[nSLUG] CryptoParty comes to Halifax

robbie macg robbie.macg at gmail.com
Thu Jun 20 12:50:44 ADT 2013


Hi Mike,

I'll prep something TOR related for the event. It's a tool that
everyday people are interested in. I get questions from people who
want to go beyond 'Private Browsing' (the Bundle enforces hygienic
practices related to search, plugins, caching, etc. that some users
aren't up to managing on their own). I also get questions about the
idea of providing chaff for activists elsewhere by browsing with TOR.

I'll talk mostly about home/personal use, but touch on Bridges and
Exits as well (they're rather an important bit of the network after
all). I have run both Bridges and Exit Nodes in the past, have yet to
be SWATed. I'm not going to suggest that anyone boot up Vidalia and
run an Exit on their grandma's PC, but there's no reason to keep
people in the dark. Some people might want to consider running
Bridges/Exits down the road at work, via EC2, etc. Anyway, that'll be
the extra credit, we can talk about it later bit of the session.

I'll begin getting the word out about this event via social media, etc. today.

Thanks,
Robbie

p.s. George, don't you use HTTPS Everywhere?
https://www.eff.org/https-everywhere

On 20 June 2013 12:00,  <nslug-request at nslug.ns.ca> wrote:
> Send nSLUG mailing list submissions to
>         nslug at nslug.ns.ca
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://nslug.ns.ca/mailman/listinfo/nslug
> or, via email, send a message with subject or body 'help' to
>         nslug-request at nslug.ns.ca
>
> You can reach the person managing the list at
>         nslug-owner at nslug.ns.ca
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of nSLUG digest..."
>
>
> Today's Topics:
>
>    1. Re:  CryptoParty comes to Halifax (Mike Doherty)
>    2. Re:  CryptoParty comes to Halifax (George N. White III)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 19 Jun 2013 13:14:49 -0300
> From: Mike Doherty <doherty at cs.dal.ca>
> To: nslug at nslug.ns.ca
> Subject: Re: [nSLUG] CryptoParty comes to Halifax
> Message-ID: <51C1D8F9.4090705 at cs.dal.ca>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 13-06-19 11:17 AM, francis picabia wrote:
>> I read about a Tor exit node owner being arrested in Austria
>> because that was the IP identified accessing child porn.
>> Given this, and the recommendation from Tor website
>> to not run an exit node from home, are there enough
>> exit nodes in existence to make Tor useful?
>
> Running an exit node is a high-risk activity, and I agree that running
> an exit node from your home is almost certainly a bad idea. However,
> there are other ways to run an exit node, and there appear to be enough
> willing to do so that the Tor network functions adequately.
>
>> My initial feeling about Tor is that it may have its applications,
>> but for regular folks, this is kind of like wearing a stocking
>> over the head or covering up all windows in your home.
>> Tor use will have its own appearance to an ISP, which
>> can raise the question of why are they bothering to
>> disguise their IP and tunnel this traffic.  Most of us don't
>> want to look like we are about to rob a bank or hold
>> people in a basement dungeon, so we don't go
>> for an appearance resembling the type.
>
> These are very interesting questions, and are a subject of active
> debate. Tor is designed to look like Firefox communicating over HTTPS
> specifically so attackers on the network *can't* tell that it is Tor.
> This is important for evading China's firewall. This is an ongoing arms
> race.
>
> It also helps for many people to use Tor for their everyday activities.
> Using Tor shouldn't be suspicious, so normalizing it is helpful. It also
> helps to hide in a crowd, so having enough people using Tor is also
> important.
>
> -Mike
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 19 Jun 2013 14:17:11 -0300
> From: "George N. White III" <gnwiii at gmail.com>
> To: Nova Scotia Linux User Group <nslug at nslug.ns.ca>
> Subject: Re: [nSLUG] CryptoParty comes to Halifax
> Message-ID:
>         <CAKTOP44dqzOOk_OV=jwme2+yPry_Nk1HCZ2hAt0g1-6CLncuoA at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> On Wed, Jun 19, 2013 at 1:14 PM, Mike Doherty <doherty at cs.dal.ca> wrote:
>
>> On 13-06-19 11:17 AM, francis picabia wrote:
>> > I read about a Tor exit node owner being arrested in Austria
>> > because that was the IP identified accessing child porn.
>> > Given this, and the recommendation from Tor website
>> > to not run an exit node from home, are there enough
>> > exit nodes in existence to make Tor useful?
>>
>> Running an exit node is a high-risk activity, and I agree that running
>> an exit node from your home is almost certainly a bad idea. However,
>> there are other ways to run an exit node, and there appear to be enough
>> willing to do so that the Tor network functions adequately.
>>
>
> Running an exit node from your workplace is also almost certainly a
> bad idea, which leaves running it via neighbors' (the ones who let
> their dogs run loose and play loud music late at night) wireless routers.
> Then you can hope that when the police show up they will be distracted
> by the presence of illicit substances and fail to consider who had access
> to
> the wireless network.
>
>> My initial feeling about Tor is that it may have its applications,
>> > but for regular folks, this is kind of like wearing a stocking
>> > over the head or covering up all windows in your home.
>> > Tor use will have its own appearance to an ISP, which
>> > can raise the question of why are they bothering to
>> > disguise their IP and tunnel this traffic.  Most of us don't
>> > want to look like we are about to rob a bank or hold
>> > people in a basement dungeon, so we don't go
>> > for an appearance resembling the type.
>>
>> These are very interesting questions, and are a subject of active
>> debate. Tor is designed to look like Firefox communicating over HTTPS
>> specifically so attackers on the network *can't* tell that it is Tor.
>> This is important for evading China's firewall. This is an ongoing arms
>> race.
>>
>> It also helps for many people to use Tor for their everyday activities.
>> Using Tor shouldn't be suspicious, so normalizing it is helpful. It also
>> helps to hide in a crowd, so having enough people using Tor is also
>> important.
>
>
> Hiding in a crowd:
>
> At one time, secret messages were sent using newspaper
> classified ads -- the internet is full of places to broadcast messages that
> have special meaning to the intended recipient without raising flags.
> Typically such messages would be very small and would direct the
> recipient to the location of a larger message/file.
>
> PRISM is said to work less by analyzing contents and more from the
> web of connections.  Since connections can be classified by protocol,
> using https with sites other than your bank might attract extra attention.
>
> Participation in a large array of public lists and forums by a "known
> terrorist" could make it difficult to identify important contacts among
> all the individuals who use same lists and forums.
>
>
>
>
> --
> George N. White III <aa056 at chebucto.ns.ca>
> Head of St. Margarets Bay, Nova Scotia
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://nslug.ns.ca/mailman/private/nslug/attachments/20130619/3ccb597e/attachment-0001.html>
>
> ------------------------------
>
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/mailman/listinfo/nslug
>
>
> End of nSLUG Digest, Vol 310, Issue 1
> *************************************


More information about the nSLUG mailing list