Maybe I'm unique, but my dark net activity is usually pretty tame. The number one reason I use Tor is because browsing onion sites reminds a bit more of how the web used to be in the late 1990s. Lot's of garbage of course, but a lot more serendipitous discovery than the web today.
Because of its anonymous nature Onion sites are inherently resistant to being swallowed whole by advertising. Nobody on the dark web is creating "content marketing", if someone is trying to sell you something it's obvious. You're not the product on the dark web.
I know it's wishful thinking, but I often hope for a parallel web to really thrive on Tor.
While not Tor, I browse I2P websites from time to time. tracker2.postman.i2p is a great torrent tracker if I want to easily get access to leaked material I read in the news about. And planet.i2p to see newly "registered" websites. Content on those websites vary, but I've stumbled upon a couple of blogs, ranging from the mundane, to conspiracy theory blogs, which are also fun to read. It really does give you that 90s internet feeling.
A surprising number of "clarinet" (er clearnet spellcheck) sites have onion sites, if you use Brave and TOR it sometimes shows up a little onion in the right telling you there's an onion version available.
They also have private windows without Tor and the users probably found out that Tor takes quite longer and works only half the time compared to the ordinary private window, so I wouldn't get my hopes up that it is adopted massively.
Not a VPN, TOR just runs as a SOCKS proxy on whatever device you're using[0]. Replacing the actual network stack at OS level was considered but iirc was decided against because it would require admin permissions.
The TOR browser and Brave do the exact same thing, it's just that the TOR browser is configured to not store anything and to make sure it's fingerprint to other sites is as generic as possible (this is also why TOR warns you about changing window size, it un-generalizes that fingerprint). Both ultimately are conveniences because messing with SOCKS proxy settings is rather unfriendly for most users.
If you use a Linux distro, I'd recommend checking out torsocks[1], it's a shared library + a shell script that lets you "onion-ify" any application pretty easily.
[0]: This also means you can connect basically every mainstream browser to TOR if you know the port the SOCKS proxy is running on.
It would certainly make sense from a marketing perspective to claim it's using tor, and then have a tor-proxy service (think onion.cab) use tor for hidden services and also attempt to use tor for clearnet traffic but fail back to regular proxy if it fails.
If it were directly using tor then I'd have to agree that most people wouldn't use it. Only those that are technical enough to understand what's going on and the security aspects. But they wouldn't be using Brave for the Tor functionality, they'd be using Tor Browser.
This is a wrong conception. Using tor without Tor browser will make you stand out much more, since you're using a different browser. Not talking about non-browsers connections.
There is also the inescapable fact that Tor was created by US Intelligence, specifically the US Naval Research Lab[0]. And according to FOIA documents it continues to receive a huge chunk of funding & resources from US Intelligence, particularly from the United States Agency for Global Media (formerly the Broadcasting Board of Governors), which supervises our propaganda channels Voice of America and Radio Free Europe/Radio Liberty[1].
As far as I can tell, the US Intelligence community has never explained it's aims/goals for Tor. The fact that Tor not only attracts the type of traffic that US Intelligence would have a lot of interest in monitoring, but also by design then funnels that traffic through a small number of exit nodes, makes it seem self-explanatory. But I wouldn't want to presume anything.
You don't need (outdated) FOIA documents for that... Go to https://www.torproject.org/about/sponsors/ and you will see that they get money from the US government, if you want to know more about how much, go check the IRS 990 forms [1] or check the blog post that explains the 990, it also gives clear percentages on how much comes from where, [2]
This part appears to be missing from the Tor website:
> 2,500 pages of correspondence — including strategy and contracts and budgets and status updates — between the Tor Project and its main funder, a Central Intelligence Agency spinoff now known as the Broadcasting Board of Governors (BBG). These files show incredible cooperation between Tor and the regime change wing of the US government.
So the documents acquired via FOIA requests are worth reading, and it's worth discussing why the US Intelligence community has such an active interest in propping up Tor.
That’s probably one of the reasons that TLS over Tor has remained such a tough nut, with people who otherwise seem to have tinfoil hats claiming that it’s not needed because Tor provides enough protection. My opinion is that you want that end to end protection for the same reason you want it on the clearnet - to make so nobody along the way is sniffing your traffic. (that includes both exit nodes and any middle nodes that might be taking advantage of an unknown flaw or bias)
Having a bunch of Tor site certs in your MacOS keychain has its own issues, so what is really needed is a way for Tor browsers to accept those certs directly without using the OS trust stores. The current practice of authenticating the remote site by PGP signature would remain more or less the same - you just wouldn’t have exit nodes sniffing traffic.
I’m also convinced that the whole reason Google has pushed TLS so hard isn’t some noble quest to protect people’s privacy and freedom of speech - it’s more to keep people from blocking their advertisements, which isn’t nearly so sexy an argument, but it has brought good benefits for a lot of people.
> people who otherwise seem to have tinfoil hats claiming that it’s not needed because Tor provides enough protection
I've been on the side of advocating for it, but the other side isn't making an obviously ridiculous argument. The onion protocol itself negotiates an end-to-end cryptographic session, authenticated by the onion site's public key, between the onion site and the end user. There's not cleartext traffic sent between a Tor exit node and the onion site or anything!
