SlideShare a Scribd company logo

Dark Side of the Net Lecture 4 TOR

Download as PPTX, PDF
Marcus Leaning
Marcus Leaning

Week fourof an undergraduate course on the Dark Side of the Net taught at the university of Winchester.

1 of 29
MC3003 Dark Side of the Net Lecture 4 The Onion Router (TOR)
Introduction • This week we will look at The Onion Router (TOR) a system that allows for anonymous use of the internet. • TOR allows anonymity on the internet and is used by about 4.5 million people world wide (about .02% of the total users of the internet). • TOR is one of several systems that can be used to achieve anonymity, others include: • I2p – a peer to peer system that has lots of ‘hidden services’ – see later for discussion of this. • Tails – an operating system that can run on a USB stick, Uses TOR but with added security. • TOR is widely used by journalists in countries with heavy censorship, people who wish their communications to remain private and others who may have fear of law enforcement agencies for various reasons. • In this lecture we will look at: • A bit of back ground on TOR • How the internet works and some of its implicit problems – especially the problem of anonymity; • How TOR works; • Some of the applications to which it has been put; • Disadvantages
Anonymity • TOR permits anonymity on the internet. • This is fundamentally making ourselves unidentifiable when we use the internet. • It is about de-linking specific people from actions – trying to ensure that our actions on the internet cannot be traced back to us.
Normal use of the internet • When we use the internet our communications are very ‘open’: • People can see what we are looking at, emails we are sending, the sites we visit and who visited individual sites. • This happens as the internet was designed to be a public network – it did not have security as a core concern in its conception. • How traffic moves around the internet is public information.
Basics of how the internet works… • Information transmitted across the internet is broken down into small ‘packets’ of data. • These are labelled with information on who sent them and their eventual destination. • Every computer connected to the internet has a unique address – the IP (internet protocol) address. • There are two types of address IP v.4 and IP v.6 • IP v. 4 set of 4 3 digit number each between 0-256. EG 123.231.103.003. • IP v.6 8 hexadecimal numbers. EG. 2001:0db8:85a3:0he2:3ts37:8a2e:0370:7334 • When a packet is sent onto the internet ‘routers’ – computers that relay internet traffic - look at the destination and send it on to the next closest router. • The packets may go across a number of different routers before reaching their destination where the receiving computer will reassemble the packets back into the information.
R R R R R R R R R R R R R R
What can Eve do? • If Eve can take control of a node / router on the network she can install bits of software that do things. • Like Packet sniffers – these can look at data that is passed across that computer as it works its way across the network /internet. • From this she can see where the packet has come from, where it is going and its contents. • At the very least she can tell who is looking at what websites, the kind of thing they are doing (are the uploading, down loading files, email, looking at web pages etc). • However if the packets are unencrypted he can read them. • They may contain login information and passwords, confidential information, commercially sensitive information, bank details, credit card numbers etc… • All sorts of juicy data that people do not want known and could be used to build profiles for identity theft and other issues – later lecture on spam ‘spear fishing’.
What else do network analyser apps have on them? • The software also includes a programme called packet sniffer. • Packet sniffers allow network engineers to look at the individual packets that are being sent across a particular node or computer that is on a network. • You need to be on the local network to look at anything. • They will not see all the information being passed around. • But they may see some interesting stuff. • You can only use a packet sniffer on WIFI (so you become part of the network) • Warning: do not use a packet sniffer from a device where you log into the network with an account – it is usually against T&Cs. This is the captured packet. It is in hexadecimal, the translation is to the right.
Why was it designed like this? It’s stupid! • Great if you have nothing to hide… • This approach come from the early days of the internet when those using it were did really have much to hide or want to do so. • They did not care if people saw what they were doing on the internet. • They didn’t see the amount of widespread use that would emerge or the centrality of ICT to our daily lives. • This why cryptography was developed. • It hides the contents of packets of data.
Beyond the ability to ‘listen in’ to unencrypted data… • Your actions on the internet can be tied to your IP address which is your computer. • ISP retain connection records for at least a year. • The police can demand such records. • Investigatory powers bill (passed Nov 2016) requires ISPs to retain detailed records of “account reference, a source [Internet Protocol] and port address, a destination IP and port address and a time/date” for a year. This is accessible without a warrant. • Browsers can also give away valuable information to the websites you view. • The cookies you have on them, HTML 5 and e-tags give away valuable aspects of your identity. • And your computer and network activity may well be held onto for some time by your employer, university etc.
Public key helps… • As we noted previously public key encryption has now done a lot to assist help challenge this and if used correctly emails can now be mostly secret. • Many websites are also a lot more secure. • However even when we do encrypt information - such as when use a secure site (ones with a ) - our identity is revealed. • Even if we do encrypt messages and communications we can still see who is communicating with who without knowing what they actually said.
• From Eve’s point of view knowing that people said something, looked at something, spoke with someone is useful even if we don’t know what. • This is called traffic analysis. • Used in military intelligence and anti-terrorism a lot. • In tracing leaks in government – who communicated with journalists, even though we don’t know what was said, we can find out who said it. • But also in commercial usage and corporate espionage. • If you found out one of your competitors was having lots of discussions with your client you might be concerned (if it was one way from the competitor to the client it would be advertising but if both ways). • What if one of you top staff members was in communication with a competitor? Traffic analysis
So who wants to remain anonymous? • If you live in a society which has censorship rules or you are engaged in activity that the government or powerful organisations object to: • Green activists attacked by corporate and government surveillance; • Civil society and minority activists opposed to civil rights infringements; • Trade unionists opposing blacklisting; • Journalists investigating political corruption. • Such people find being able to communicate covertly very useful. • Also it is useful to: • Law enforcement (they may not want people running dodgy sites to know they are looking at them). • Business people (corporate espionage is very common) - hiring hackers to find out the cost of bids etc. • Abuse victims hiding from abusive partners.
