53
    it has an IPv4 and an IPv6 address,
    so if you have an IPv6 address you can
  • 60:53 - 60:56
    bootstrap, you can connect to that.
    You could do some interesting
  • 60:56 - 60:59
    pluggable-transport stuff as well. So
    that is on the road map. This is another
  • 60:59 - 61:03
    example of: If you really care about that
    issue please send us your Bitcoins!
  • 61:03 - 61:08
    And it would be really fantastic because
    we really want that! But right now,
  • 61:08 - 61:13
    you can use Tor as a v4-v6 gateway.
    You really can do that, and we would
  • 61:13 - 61:16
    encourage that. It’s another example
    of some kind of neat feature of Tor
  • 61:16 - 61:18
    which you would never think an
    anonymity system would have.
  • 61:18 - 61:23
    Roger: And in Iran, right now, where IPv6
    is not censored because the soft…
  • 61:23 - 61:27
    the censorship stuff they have from
    America and Europe didn’t think
  • 61:27 - 61:31
    to censor IPv6…
    laughter and applause
  • 61:31 - 61:35
    applause
  • 61:35 - 61:41
    so you can use a bridge right now in Iran
    that connects over IPv6. Works great.
  • 61:41 - 61:44
    Jacob: Yeah. Next question?
    Herald: Alright, microphone 4!
  • 61:44 - 61:47
    Question: So we heard lots of really
    encouraging success stories about Tor
  • 61:47 - 61:51
    working against a global passive
    adversary. But we know that Tor
  • 61:51 - 61:55
    wasn’t designed for this use case.
    The question is: What needs to happen
  • 61:55 - 61:59
    in order for Tor to actually being
    able to handle this, officially?
  • 61:59 - 62:02
    Is this just research, or some
    more development work?
  • 62:02 - 62:07
    Roger: There’s a lot of really hard open
    research questions there. So if you’re…
  • 62:07 - 62:11
    so, I get… basically one of the
    issues is what we call the
  • 62:11 - 62:15
    end-to-end traffic correlation attack. So
    if you can see the flow over here coming
  • 62:15 - 62:19
    into the Tor network, and you can see the
    corresponding flow over here, coming out
  • 62:19 - 62:23
    of it, then you do some simple statistics,
    and you say: “Hey, wait a minute, these
  • 62:23 - 62:27
    line up!” And there are a bunch of
    different directions on how to make that
  • 62:27 - 62:33
    harder. Basically what you want to
    do is drive up the false-positive rate.
  • 62:33 - 62:38
    So you see a flow here, and there are
    actually 1000 flows that look like they
  • 62:38 - 62:42
    sort of match. And maybe you can do
    that by adding a little bit of padding,
  • 62:42 - 62:47
    or delays, or batching or something. The
    research, as we understand it right now,
  • 62:47 - 62:51
    means that you have to add hours
    of delay, not seconds of delay.
  • 62:51 - 62:57
    That’s kind of crummy. So another way
    of phrasing that: Imagine a graph,
  • 62:57 - 63:03
    the X axis is how much overhead
    we’re adding. And the Y axis is
  • 63:03 - 63:07
    how much security we get against the
    end-to-end correlation attack. We have
  • 63:07 - 63:13
    zero data points on that graph. We have
    no idea what the curve looks like.
  • 63:13 - 63:16
    Jacob: There’s also another point which
    is: Roger has an assumption. He says
  • 63:16 - 63:21
    if we have a high false-positive rate,
    that that’s a good thing. Well, maybe,
  • 63:21 - 63:23
    maybe actually, that’s exactly the
    wrong thing. Maybe the result is
  • 63:23 - 63:28
    that 1000 people get rounded up instead
    of 1. The reality is that there is
  • 63:28 - 63:31
    no system that – as far as we know –
    is actually safer than that. Of course
  • 63:31 - 63:34
    we would say that, we work on Tor. But as
    an example: One of the XKeyscore things
  • 63:34 - 63:38
    that I’ve seen in this research which
    we published in the NDR story is that
  • 63:38 - 63:41
    they were doing an attack on Hotspot Shield
    where they were actually doing
  • 63:41 - 63:45
    traffic correlation where they were able
    to de-anonymize VPN users because of
  • 63:45 - 63:49
    it’s a single hop. And then they were
    also able to do Quantuminsert to attack
  • 63:49 - 63:54
    specific users using the VPN. We haven’t
    seen evidence of them doing that to Tor.