My argument in favor of TLS to onion sites was that, at least as of onion protocol v2, the cryptographic session was not itself TLS, and its security and threat model hadn't been as extensively reviewed as those of TLS. So it might turn out that there was something suboptimal there that the rendezvous server could then use to perform a sophisticated cryptographic attack.
I don't know if this is still true of onion protocol v3 or if the client-to-onion-site session is now also based on TLS.
No, v3 isn't TLS either. TLS is only used as a connector between hops (so the client connect to a node using TLS, and the nodes connect to each other using TLS), but that is it. (I think, if I'm wrong do tell me. I didn't go check the spec)
You seem to mix up a lot of stuff here. The Tor Project thinks TLS for onion services is unneeded because they ARE end to end encrypted by design. The address itself is an ed25519 public key. And exit nodes are not involved in connecting to an onion service at all.
For connections to the clearnet it was always highly recommended to only use TLS and recent Tor browsers have now finally enabled https only mode that displays a big warning if you try to connect to a http server.
I use Tor Browser as my daily driver (for everything that doesn't need me to be logged into an account), for an on-principle protest against the out-of-control commercial surveillance that almost every Web site willingly participates in.
The federal government isn't in my threat model, and "you can't fight city hall".
AFAIK there are US intelligence agencies that rely on and use Tor for their agents abroad and US intelligence agencies that try to break it for their own reasons.
While this is true, it shouldn't make anyone more worthy of a closer look. It's the same argument used to justify mass surveillance. Trying to defend a Constitutional right to privacy, if one exists in your country, does not mean you are automatically trying to hide doing something wrong.
I didn't take the parent comment to be referring to governments. Most of the internet is made up of private organizations, many of which are interested in the traffic they carry.
Tor can be made substantially less obvious if you make sure the bitrate and packet timings over each 'hop' of users connections are fixed.
Eg. each client sends out 1000 1 kbyte packets per second to each peer, once per millisecond. Inside each packet, they send the onion encrypted user data. The rest of the packet is filled with rand().
Without that protection, any network attacker can do packet size and timing analysis to unmask nearly any user rather quickly.
I'm not sure if only the client does the padding, or if the padding also occurs at intermediate hops, but Tor does randomly pad traffic by default (from manpage of torrc):
CircuitPadding 0|1
If set to 0, Tor will not pad client circuits with additional cover
traffic. Only clients may set this option. This option should be
offered via the UI to mobile users for use where bandwidth may be
expensive. If set to 1, padding will be negotiated as per the
consensus and relay support (unlike ConnectionPadding,
CircuitPadding cannot be force-enabled). (Default: 1)
ReducedCircuitPadding 0|1
If set to 1, Tor will only use circuit padding algorithms that have
low overhead. Only clients may set this option. This option should
be offered via the UI to mobile users for use where bandwidth may
be expensive. (Default: 0)
Padding is always positive. That means every packet will always have its size increased, but never decreased. With a mixture of packet sizes, and flows, it's still only typically ~30 or so packets to identify a flow with this padding. That means a typical user might have anonymity for perhaps 1 additional second using this option...
Basically - this option doesn't serve it's intended purpose.
I took class in IT privacy back in the day. Exactly this idea came up. And while it really disables certain kinds of timing based attacks, the problem is it doesn't scale. If everyone did this, it seems the network would be flooded.
> The inescapable fact about Tor is that its traffic patterns make you stand out prominently.
I'm curious as to how it stands out. I can imagine a few things, like an ISP seeing traffic to known TOR intermediary nodes, or maybe analyzing packets to look for some sort of handshake?
> Just the fact you’re using it automatically makes you interesting and worthy of a closer look.
Sort of. But what would looking do? What does looking mean? The traffic is encrypted, they can look all they like. In the US they'll need more than "they connected to TOR" to get a warrant to search your device.
It's known from leaks that showing an interest in Tor is enough to get you on an NSA list. But this list was so incredibly broad that anyone with an interest in technology was/is probably on it, diminishing its usefulness to actually discriminate anyone.
I don't know if this is true, but I've read that if you plug in the tracking number for a package at USPS.com through Tor, the package will be flagged for inspection.
I use it when looking up drugs and medical conditions. If the NSA wants to spend their budget connecting me to searches about sumatriptan or plantar fascitis then that's a useful (useful to me, fuck the NSA) waste of their time. If not, then it creates noise for the rest of the network.
A colleague at a former academic job was questioned by campus police because he was one of a handful of people on the university network connected to TOR when a bomb threat was submitted (I forget how, though) from an IP address running a TOR exit node. Bomb threats from students were pretty common during exams, so after the cops saw that it was our very privacy conscious dev ops guy they didn't pursue him as a suspect. If the person who did it connected to TOR from the university network to submit a bomb threat to duck an exam, they definitely deserve to get caught. I think that qualifies as "just enough knowledge to be dangerous."
Sometimes it goes the other way too. In my high school, a handful of kids wore all black every day. They were harmless valley girls/guys if you spoke with them. I figured they _wanted_ to be seen as a threat.