Also whistle blowers like Edward Snowden • Computer scientist who worked for the CIA. • Found out some very bad things governments were doing. • Monitoring all internet traffic coming in and out of the UK; • Installing hidden aps on phones that allow monitoring of the microphone, data and all calls (this is now legal for the security service to do due to the Investigatory Powers Bill (2016)); • Used TOR and other systems to revel the secrets to the Guardian and other newspapers.
So what we need is… • We saw in week 2 how we can encrypt messages. • We now need to make ourselves anonymous. • So Eve cannot see what we are looking at; • So Eve cannot see who is looking at something; • This is where TOR comes in as it offers a way to hide anonymise the information. • It serves as an anonymising bridge between the user and the normal internet. • It is a way in which the user can browse the internet without fear of being identified. • It also has another function (explored in a minute)
TOR a history • Developed in mid 1990s by the US Navy Research Laboratories. • Taken on in 1997 by DARPA. • Released for public use in 2002 and then taken over and developed by Electronic Freedom Foundation, they then handed control to The TOR Project. • Largely funded by the United States Government, Swedish government and private contributors. • However other parts of the US government vigorously oppose TOR seeing it as helping terrorism.
Where it is used…
How TOR works - the TOR network • TOR produce a browser that a user installs on their computer. • TOR uses the same cables and communication pathways as the normal internet. • It is a ‘shadow’ network layered on top of the normal internet. • There is a network of routers across the internet that volunteer their services to TOR. • These routers (currently about 7000 of them) route traffic for TOR and do so using a different from the normal way of passing on internet traffic. • TOR takes the user’s packets and passes them through its network and then feeds them onto the normal internet. • Going through the TOR network removes any means of identification of the user. • (geographical and user data that is included in data transmission without the user’s permission)
Anonymising process • The TOR browser will determine three TOR routers on the network that it will use to convey its message. • Using the public keys of the three chosen TOR routers, the TOR browser wraps packets in 3 layers or skins (hence the name Onion) of encryption. • The normal information is stripped off the packet neither the source nor destination of the packet is available - this is why a normal router cannot deal with TOR data. • The user’s computer running TOR sends out the packet onto the TOR network to the first router it encounters, this is know as the ‘Entry Guard’. • The entry guard knows where the data has come from – but it does not know where the eventual destination. • It decrypts the first layer of encryption and this reveals the next destination on the network of the packet.
The second and third rings… • When the data packet arrives at the second router, that knows which computer sent it but does not know the original source (this was stripped off in the decryption process by the first router) and nor does it know the final destination. • The second computer decrypts the next layer and finds the third router. • It then forwards the packet on. • The third router, referred to as the ‘exit node’ knows which computer forwarded it the message but not the first computer and certainly not the original sender. It then decrypts the third layer and reveals the final destination. • It then send the packet on to the proper internet which routes it on.
R RR Onion router Onion router Onion router Onion router Onion router Onion router R R R R R Internet TOR Network
Normal packets vs TOR packets Sender To Packet contents (may be encrypted) First layer of encryption contains ‘from’ and ‘location’ of 2 TOR router. Second layer of encryption contains location of 1st router and 3rd TOR router. Third layer of encryption contains location of 2nd router and final destination.Packet contents, (may be encrypted) sender information removed.
R RR Onion router Onion router Onion router Onion router Onion router Onion router R R R R R Internet If eve attacks…
Eve… • Eve can see someone communicating with Bob. • But cannot see what is being said due to encryption. • And cannot identify who Alice is due to TOR. • Eve is not pleased. hdsuieFGjhnakxjkTjslzsnckT nakjUI12hasjmn9Hjkasdjh ? Alice’s identity unknown Content of message unreadable
Hidden sites - The dark web • TOR allows people to browse and visit websites without being identified. • For many this is considered a good thing. • But is also has a further application that is slightly more problematic use. • Hidden sites and services. • These are sites and services that are only viewable through the TOR browser. • They have a different suffix and no useful address: xgter$67asn.onion • They can’t been seen by normal browsers and there are two ways they hide….
Hidden services - 2 ways of hiding No. 1 No spiders allowed. • The hidden services are not indexed by search engines • (Week 1 we discussed how search engines work - spiders crawl web sites identify content and then send it back to the search engine for indexing). • Spiders cannot get onto the TOR network and are denied access to hidden services on TOR. • So the content of dark net sites cannot be found in the normal way.
No. 2 Web browsers can’t reach them • The name of a web site is designed for people. • These are translated into computing language by a computer called a Domain Name Server (DNS) this contains a list of where the web site is stored for a particular name. • When you visit a website your browser consults this list and brings up the correct site. • Onion sites do not register with the official DNS registry so cannot be found. • A normal browser will not know what to do with the address to be able to reach the website. • Instead TOR browsers send a encrypted message to TOR servers – this goes through a multistep process before revealing allowing the browser to display the page.
Disadvantages of TOR… • Speed – because of the complex encryption it can be slow. Watching video not really an option. • Alternatives using p2p eg Ip2 are faster. • The slow speed makes sit vulnerable to traffic analysis – they can see continually slow interactions, isolate them and see if anything can be gleaned from them. • Security – recently some big attacks have been made public- traffic analysis possible - some even argue that though the ideas are strong the implementation has been ‘holed’. • If all three nodes are owned by the same person your id is revealed. • If your data is not encrypted the exit node sees everything you send – user names for accounts. These will of course help to reveal who you are… • It can be blocked – the Great Firewall of China (legislative and technical means to limit China’s internet interaction with the outside world) has stopped TOR services working in China. (Iran has blocked it however)
Conclusion • A partial solution to traffic analysis problem for anonymity. • Needs other actions to fully work. • Relies on encryption technology. • Very useful for journalists and similar. • Also used by deviants to establish new markets – more on this next week.

