This document provides an overview of anonymity systems like Tor, I2P, and Freenet. It describes how Tor works by passing data through proxies to provide anonymity. It also discusses who uses Tor, such as whistleblowers and journalists seeking privacy. The document outlines the Tor project's finances and how it is funded by various organizations. It concludes by covering some attacks against Tor like traffic analysis and compromising relay nodes.

2. OverviewAnonymity systemsReview of how Tor worksTor Project Inc.Helper tools and accessoriesAdvanced Tor controlAttack Vectors

3. Anonymity SystemsJAPI2PFreenetXerobankBotnets

4. FreenetStorage network p2p basedShares files on your system to other nodesPlausabile Deniability

5. I2POpposing design of TorUDP basedDarknet design Java, Python, and C API’sMixed routing based on packetsSplits tunneling between upstream and downstream“Garlic Routing” – mix streams together to prevent traffic analysisVariable latency design

6. TorTor (not TOR) – previously stood for The Onion RouterProvides a method of anonymity by passing data between proxies

7. Tor Network

8. TerminologyCell – your messageCircuit – tunnel made up of relaysEntry Node: first hop into the Tor networkExit Node: last hop before destinationRelay Node: middle hopBridge Node: nodes not listed in the Tor directory to evade filtering

9. Who’s Using Tor?WhistleblowersWikileaks – runs hidden serviceMilitariesfield opscommand and control using hidden servicesChinese journalists and dissidents

10. Tor Project501(c)(3) NFPFreely availableFull spec and full documentation

11. Project Financeshttps://www.torproject.org/about/financials.html

12. Current Project SponsorsFederal Grant: International Program to Support Democracy Human Rights and Labor$632,189International Broadcasting BureauVoice of America, Radio Free Europe/Radio Liberty, Radio and TV Martí, Radio Free Asia, Radio Sawa/Alhurra TV$270,000Stichting.NetAssociation of NFP’s in the Netherlands$38,279Google: $29,083ITT: $27,000Other: $9,997https://www.torproject.org/about/sponsors.html.en

13. Past FundersDARPA and Naval Research Labratory 2001-2006EFF – 2004-2005

14. Tor Performance

15. Number of Relays

16. Number of Users

17. Tor ToolsTorbuttonTor Browser BundleVidaliaTorCheckArmTor-ramdiskAnthony G. Basile from Buffalo

19. Tor Control Portauthenticate "“extendcircuit 0 a,b,c,…extendcircuit 0 a,bseteventscircsetconfconfitemMapaddress google.com=a.bGetconfconfitemTelnet to the control port Create custom circuits (long or short)Show live circuit informationChange configuration on the flyMap a site to an exit nodeReload a configuration

20. Attacks

21. Tor Passive Attack VectorsTraffic profiling – entry and exit analysisCleartext exit node transmissionFingerprinting - OS, browser, configuration, activityTiming correlationNetwork partitioningEnd to end Size correlation

22. Tor Active Attack VectorsCompromised keysMalicious web serversMalicious Exit/Relay nodesDoS non-controlled nodesTimestamping and taggingInjecting or replacing unencrypted infoMalicious Tor client

23. Tor Client Side AttacksDNS rebindingDisbanding attack – javascript, java, flashHistory disclosureTimezone information (partitioning)

24. Social Engineering AttacksGetting more traffic“Use my relay. I have huge tubes!”“Nick’s relay sucks”“I’ve added a feature to my node.”Replacement687474703a2f2f7777772e726f63686573746572323630302e636f6d2f6861782fPartitioning“Don’t use servers from this country”“These servers are amazing!”

25. More Infowww.torproject.orgMetrics.torproject.orgBlog.torproject.orgCheck.torproject.org@torproject