Why would someone make a legit bomb threat? Isn't the point of the bomb for it to explode?
Two historical examples: The Weather Underground regularly and the IRA occasionally called in their bombs in advance order to reduce/remove civilian casualties. They tried to give enough time to evacuate an area but not enough time to find and defuse the device.
I wore all black as a high school student. It fit with my subculture intersts and I just dug the dark aesthetic. I knew other people found it to be unsettling but figured they should probably be more open minded and judge people for what they do and say rather than how they look... I was right, too. Cops disagreed. The nice part is how pleased people were to find out how pleasant I was to talk to.
The replies have reminded me to mention that I shouldn't judge so quickly and that a handful of those all-black-clothes-all-day-regardless-of-weather school mates were and some still are my friends. I still believe there is a message that is trying to be delivered via one's threads but it can be a plethora of messages rather than just "fear me". EOM.
This is one of the main reasons why I keep using Tor daily. The more people use Tor for normal browsing, the less interesting it becomes to be a Tor user, the better the anonymity for everyone else.
What if everyone believed that law-abiding citizens should use postcards for their mail? If a nonconformist tried to assert his privacy by using an envelope for his mail, it would draw suspicion. Perhaps the authorities would open his mail to see what he's hiding. Fortunately, we don't live in that kind of world, because everyone protects most of their mail with envelopes. So no one draws suspicion by asserting their privacy with an envelope. There's safety in numbers. Analogously, it would be nice if everyone routinely used encryption for all their email, innocent or not, so that no one drew suspicion by asserting their email privacy with encryption. Think of it as a form of solidarity.
> if you’re just maintaining a cookie recipe site on the dark web
Some people just want privacy. No need to have an specific "cookie recipe" activity: they would just browse the New York Times, but in full reassurance of anonymity - as they believe is normal.
(And by the way: "«brows[ing] the New York Times»" - as a sequence of actions - is not a neutral activity, but already a profiling one.)
a closer look maybe, but unless they break Tor they'll only have a close look at your timing traffic.
if you're worried, you could use a popular VPN to connect to Tor - using a VPN is less interesting. also, P2P app developers could consider running non-exit nodes in their clients for popular apps. there shouldn't be legal risks unless you're running an exit node, and this adds more noise to the signal of Tor users.
assume there's an xkeyscore query logging Tor connections within the US. that's easy for the NSA to implement, and seems like something they'd do, and would capture all users directly connecting.
now, a foreign VPN isn't going to be connected to the xkeyscore dragnet like Comcast would be. I'm sure the NSA's pwned dozens of VPN providers, but beam-splitting all VPN traffic into a colo'd supercomputer isn't going to be stealthy. the best the NSA could do is watch for outbound connections from the VPN to Tor, then match the connection to your ingress using their access inside the VPN's infra. they can't do that in bulk without the VPN company catching on. that's a capability they'll save for going after individuals. just the fact you connected to Tor isn't suspicious enough to be worth risking burning their backdoor, for them.
the point is that connecting to Tor via a VPN keeps you out of the dragnets. and all the VPN provider learns is that you're using them as a gateway into Tor.
Using a reputable VPN who claims no logs still places immense trust in that VPN provider. If you're a journalist or political dissident, it's possible your life is resting on that trust.
Alternatively, You -> ISP -> Tor -> VPN and paying with Monero obtained over Tor without ever having disclosed your ID or any revealing info means:
• Your ISP knows who you are, but not what you're doing (no anonymity, yes privacy). The connection to tor establishes privacy from ISP.
• Your Tor exit node sees you're connecting to a VPN, but does not know who you are, or what you're doing (yes anonymity, yes privacy). The routing of Tor establishes anonymity, but not privacy from the exit node. The connection to the VPN establishes privacy from the exit node.
• Your VPN provider knows a bit about what you're doing, but not who you are (yes anonymity, less privacy)
This offers additional protection if your VPN provider is compromised / lying about logging (you have no way to verify at any given moment, only that they weren't in past incidents that have gone to court, but this is no guarantee they can't be compelled to start logging your connections).
This also offers additional protection if your guard node and exit node are compromised, which is sufficient to deanonymize tor users.
What it does not offer protection against is all ISP's involved selling netflow metadata to a single party who uses timing and packet sizes to correlate traffic across all of these connections, like Team Cymru does with their Pure Signal Recon product (formerly called Augury).
If that scares you, I'd encourage you to look up what company actually owns and operates torproject's website, and how many contracts they have with governments, too.
they shouldn't be, but there's a practical difference in how often your house gets raided by FBI agents.
if a Tor user uses your exit node to email a bomb threat or access child porn, it's your source IP that shows up. the FBI should check your IP against the registry of exit node IPs, but if they don't it's still your door getting kicked in.
iirc IC still mostly uses burner shell companies for IPs, at least for running ops. Tor is fine for innocuous browsing but Tor exit nodes will stick out like a sore thumb in the victim's logs or IDS.
Just the fact you’re using it automatically makes you interesting and worthy of a closer look.
All well and good if you’re just maintaining a cookie recipe site on the dark web, but it’s rarely ever that, is it?