Recommended

Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet? Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet?
Bangladesh Network Operators Group
 
How you can protect your online identity, online privacy and VPNs
How you can protect your online identity, online privacy and VPNsHow you can protect your online identity, online privacy and VPNs
How you can protect your online identity, online privacy and VPNs
Iulia Porneala
 
Darknet (ec)
Darknet (ec) Darknet (ec)
Darknet (ec)
Bradley W. Deacon
 
The Dark web - Why the hidden part of the web is even more dangerous?
The Dark web - Why the hidden part of the web is even more dangerous?The Dark web - Why the hidden part of the web is even more dangerous?
The Dark web - Why the hidden part of the web is even more dangerous?
Pierluigi Paganini
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developments
Andres Baravalle
 
Darknet
DarknetDarknet
DarknetHiro Oshikawa
 
Dark net
Dark netDark net
Dark netPaolo Razon
 
Dark web
Dark webDark web
Dark web
Safwan Hashmi
 

Recommended

Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet? Darknet - Is this the future of Internet?
Darknet - Is this the future of Internet?
Bangladesh Network Operators Group
 
How you can protect your online identity, online privacy and VPNs
How you can protect your online identity, online privacy and VPNsHow you can protect your online identity, online privacy and VPNs
How you can protect your online identity, online privacy and VPNs
Iulia Porneala
 
Darknet (ec)
Darknet (ec) Darknet (ec)
Darknet (ec)
Bradley W. Deacon
 
The Dark web - Why the hidden part of the web is even more dangerous?
The Dark web - Why the hidden part of the web is even more dangerous?The Dark web - Why the hidden part of the web is even more dangerous?
The Dark web - Why the hidden part of the web is even more dangerous?
Pierluigi Paganini
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developments
Andres Baravalle
 
Darknet
DarknetDarknet
DarknetHiro Oshikawa
 
Dark net
Dark netDark net
Dark netPaolo Razon
 
Dark web
Dark webDark web
Dark web
Safwan Hashmi
 
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Trend Micro
 
Darknet
DarknetDarknet
Darknet
Vishnu Shaji
 
Why We Need a Dark(er) Web
Why We Need a Dark(er) WebWhy We Need a Dark(er) Web
Why We Need a Dark(er) Web
Jeroen Baert
 
Darknet
DarknetDarknet
Darknet
KamalPreet Saluja
 
Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?
Anshu Prateek
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark Web
Swecha | స్వేచ్ఛ
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
Brian Pichman
 
Darknet
DarknetDarknet
DarknetMatthew Kwong
 
I2P and the Dark Web
I2P and the Dark WebI2P and the Dark Web
I2P and the Dark Web
John Liu
 
Deep and Dark Web
Deep and Dark WebDeep and Dark Web
Deep and Dark Web
Md. Nazmus Shakib Robin
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark Web
Case IQ
 
The Dark side of the Web
The Dark side of the WebThe Dark side of the Web
The Dark side of the Web
Paula Ripoll Cacho
 
The Dark Net
The Dark NetThe Dark Net
The Dark Net
Manabu Kobayashi
 
Research in the deep web
Research in the deep webResearch in the deep web
Research in the deep web
Seth Porter, MA, MLIS
 
The dark web darwin de leon
The dark web darwin de leonThe dark web darwin de leon
The dark web darwin de leonDarwin de Leon
 
How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?
Mark Fisher
 
Guide to dark web
Guide to dark webGuide to dark web
Guide to dark web
Jspider - Noida
 
Deepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar anchaDeepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar ancha
vinod kumar
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
Nicholas Davis
 
My darkweb-presentation
My darkweb-presentationMy darkweb-presentation
My darkweb-presentation
Paul Wilson
 
Tor network seminar by 13504
Tor network seminar by 13504 Tor network seminar by 13504
Tor network seminar by 13504
Prashant Rana
 
Acpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using TorAcpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using Tor
Jack Maynard
 

More Related Content

What's hot

Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Trend Micro
 
Darknet
DarknetDarknet
Darknet
Vishnu Shaji
 
Why We Need a Dark(er) Web
Why We Need a Dark(er) WebWhy We Need a Dark(er) Web
Why We Need a Dark(er) Web
Jeroen Baert
 
Darknet
DarknetDarknet
Darknet
KamalPreet Saluja
 
Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?
Anshu Prateek
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark Web
Swecha | స్వేచ్ఛ
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
Brian Pichman
 
I2P and the Dark Web
I2P and the Dark WebI2P and the Dark Web
I2P and the Dark Web
John Liu
 
Deep and Dark Web
Deep and Dark WebDeep and Dark Web
Deep and Dark Web
Md. Nazmus Shakib Robin
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark Web
Case IQ
 
The Dark side of the Web
The Dark side of the WebThe Dark side of the Web
The Dark side of the Web
Paula Ripoll Cacho
 
The Dark Net
The Dark NetThe Dark Net
The Dark Net
Manabu Kobayashi
 
Research in the deep web
Research in the deep webResearch in the deep web
Research in the deep web
Seth Porter, MA, MLIS
 
The dark web darwin de leon
The dark web darwin de leonThe dark web darwin de leon
The dark web darwin de leonDarwin de Leon
 
How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?
Mark Fisher
 
Guide to dark web
Guide to dark webGuide to dark web
Guide to dark web
Jspider - Noida
 
Deepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar anchaDeepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar ancha
vinod kumar
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
Nicholas Davis
 
My darkweb-presentation
My darkweb-presentationMy darkweb-presentation
My darkweb-presentation
Paul Wilson
 

What's hot (20)

Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
 
Darknet
DarknetDarknet
Darknet
 
Why We Need a Dark(er) Web
Why We Need a Dark(er) WebWhy We Need a Dark(er) Web
Why We Need a Dark(er) Web
 
Darknet
DarknetDarknet
Darknet
 
Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark Web
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
 
Darknet
DarknetDarknet
Darknet
 
I2P and the Dark Web
I2P and the Dark WebI2P and the Dark Web
I2P and the Dark Web
 
Deep and Dark Web
Deep and Dark WebDeep and Dark Web
Deep and Dark Web
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark Web
 
The Dark side of the Web
The Dark side of the WebThe Dark side of the Web
The Dark side of the Web
 
The Dark Net
The Dark NetThe Dark Net
The Dark Net
 
Research in the deep web
Research in the deep webResearch in the deep web
Research in the deep web
 
The dark web darwin de leon
The dark web darwin de leonThe dark web darwin de leon
The dark web darwin de leon
 
How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?How Much is My Information Worth on the Dark Web?
How Much is My Information Worth on the Dark Web?
 
Guide to dark web
Guide to dark webGuide to dark web
Guide to dark web
 
Deepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar anchaDeepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar ancha
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
 
My darkweb-presentation
My darkweb-presentationMy darkweb-presentation
My darkweb-presentation
 

Similar to Dark Side of the Net Lecture 4 TOR

Tor network seminar by 13504
Tor network seminar by 13504 Tor network seminar by 13504
Tor network seminar by 13504
Prashant Rana
 
Acpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using TorAcpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using Tor
Jack Maynard
 
The Dark Web : Hidden Services
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
Anshu Singh
 
.Onion
.Onion.Onion
.Onion
KajolPatel17
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
Khaled Mosharraf
 
Anonymity Network TOR
Anonymity Network TOR Anonymity Network TOR
Anonymity Network TOR
A.K.M Bahalul Haque Pallob
 
Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic network
Apurv Singh Gautam
 
Dark Side of the Net Lecture 1 Introduction
Dark Side of the Net Lecture 1 IntroductionDark Side of the Net Lecture 1 Introduction
Dark Side of the Net Lecture 1 Introduction
Marcus Leaning
 
Cyber crime- a case study
Cyber crime- a case studyCyber crime- a case study
Cyber crime- a case study
Shubh Thakkar
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
Ahmed Mater
 
Onion protocol
Onion protocolOnion protocol
Onion protocol
Anshu Raj
 
Internet tech lessons
Internet tech lessonsInternet tech lessons
Internet tech lessonslearnt
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
Rishikese MR
 
