Wednesday, October 29, 2008

TOR Approach

Although TOR and JonDo aim at the same thing, their approach is different. JonDo traffic path is static, protected by the in dependency of screened companies. TOR seems to rely on randomness and safety by numbers.

Everybody can be a TOR relay, even your PC. TOR also changes path every 10 min or so, very much unlike JonDo. So unlike JonDo, it's pretty hard to sniff the entry and exit nodes because they changes for a particular connection.

TOR has a P2P feature that should be helping it's speed. If you run a relay, it should help with the network traffic, hence helping yourself at the same time. However, individuals don't want to be exit nodes, whose IP's will be exposed to whatever TOR users are doing. There is the option to avoid this. Also, since TOR allows all sort of network traffic, not only http, I suspect that it got slowed down a lot by bit torrent users.

Because of the large numbers of nodes across many countries, TOR probably will least be affected by data retention. However, there needs to be alerts when all nodes are in Germany.

When you sniff on a single entry or single exis node, because TOR path changes very often, any user will bound to pass through these nodes at times. This can be avoided by limiting the number of entry (or exit too?) nodes to hop.

JonDo avoid crooked nodes by legal contracts and inspections. In TOR, any crooked node can join the network at any time. If your adversary install larger numbers of high capacity nodes into the network, your anonmity can seriously be affected. The entry nodes have your IP, while the exit nodes have the URL and unencrypted contents. Again, it needs only one uncompromised node to protect your identity.

TOR seems to be usable during early morning in Europe. It's fail safe to download the TOR browser bundle, which include the TOR client, a GUI controller, a browser, and a software proxy to filter out unsafe content. The bundle also comes with a "universal" IM client, with your IP protected by TOR. But a few of the popular IM services won't work.

TOR has some interesting features, such as publishing web content on your PC while hiding your IP. The same hidden service is used in the TORchat bundle, which is a secure serverless chat client, where each user is only identified by a static long code word.

Interestingly, one can chain TOR and JonDo together using the proxy option in JonDo. In theory it doesn' t make the path more secure. But practically, the more nodes are included, it is less likely for rogue nodes to break anonymity, less likely for court orders to be effective.

No comments: