Connect through own TOR relay, make edge node traffic unreadable

7

3

I understand that one of the limitations of TOR is that whoever runs the edge node can read all the traffic running through it before it gets split up amongst the TOR cloud.

Lets say you were an oppressive authority, or simply law enforcement, then you could just set up a TOR edge node and wireshark and just dump all the data and look for things of interest.

Could this limitation of the TOR concept be mitigated by having a user set up their own TOR edge node (relay) and connecting through that relay from other computers. Where simple evaluation of the TOR network would show indistinguishable edge nodes - if I understand correctly.

cqm

Posted 2011-07-31T19:38:59.587

Reputation: 1 107

1The purpose of Tor is to provide IP anonymity instead of a secure connection and currently it achieves its goal nicely. Even if some evil people are able to dump all your traffic at the edge node, they will not know what the end point is. As long as you don't leaky your identity in the traffic (e.g. by sending a tracking cookie or connecting to some obscure host), you're probably safe. Of course, there's also the traffic analysis attack and no matter what you do, it's very hard to bypass. – billc.cn – 2011-08-13T03:16:56.357

Answers

5

Tor uses multi-layer encryption that addresses this very problem.

From the Tor Project FAQ :

Tor passes your traffic through at least 3 different servers before sending it on to the destination. Because there's a separate layer of encryption for each of the three relays, Tor does not modify, or even know, what you are sending into it. It merely relays your traffic, completely encrypted through the Tor network and has it pop out somewhere else in the world, completely intact.

A bad first of three servers can see encrypted Tor traffic coming from your computer. It still doesn't know who you are and what you are doing over Tor. It merely sees "This IP address is using Tor".

A bad third of three servers can see the traffic you sent into Tor. It won't know who sent this traffic. If you're using encryption, such as visiting a bank or e-commerce website, or encrypted mail connections, etc, it will only know the destination. It won't be able to see the data inside the traffic stream. You are still protected from this node figuring out who you are and if using encryption, what data you're sending to the destination.

To summarize : The first relay sees your IP but not your message, while the third relay sees your message but not your IP (and this also only if the message is not encrypted via https). So, unless the authority manages to get its bogus relays used as both first and third relays, it cannot fully trace your activities. And given the enormous number of Tor relays in the world, the authority will need to set up an enormous number of relays to have a good statistical chance of having its relays randomly selected as both first and third in the Tor chain.

Tor even has a protection against this scenario as well : You can I control which nodes (or country) are used for entry/exit. Tor also uses "entry guards" : each Tor client selects a few relays at random to use as entry points, and uses only those relays as first hop.

Conclusion : Tor is quite well protected, and one can further calibrate it to make it very safe from any one particular national agency. Using https (when possible) ensures even better protection.

harrymc

Posted 2011-07-31T19:38:59.587

Reputation: 306 093

Note: Attention to Tor anonymizing network Compromised by French researchers.

– harrymc – 2011-11-28T09:28:02.247

2

No. The limitation is mitigated by using an encrypted protocol over Tor such as HTTPS and making sure the certificate of the system you are connecting to is legitimate.

Other things you can do include:

  • making sure your transmissions don't leak information if you choose to leave them unencrypted. For a web browser/HTTP traffic this means: no Javascript (or selectively enable it with an add on such as No-Script), no cookies, and no plugins.

  • making sure your DNS lookups are over Tor as well as the protocols dependent on DNS. For a web browser/HTTP traffic, make sure the browser can SOCKS5 proxy DNS to Tor. Firefox+FoxyProxy can do this.

  • introducing random periods of time where you are not using Tor if you use Tor on a continuous long term basis

  • randomizing times that resources are accessed if you access resources over Tor on a periodic basis. For example, if you use Tor to check a website on a daily basis, don't check it at the same time every day.

LawrenceC

Posted 2011-07-31T19:38:59.587

Reputation: 63 487

UPDATE: Looks like Tor has a mode that accepts DNS requests as if it were a DNS server, and looks them up over Tor. Use this. – LawrenceC – 2013-01-04T13:04:49.163

0

If you don't want your traffic to be read by anyone, use encryption on both ends. Tor does not provide confidentiality, only anonymity, and only if you are very careful.

And setting up a Tor node you always connect to from all your PCs just makes that node trackable, it would have to be totally untraceable back to you which is quite impossible, because either it is physically close to you, or you you send your traffic to it in the plain (before it enters Tor).

Jürgen Strobel

Posted 2011-07-31T19:38:59.587

Reputation: 236

consider if that Tor node was in a cloud server instance that you controlled. Not physically close to me, yes information I sent to it would be sent before it enters Tor but what exactly would make that server stand out – cqm – 2011-08-14T03:59:57.313

They can ask your cloud provider who owns the node, for traffic log & dumps, etc. Anyone between you and the cloud can also see your traffic and your IP. This completely defies the purpose of Tor. – Jürgen Strobel – 2011-08-14T04:06:13.487

Asked: 2011-07-31T19:38:59.587

Viewed: 2 072 times

Active: 2013-09-05T12:46:36.570