Tor Presentation
Tor PresentationTor Presentation
Tor Presentation
Hassan Faraz
 
Pichman privacy, the dark web, & hacker devices i school (1)
Pichman privacy, the dark web, & hacker devices i school (1)Pichman privacy, the dark web, & hacker devices i school (1)
Pichman privacy, the dark web, & hacker devices i school (1)
Stephen Abram
 
Dark Web.pptx
Dark Web.pptxDark Web.pptx
Dark Web.pptx
eliofatjon
 
Dark web
Dark webDark web
Dark web
aakshidhingra
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet Report
Ahmed Mater
 

Similar to Dark Side of the Net Lecture 4 TOR (20)

Tor network seminar by 13504
Tor network seminar by 13504 Tor network seminar by 13504
Tor network seminar by 13504
 
Acpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using TorAcpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using Tor
 
The Dark Web : Hidden Services
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
 
Cyber Crime Challanges
Cyber Crime ChallangesCyber Crime Challanges
Cyber Crime Challanges
 
.Onion
.Onion.Onion
.Onion
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
 
Anonymity Network TOR
Anonymity Network TOR Anonymity Network TOR
Anonymity Network TOR
 
Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic network
 
Dark Side of the Net Lecture 1 Introduction
Dark Side of the Net Lecture 1 IntroductionDark Side of the Net Lecture 1 Introduction
Dark Side of the Net Lecture 1 Introduction
 
Cyber crime- a case study
Cyber crime- a case studyCyber crime- a case study
Cyber crime- a case study
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
 
Onion protocol
Onion protocolOnion protocol
Onion protocol
 
Internet tech lessons
Internet tech lessonsInternet tech lessons
Internet tech lessons
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
 
Tor Presentation
Tor PresentationTor Presentation
Tor Presentation
 
Pichman privacy, the dark web, & hacker devices i school (1)
Pichman privacy, the dark web, & hacker devices i school (1)Pichman privacy, the dark web, & hacker devices i school (1)
Pichman privacy, the dark web, & hacker devices i school (1)
 
Dark Web.pptx
Dark Web.pptxDark Web.pptx
Dark Web.pptx
 
Dark web
Dark webDark web
Dark web
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet Report
 

More from Marcus Leaning

Social capital
Social capitalSocial capital
Social capital
Marcus Leaning
 
Customers
CustomersCustomers
Customers
Marcus Leaning
 
Marketing and competition
Marketing and competitionMarketing and competition
Marketing and competition
Marcus Leaning
 
Enterprize Module pricing
Enterprize Module pricingEnterprize Module pricing
Enterprize Module pricing
Marcus Leaning
 
Whatever happened to the digital divide
Whatever happened to the digital divideWhatever happened to the digital divide
Whatever happened to the digital divide
Marcus Leaning
 
Brexit, social media and fake news
Brexit, social media and fake newsBrexit, social media and fake news
Brexit, social media and fake news
Marcus Leaning
 
Media literacy workshop - Media Literacy and digital citizenship
Media literacy workshop - Media Literacy and digital citizenshipMedia literacy workshop - Media Literacy and digital citizenship
Media literacy workshop - Media Literacy and digital citizenship
Marcus Leaning
 
Video lectures
Video lecturesVideo lectures
Video lectures
Marcus Leaning
 
Engaging students with digital tools
Engaging students with digital toolsEngaging students with digital tools
Engaging students with digital tools
Marcus Leaning
 
Undergraduate media degrees in uk universities [autosaved]
Undergraduate media degrees in uk universities [autosaved]Undergraduate media degrees in uk universities [autosaved]
Undergraduate media degrees in uk universities [autosaved]
Marcus Leaning
 
Research methods introduction
Research methods introductionResearch methods introduction
Research methods introduction
Marcus Leaning
 
Doing a literature review
Doing a literature reviewDoing a literature review
Doing a literature review
Marcus Leaning
 
Teaching theory
Teaching theoryTeaching theory
Teaching theory
Marcus Leaning
 
Dark Side of the Net Lecture 3 Bitcoin
Dark Side of the Net Lecture 3 BitcoinDark Side of the Net Lecture 3 Bitcoin
Dark Side of the Net Lecture 3 Bitcoin
Marcus Leaning
 
Dark Side of the Net Lecture 2 Cryptography
Dark Side of the Net Lecture 2 CryptographyDark Side of the Net Lecture 2 Cryptography
Dark Side of the Net Lecture 2 Cryptography
Marcus Leaning
 
Towards a cosmopolitan media and information literacy
Towards a cosmopolitan media and information literacy Towards a cosmopolitan media and information literacy
Towards a cosmopolitan media and information literacy
Marcus Leaning
 
Internet accessibility: Continental Comparison
Internet accessibility: Continental ComparisonInternet accessibility: Continental Comparison
Internet accessibility: Continental Comparison
Marcus Leaning
 
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
Marcus Leaning
 
Brexit campaigns and digital media
Brexit campaigns and digital mediaBrexit campaigns and digital media
Brexit campaigns and digital media
Marcus Leaning
 
