A Sanguine Neurastheniac

Entries tagged as ‘Tor’

Overclocking, wire tripping, and further adventures with Tor

February 27, 2013 · Leave a Comment

Tools of the Trade

Tools of the Trade

Yesterday I was at the OTI offices again for a workday. For a chunk of the day I worked with Dan Staples on reviewing some things I’d learned about network settings in Commotion, and testing a Tor-enabled Commotion build. (More on that in a separate post.)

A couple of funny things happened on the way to the Internet. First, running Tor on a Ubiquiti PicoStation wireless node caused the little machine to overheat and reboot within 30 seconds of the process starting! Ha! We niced the process and managed to get it to stay up long enough to properly start up. I’ll do some more troubleshooting to figure out why it’s running so hard and see if there’s a way to (literally) cool it down. But I thought that was a pretty awesome problem.

At the same time, I successfully connected to the Internet through a Buffalo Air Station router that was elegantly modified by Access Labs to be a Tor transparent proxy. A couple of funny things happened as a result. First, since I had Thunderbird open and set to check my email every 5 minutes or so, my Gmail accounts freaked out. I got notices of suspicious activity for 3 different accounts because all my network traffic was running over Tor, meaning that my mail requests were hitting the Gmail servers from several different Tor exit nodes around the world. This caused Gmail to assume that malicious users were trying to access my account from a bunch of different places. It was a minor hassle to convince Gmail to stop panicking, but it was kind of neat to trip that wire.

Most adorable of all, however, came from your favorite activist tech collective and mine, Riseup Labs. One of the IPs in the suspicious activity notices was listed this way:

Tuesday, February 26, 2013 9:04:31 PM UTC
IP Address: 77.109.139.87 (load-me-in-a-browser-if-this-tor-node-is-causing-you-grief.riseup.net.)
Location: Cham, Switzerland

So that’s a little message from the Riseup operators of that Tor exit node. If you do indeed load it in a browser, you’ll see that it’s a very wry RTFM.

Categories: Geekery
Tagged: , ,

Tor basics in plain English

January 28, 2013 · Leave a Comment

Here’s a cheat sheet that I wrote up for myself about two weeks ago after I’d gotten my bearings with the basics of Tor.  I actually wrote it as an informal status update to my mentor and realized that if it was helpful to me, it might be helpful to someone else.  If you see any errors, don’t be shy about setting me back on the right path!

First, though, please bask in the glory of this super awesome clickable graphic that demonstrates what network traffic is and isn’t obscured by Tor and HTTPS (encrypted HTTP).  This snippet below is just a teaser.  Click it to go to a page where you can click buttons for Tor and HTTPS and see how they work.

Tor and HTTP

Tor and HTTPS

After a visit to the OTI offices and an overview of Commotion with my project mentor Will Hawkins, I felt like the fog had parted a bit on the Commotion side so I moved over to get the same level of clarity with Tor.  That’s most of what I did that week.  The Tor IRC channel has been unexpectedly not-unpleasant and I have a basic grasp of the vocabulary and principles.I learned that all Tor-enabled machines use the same code, and they are differentiated by changes to the config file.  All Tor network participants (machines running Tor) are either clients or relays. Clients just connect to a stable entry, or “guard” node, and get on their merry way.

As for the rest, all relays are entry relays; some entry relays are guards (once they are proven to be stable via analysis of a descriptor that is pushed from the node once an hour); some entry relays are unlisted (therefore not publicly known) and they are called bridges; and finally only a relative few Tor nodes are configured as exit nodes.  Exits have specific policies that allow and disallow traffic to various places, allowing exit node operators to be choosy about what kind of activity they allow on their node.  Relevant ports on *nix machines include 9001 (data) and 9030 (directory).

         Tor
        /   \ 
  Client     Relay (Entry)
            /      |      \
        Guard    Bridge    Exit
   (if stable)  (unlisted)  (configurable rules)

I learned about verifying that your Tor relay is working correctly.  The easy way is to go to check.torproject.org and see if it says that you are routing through the Tor network.  But all it does is check whether you arrived at that page from one of the published exit nodes.  You can find the code in SVN here, and the code for a newer TorCheck utility is on Github.  Digging a little deeper, you should see Tor running if you do a ps -ef, and your Tor log file should have something to say about whether it is running properly or not.  More on logging and *nix behavior in a later post.

I looked at a list of ISPs that are Tor-friendly and Tor-unfriendly.  I found that mine probably is friendly, i.e., it was before it was acquired (twice).  But in talking to folks on IRC I was reasonably well assured that for the purposes of testing, especially if I’m running a bridge, I should be fine.

Before I came to that conclusion I kind of spun off into a swirl of what-ifs, wondering how safe it was to test Tor on my home IP.  I thought through scenarios where I might test on a hosted server, on a new and separate Internet connection to my house, and internally on a fake network of physical or virtual machines in my house.  I may revisit those options once I’m really moving with testing, depending on how informative I think my testbed seems to be, and for what use cases.

Categories: Geekery
Tagged: , ,

OPW Internship: Organizing My Thoughts

January 11, 2013 · Leave a Comment

As I wrote previously, I started a work-from-home internship with the Open Technology Institute last Wednesday. The project I was placed with has me working on boosting privacy and anonymity in wireless mesh networks. I spent some time orienting myself with the task and organizing my thoughts.

The stated goal of the project is to integrate Tor with Commotion. More specifically:

Tor Integration:

Commotion mesh nodes are capable of being configured to enter directly into the Tor network. We need an intern to configure, package, and document the process of making a tor-entry node. If the intern completes this task within the time frame they will have the opportunity to tackle custom configurations that will allow for Tor exit nodes on the mesh that allow small bandwidth Tor traffic from elsewhere to be run over the network to further obfuscate it.

Great! So….what does that mean? This was a good exercise in self-management and breaking a project apart into achievable bits. I started with some clarifying questions.

  • What is Commotion and what does it do? For whom?
  • What is Tor and what does it do? For whom?
  • What is the advantage of combining them and who would be interested in using such a tool?

(more…)

Categories: Appropriate Tech · Geekery
Tagged: , , ,