  • 63:54 - 63:58
    That also doesn’t mean that every VPN
    is broken. It just means that VPN
  • 63:58 - 64:01
    has a different threat model. There’s
    lot of attacks that are like that, and
  • 64:01 - 64:05
    the problem is the internet is a dangerous
    place. So, I mean, Banksy said it best:
  • 64:05 - 64:09
    He said, in the future people will be
    anonymous for 15 minutes. And
  • 64:09 - 64:13
    I think he may have over-estimated
    that. Depending on the attacker.
  • 64:13 - 64:17
    Roger: There’s a conference called the
    Privacy Enhancing Technology Symposium,
  • 64:17 - 64:21
    petsymposium.org where all of the
    Anonymous Communications researchers
  • 64:21 - 64:27
    get together each year to consider exactly
    these sorts of research questions. So,
  • 64:27 - 64:30
    it’s not just an engineering question,
    there’s a lot of basic science left
  • 64:30 - 64:33
    in terms of how to make
    these things harder.
  • 64:33 - 64:35
    Herald: Alright, the last question
    is one from the internet.
  • 64:35 - 64:40
    Signal Angel: Okay, so, does running
    a Ooniprobe involve any legal risks?
  • 64:40 - 64:43
    Jacob: Okay, so, great! We can take
    different questions, cause we’re gonna say
  • 64:43 - 64:45
    “Talk to Arturo!”
  • 64:45 - 64:47
    Herald: Alright, so, microphone 3!
  • 64:47 - 64:52
    Question: Okay, as a new
    Tor relay operator I’ve got…
  • 64:52 - 64:58
    applause
    Jacob: Take a bow!
  • 64:58 - 65:04
    Question: So, since about 2 months I run
    3 relays, rather high bandwidth, and
  • 65:04 - 65:10
    on 2 of these I had quite strange things
    happen. One case: A kernel crash in the
  • 65:10 - 65:17
    Intel e1000 driver, the other one having
    the top-of-the-rack switch just reboot,
  • 65:17 - 65:22
    which is by the way a Juniper switch.
    So I’m kind of concerned about this
  • 65:22 - 65:26
    operational security. You
    know, could you trust that?
  • 65:26 - 65:32
    Jacob: Yeah, absolutely. So the short
    version of it is: Agencies like the NSA,
  • 65:32 - 65:35
    depending on where you’re located, might
    compromise something like your Juniper
  • 65:35 - 65:39
    switch upstream. They sit on Zerodays
    for critical infrastructure, that includes
  • 65:39 - 65:45
    core routers, and switches. But
    it may not be such a big thing.
  • 65:45 - 65:50
    It really depends on where you’re located.
    It could also be that the hardware sucks.
  • 65:50 - 65:53
    laughter
    And that the software is not good. And
  • 65:53 - 65:57
    when you, of course, are pushing,
    let’s say gigabits of traffic through it
  • 65:57 - 66:02
    it falls over. It’s really hard to know.
    That’s a really good question,
  • 66:02 - 66:07
    which is very specific, and kind of
    hard for us to address without data.
  • 66:07 - 66:13
    Question: Sorry, I’m concerned that the
    attack, like this, you know, they could,
  • 66:13 - 66:18
    actually, compromise the machine without
    knowing, or compromise the exact uplink.
  • 66:18 - 66:22
    And this would actually be a viable
    attack, like very low-key,
  • 66:22 - 66:24
    you don’t see it, as [an] operator,
    maybe, if you’re not very careful.
  • 66:24 - 66:28
    And you can watch all the traffic
    going inside, going outside the box.
  • 66:28 - 66:33
    Jacob: It would be fantastic
    if you can prove that theory.
  • 66:33 - 66:37
    Because, of course, if you can, maybe we
    can find other information that allows us
  • 66:37 - 66:41
    to stop those types of things to
    happen, or e.g. can in some way
  • 66:41 - 66:46
    allow us to fix the problems that are
    being exploited. The reality is that
  • 66:46 - 66:49
    general purpose computers
    are quite frankly not very secure,
  • 66:49 - 66:52
    and special purpose computers
    aren’t doing much better.