Eating your neighbour’s cat food: having students provide blind peer review t...
Eating your neighbour’s cat food: having students provide blind peer review t...Eating your neighbour’s cat food: having students provide blind peer review t...
Eating your neighbour’s cat food: having students provide blind peer review t...
Marcus Leaning
 

More from Marcus Leaning (20)

Social capital
Social capitalSocial capital
Social capital
 
Customers
CustomersCustomers
Customers
 
Marketing and competition
Marketing and competitionMarketing and competition
Marketing and competition
 
Enterprize Module pricing
Enterprize Module pricingEnterprize Module pricing
Enterprize Module pricing
 
Whatever happened to the digital divide
Whatever happened to the digital divideWhatever happened to the digital divide
Whatever happened to the digital divide
 
Brexit, social media and fake news
Brexit, social media and fake newsBrexit, social media and fake news
Brexit, social media and fake news
 
Media literacy workshop - Media Literacy and digital citizenship
Media literacy workshop - Media Literacy and digital citizenshipMedia literacy workshop - Media Literacy and digital citizenship
Media literacy workshop - Media Literacy and digital citizenship
 
Video lectures
Video lecturesVideo lectures
Video lectures
 
Engaging students with digital tools
Engaging students with digital toolsEngaging students with digital tools
Engaging students with digital tools
 
Undergraduate media degrees in uk universities [autosaved]
Undergraduate media degrees in uk universities [autosaved]Undergraduate media degrees in uk universities [autosaved]
Undergraduate media degrees in uk universities [autosaved]
 
Research methods introduction
Research methods introductionResearch methods introduction
Research methods introduction
 
Doing a literature review
Doing a literature reviewDoing a literature review
Doing a literature review
 
Teaching theory
Teaching theoryTeaching theory
Teaching theory
 
Dark Side of the Net Lecture 3 Bitcoin
Dark Side of the Net Lecture 3 BitcoinDark Side of the Net Lecture 3 Bitcoin
Dark Side of the Net Lecture 3 Bitcoin
 
Dark Side of the Net Lecture 2 Cryptography
Dark Side of the Net Lecture 2 CryptographyDark Side of the Net Lecture 2 Cryptography
Dark Side of the Net Lecture 2 Cryptography
 
Towards a cosmopolitan media and information literacy
Towards a cosmopolitan media and information literacy Towards a cosmopolitan media and information literacy
Towards a cosmopolitan media and information literacy
 
Internet accessibility: Continental Comparison
Internet accessibility: Continental ComparisonInternet accessibility: Continental Comparison
Internet accessibility: Continental Comparison
 
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
 
Brexit campaigns and digital media
Brexit campaigns and digital mediaBrexit campaigns and digital media
Brexit campaigns and digital media
 
Eating your neighbour’s cat food: having students provide blind peer review t...
Eating your neighbour’s cat food: having students provide blind peer review t...Eating your neighbour’s cat food: having students provide blind peer review t...
Eating your neighbour’s cat food: having students provide blind peer review t...
 

Recently uploaded

CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
BhavyaRajput3
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
joachimlavalley1
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
siemaillard
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
Sectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdfSectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdf
Vivekanand Anglo Vedic Academy
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptxMARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
bennyroshan06
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
beazzy04
 
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdfESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
Fundacja Rozwoju Społeczeństwa Przedsiębiorczego
 
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
AzmatAli747758
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
TechSoup
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 

Recently uploaded (20)

CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
Sectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdfSectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdf
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptxMARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
 
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdfESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
 
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 

Dark Side of the Net Lecture 4 TOR

  • 1. MC3003 Dark Side of the Net Lecture 4 The Onion Router (TOR)
  • 2. Introduction • This week we will look at The Onion Router (TOR) a system that allows for anonymous use of the internet. • TOR allows anonymity on the internet and is used by about 4.5 million people world wide (about .02% of the total users of the internet). • TOR is one of several systems that can be used to achieve anonymity, others include: • I2p – a peer to peer system that has lots of ‘hidden services’ – see later for discussion of this. • Tails – an operating system that can run on a USB stick, Uses TOR but with added security. • TOR is widely used by journalists in countries with heavy censorship, people who wish their communications to remain private and others who may have fear of law enforcement agencies for various reasons. • In this lecture we will look at: • A bit of back ground on TOR • How the internet works and some of its implicit problems – especially the problem of anonymity; • How TOR works; • Some of the applications to which it has been put; • Disadvantages
  • 3. Anonymity • TOR permits anonymity on the internet. • This is fundamentally making ourselves unidentifiable when we use the internet. • It is about de-linking specific people from actions – trying to ensure that our actions on the internet cannot be traced back to us.
  • 4. Normal use of the internet • When we use the internet our communications are very ‘open’: • People can see what we are looking at, emails we are sending, the sites we visit and who visited individual sites. • This happens as the internet was designed to be a public network – it did not have security as a core concern in its conception. • How traffic moves around the internet is public information.
  • 5. Basics of how the internet works… • Information transmitted across the internet is broken down into small ‘packets’ of data. • These are labelled with information on who sent them and their eventual destination. • Every computer connected to the internet has a unique address – the IP (internet protocol) address. • There are two types of address IP v.4 and IP v.6 • IP v. 4 set of 4 3 digit number each between 0-256. EG 123.231.103.003. • IP v.6 8 hexadecimal numbers. EG. 2001:0db8:85a3:0he2:3ts37:8a2e:0370:7334 • When a packet is sent onto the internet ‘routers’ – computers that relay internet traffic - look at the destination and send it on to the next closest router. • The packets may go across a number of different routers before reaching their destination where the receiving computer will reassemble the packets back into the information.
  • 7. What can Eve do? • If Eve can take control of a node / router on the network she can install bits of software that do things. • Like Packet sniffers – these can look at data that is passed across that computer as it works its way across the network /internet. • From this she can see where the packet has come from, where it is going and its contents. • At the very least she can tell who is looking at what websites, the kind of thing they are doing (are the uploading, down loading files, email, looking at web pages etc). • However if the packets are unencrypted he can read them. • They may contain login information and passwords, confidential information, commercially sensitive information, bank details, credit card numbers etc… • All sorts of juicy data that people do not want known and could be used to build profiles for identity theft and other issues – later lecture on spam ‘spear fishing’.
  • 8. What else do network analyser apps have on them? • The software also includes a programme called packet sniffer. • Packet sniffers allow network engineers to look at the individual packets that are being sent across a particular node or computer that is on a network. • You need to be on the local network to look at anything. • They will not see all the information being passed around. • But they may see some interesting stuff. • You can only use a packet sniffer on WIFI (so you become part of the network) • Warning: do not use a packet sniffer from a device where you log into the network with an account – it is usually against T&Cs. This is the captured packet. It is in hexadecimal, the translation is to the right.
  • 9. Why was it designed like this? It’s stupid! • Great if you have nothing to hide… • This approach come from the early days of the internet when those using it were did really have much to hide or want to do so. • They did not care if people saw what they were doing on the internet. • They didn’t see the amount of widespread use that would emerge or the centrality of ICT to our daily lives. • This why cryptography was developed. • It hides the contents of packets of data.
  • 10. Beyond the ability to ‘listen in’ to unencrypted data… • Your actions on the internet can be tied to your IP address which is your computer. • ISP retain connection records for at least a year. • The police can demand such records. • Investigatory powers bill (passed Nov 2016) requires ISPs to retain detailed records of “account reference, a source [Internet Protocol] and port address, a destination IP and port address and a time/date” for a year. This is accessible without a warrant. • Browsers can also give away valuable information to the websites you view. • The cookies you have on them, HTML 5 and e-tags give away valuable aspects of your identity. • And your computer and network activity may well be held onto for some time by your employer, university etc.
  • 11. Public key helps… • As we noted previously public key encryption has now done a lot to assist help challenge this and if used correctly emails can now be mostly secret. • Many websites are also a lot more secure. • However even when we do encrypt information - such as when use a secure site (ones with a ) - our identity is revealed. • Even if we do encrypt messages and communications we can still see who is communicating with who without knowing what they actually said.
  • 12. • From Eve’s point of view knowing that people said something, looked at something, spoke with someone is useful even if we don’t know what. • This is called traffic analysis. • Used in military intelligence and anti-terrorism a lot. • In tracing leaks in government – who communicated with journalists, even though we don’t know what was said, we can find out who said it. • But also in commercial usage and corporate espionage. • If you found out one of your competitors was having lots of discussions with your client you might be concerned (if it was one way from the competitor to the client it would be advertising but if both ways). • What if one of you top staff members was in communication with a competitor? Traffic analysis
  • 13. So who wants to remain anonymous? • If you live in a society which has censorship rules or you are engaged in activity that the government or powerful organisations object to: • Green activists attacked by corporate and government surveillance; • Civil society and minority activists opposed to civil rights infringements; • Trade unionists opposing blacklisting; • Journalists investigating political corruption. • Such people find being able to communicate covertly very useful. • Also it is useful to: • Law enforcement (they may not want people running dodgy sites to know they are looking at them). • Business people (corporate espionage is very common) - hiring hackers to find out the cost of bids etc. • Abuse victims hiding from abusive partners.