  • 66:52 - 66:55
    Roger: I worry not only about active
    attacks like that but about passive attacks
  • 66:55 - 66:59
    where they already have some sort of
    surveillance device up-stream from you
  • 66:59 - 67:04
    in you co-location facility, or something
    like that. So, yes. These are all
  • 67:04 - 67:10
    really big concerns. One of the defenses
    that Tor has is diversity around the world.
  • 67:10 - 67:14
    So, hopefully they won’t be able to do
    that to all of the relays. But yeah,
  • 67:14 - 67:17
    this is a big issue. We should
    keep talking about it.
  • 67:17 - 67:21
    Herald: Alright, I just wanna come back
    to the question before, for a second.
  • 67:21 - 67:23
    Because there was a question from the
    internet. So the people are not able
  • 67:23 - 67:28
    to talk. Ooniprobe guy, hey, could you
    maybe answer the question, like,
  • 67:28 - 67:31
    right now, or maybe on Twitter,
    or post a link or something?
  • 67:31 - 67:33
    Because I happen to believe that
    it’s a very important question.
  • 67:33 - 67:36
    You remember the question?
    If there are legal restric…
  • 67:36 - 67:41
    Arturo: Yeah well, I mean the thing is
    that we don’t really know like what are
  • 67:41 - 67:43
    the… who was it that
    was asking the question?
  • 67:43 - 67:46
    Jacob: The internet?
    Arturo: Ah, the internet. Okay.
  • 67:46 - 67:51
    laughter and applause
    Jacob laughs
  • 67:51 - 67:59
    So I guess we can’t know all of the
    legal risks involved in every country.
  • 67:59 - 68:03
    It is definitely the case that in some
    countries you may get in trouble
  • 68:03 - 68:11
    for visiting some websites that are
    considered illegal. So, I can go
  • 68:11 - 68:16
    in more detail into this if you
    come later to Noisy Square at 6.
  • 68:16 - 68:18
    Herald: The internet can’t
    come, that’s the problem!
  • 68:18 - 68:20
    Arturo: Ah, the internet can’t come, shit!
    Okay! laughter
  • 68:20 - 68:27
    So,… laughs
    applause
  • 68:27 - 68:29
    Jacob: There’re a lot of jokes in that!
  • 68:29 - 68:34
    Arturo: The short answer is that you
    should look at the test specifications,
  • 68:34 - 68:39
    that are written in English, and they have
    at the bottom some notes that detail
  • 68:39 - 68:46
    what can be some of the risks involved.
    But we are not lawyers. So we don’t know
  • 68:46 - 68:51
    what are the risks for all of the
    countries. So you should probably speak
  • 68:51 - 68:56
    to somebody that knows about these things
    in your country. And it’s experimental
  • 68:56 - 69:03
    software, and there are not many people
    that are doing this. So we generally can’t
  • 69:03 - 69:08
    say. Hope that answers your question.
    Question: Thanks a lot, yeah, thanks.
  • 69:08 - 69:11
    Herald: Alright, I guess, just to sum
    it up: Be careful whatever you do.
  • 69:11 - 69:16
    laughter and applause
    Alright, so, Jake was just asking
  • 69:16 - 69:20
    if maybe we could just gather a couple
    of questions, and then ask about them
  • 69:20 - 69:22
    outside. Did I get that right?
    Jacob: Yeah, so if everyone who is
  • 69:22 - 69:25
    at a microphone, disperse to the correct
    microphone, if you could just ask all your
  • 69:25 - 69:29
    questions, then everyone else who’s here
    that wants to hear the answers will know
  • 69:29 - 69:32
    that you should stick around and talk
    to us afterwards. We won’t answer
  • 69:32 - 69:35
    all these questions unless there’s
    a really burning one. But that way
  • 69:35 - 69:37
    the guys that are standing at the
    microphone, or the gals that are
  • 69:37 - 69:40
    standing at the microphone or other, can
    actually ask them right now, and if you’re
  • 69:40 - 69:43
    interested come and find us right
    afterwards. We’re going to probably
  • 69:43 - 69:47
    go to the tea house upstairs, or
    maybe I shouldn’t have said that.
  • 69:47 - 69:49
    laughter
    Herald: Alright, so we’re gonna do it
  • 69:49 - 69:51
    like this. We’re gonna rush through this.
    And we’re just gonna hear a lot of
  • 69:51 - 69:56
    interesting questions, but no answers. If
    you wanna hear the answers stay tuned
  • 69:56 - 70:00
    and don’t switch the channel. So we take
    a couple of questions. Microphone 5.
  • 70:00 - 70:04
    And be quick about it.
    Question: In regards to robustness and
  • 70:04 - 70:07
    the Mozilla partnership: Are there any
    thoughts about incrementally replacing
  • 70:07 - 70:11
    the C++ infrastructure
    with Rust? Eventually?
  • 70:11 - 70:15
    Herald: Microphone 4!
    Is it open, microphone 4?
  • 70:15 - 70:23
    Question: Can you compare Tor with JAP
    from TU Dresden in aspects of anonymity?
  • 70:23 - 70:26
    Herald: Okay, the other
    guy at microphone 4!
  • 70:26 - 70:30
    Question: To your knowledge has anyone got
    into trouble for running a non-exit relay?
  • 70:30 - 70:33
    And do you have any tips for people that
    wanna help by running a non-exit relay?
  • 70:33 - 70:35
    Herald: Okay, microphone 1, 2 guys.
  • 70:35 - 70:39
    Question: I have a question, or
    a suggestion for the funding problematic.
  • 70:39 - 70:44
    Have you… you’re teaming up with Mozilla,
    have you ever considered like producing
  • 70:44 - 70:48
    own smartphones, because there’s a huge
    margin. I also think there’s a problem
  • 70:48 - 70:56
    like… why most people don’t use
    cryptography is because there’s no
  • 70:56 - 71:01
    easy-to-use, out-of-the-box, cool product
    that’s like… that goes out and has a story
  • 71:01 - 71:03
    or anything, like the marketing on Apple.
  • 71:03 - 71:05
    Herald: Alright, the other
    guy at microphone 1.
  • 71:05 - 71:10
    Question: So a couple of minutes before
    the talk started someone did a Sibyl (?)
  • 71:10 - 71:14
    attack on Tor. And we should fix that
    a.s.a.p. So please don’t disappear
  • 71:14 - 71:17
    for the next few hours.
    Jacob rages, laughing, theatrically
  • 71:17 - 71:19
    Thanks!
  • 71:19 - 71:22
    Roger: It never ends.
    Jacob: It never ends!
  • 71:22 - 71:24
    Herald: Alright. Two questions
    from microphone 3.
  • 71:24 - 71:28
    Question: So when they took
    down Silkroad they took
  • 71:28 - 71:32
    a lot of Bitcoins with them. I wonder
    what the [U.S.] Government is doing
  • 71:32 - 71:35
    with the large amount of anonymized cash.
  • 71:35 - 71:37
    Roger: They auctioned it off.
    Jacob: They sell it. Next question.
  • 71:37 - 71:39
    Question: And I think they
    should give it to you.
  • 71:39 - 71:42
    Herald: Alright. Last question!
    Jacob: I fully agree!
  • 71:42 - 71:46
    Question: So to combat against the
    ‘misinformed journalists’ thing
  • 71:46 - 71:51
    why not have a dashboard, very
    prominently displayed on the Tor Project
  • 71:51 - 71:55
    listing all of the academic, open
    like known problems with Tor,
  • 71:55 - 71:58
    and always have the journalists go there
    first to get the source of information,
  • 71:58 - 72:00
    rather than misunderstanding
    academic research.
  • 72:00 - 72:03
    Jacob: Fantastic, so if you wanna know…
  • 72:03 - 72:05
    Herald: Alright, if you found any of these
    questions interesting, and you’re also
  • 72:05 - 72:09
    interested in the answers stick around, go
    to Noisy Square, speak to these two guys,
  • 72:09 - 72:12
    and get all your answers. Other than
    that, you heard it a Brillion times, but:
  • 72:12 - 72:16
    go home, start a relay! My friends and I
    did two years ago, after Jake’s keynote.
  • 72:16 - 72:19
    It’s really not that hard. You can make
    a difference. And thank you so much,
  • 72:19 - 72:20
    for Roger and Jake, as every year!
  • 72:20 - 72:28
    applause
  • 72:28 - 72:29
    silent postroll titles
  • 72:29 - 72:39
    subtitles created by c3subtitles.de
    in the year 2017. Join, and help us!
Title:
Jacob, arma: State of the Onion
Description:

more » « less
Video Language:
English
Duration:
01:12:39

English subtitles

Revisions Compare revisions