  • 14. Also whistle blowers like Edward Snowden • Computer scientist who worked for the CIA. • Found out some very bad things governments were doing. • Monitoring all internet traffic coming in and out of the UK; • Installing hidden aps on phones that allow monitoring of the microphone, data and all calls (this is now legal for the security service to do due to the Investigatory Powers Bill (2016)); • Used TOR and other systems to revel the secrets to the Guardian and other newspapers.
  • 15. So what we need is… • We saw in week 2 how we can encrypt messages. • We now need to make ourselves anonymous. • So Eve cannot see what we are looking at; • So Eve cannot see who is looking at something; • This is where TOR comes in as it offers a way to hide anonymise the information. • It serves as an anonymising bridge between the user and the normal internet. • It is a way in which the user can browse the internet without fear of being identified. • It also has another function (explored in a minute)
  • 16. TOR a history • Developed in mid 1990s by the US Navy Research Laboratories. • Taken on in 1997 by DARPA. • Released for public use in 2002 and then taken over and developed by Electronic Freedom Foundation, they then handed control to The TOR Project. • Largely funded by the United States Government, Swedish government and private contributors. • However other parts of the US government vigorously oppose TOR seeing it as helping terrorism.
  • 17. Where it is used…
  • 18. How TOR works - the TOR network • TOR produce a browser that a user installs on their computer. • TOR uses the same cables and communication pathways as the normal internet. • It is a ‘shadow’ network layered on top of the normal internet. • There is a network of routers across the internet that volunteer their services to TOR. • These routers (currently about 7000 of them) route traffic for TOR and do so using a different from the normal way of passing on internet traffic. • TOR takes the user’s packets and passes them through its network and then feeds them onto the normal internet. • Going through the TOR network removes any means of identification of the user. • (geographical and user data that is included in data transmission without the user’s permission)
  • 19. Anonymising process • The TOR browser will determine three TOR routers on the network that it will use to convey its message. • Using the public keys of the three chosen TOR routers, the TOR browser wraps packets in 3 layers or skins (hence the name Onion) of encryption. • The normal information is stripped off the packet neither the source nor destination of the packet is available - this is why a normal router cannot deal with TOR data. • The user’s computer running TOR sends out the packet onto the TOR network to the first router it encounters, this is know as the ‘Entry Guard’. • The entry guard knows where the data has come from – but it does not know where the eventual destination. • It decrypts the first layer of encryption and this reveals the next destination on the network of the packet.
  • 20. The second and third rings… • When the data packet arrives at the second router, that knows which computer sent it but does not know the original source (this was stripped off in the decryption process by the first router) and nor does it know the final destination. • The second computer decrypts the next layer and finds the third router. • It then forwards the packet on. • The third router, referred to as the ‘exit node’ knows which computer forwarded it the message but not the first computer and certainly not the original sender. It then decrypts the third layer and reveals the final destination. • It then send the packet on to the proper internet which routes it on.
  • 22. Normal packets vs TOR packets Sender To Packet contents (may be encrypted) First layer of encryption contains ‘from’ and ‘location’ of 2 TOR router. Second layer of encryption contains location of 1st router and 3rd TOR router. Third layer of encryption contains location of 2nd router and final destination.Packet contents, (may be encrypted) sender information removed.
  • 24. Eve… • Eve can see someone communicating with Bob. • But cannot see what is being said due to encryption. • And cannot identify who Alice is due to TOR. • Eve is not pleased. hdsuieFGjhnakxjkTjslzsnckT nakjUI12hasjmn9Hjkasdjh ? Alice’s identity unknown Content of message unreadable
  • 25. Hidden sites - The dark web • TOR allows people to browse and visit websites without being identified. • For many this is considered a good thing. • But is also has a further application that is slightly more problematic use. • Hidden sites and services. • These are sites and services that are only viewable through the TOR browser. • They have a different suffix and no useful address: xgter$67asn.onion • They can’t been seen by normal browsers and there are two ways they hide….
  • 26. Hidden services - 2 ways of hiding No. 1 No spiders allowed. • The hidden services are not indexed by search engines • (Week 1 we discussed how search engines work - spiders crawl web sites identify content and then send it back to the search engine for indexing). • Spiders cannot get onto the TOR network and are denied access to hidden services on TOR. • So the content of dark net sites cannot be found in the normal way.
  • 27. No. 2 Web browsers can’t reach them • The name of a web site is designed for people. • These are translated into computing language by a computer called a Domain Name Server (DNS) this contains a list of where the web site is stored for a particular name. • When you visit a website your browser consults this list and brings up the correct site. • Onion sites do not register with the official DNS registry so cannot be found. • A normal browser will not know what to do with the address to be able to reach the website. • Instead TOR browsers send a encrypted message to TOR servers – this goes through a multistep process before revealing allowing the browser to display the page.
  • 28. Disadvantages of TOR… • Speed – because of the complex encryption it can be slow. Watching video not really an option. • Alternatives using p2p eg Ip2 are faster. • The slow speed makes sit vulnerable to traffic analysis – they can see continually slow interactions, isolate them and see if anything can be gleaned from them. • Security – recently some big attacks have been made public- traffic analysis possible - some even argue that though the ideas are strong the implementation has been ‘holed’. • If all three nodes are owned by the same person your id is revealed. • If your data is not encrypted the exit node sees everything you send – user names for accounts. These will of course help to reveal who you are… • It can be blocked – the Great Firewall of China (legislative and technical means to limit China’s internet interaction with the outside world) has stopped TOR services working in China. (Iran has blocked it however)
  • 29. Conclusion • A partial solution to traffic analysis problem for anonymity. • Needs other actions to fully work. • Relies on encryption technology. • Very useful for journalists and similar. • Also used by deviants to establish new markets – more on this next week.