Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,950 --> 00:00:08,220 We're going to talk through the whole weaknesses now and what might de anonymize you and what finally 2 00:00:08,220 --> 00:00:16,830 you can do about it to get some insight into how the NSA and GCH Q view the anonymising Tor or at least 3 00:00:17,040 --> 00:00:19,920 how they viewed it in 2013. 4 00:00:19,920 --> 00:00:22,410 We can look at this document here. 5 00:00:22,440 --> 00:00:31,320 One of the leaked presentations we go down here we will never be able to do anonymize all users all 6 00:00:31,320 --> 00:00:39,380 the time but with manual analysis we can deal anonymize a small fraction of Tor users. 7 00:00:39,420 --> 00:00:46,650 The statement I think is still relatively true although they will be moving away from manual analysis 8 00:00:46,950 --> 00:00:51,210 towards more automated analysis as time goes by. 9 00:00:51,300 --> 00:00:58,110 But if you are a target or what you do or where you go makes you a target. 10 00:00:58,110 --> 00:01:01,910 You could be part of that small fraction. 11 00:01:02,040 --> 00:01:08,110 So let's go through some of the weaknesses and what you might do to mitigate them. 12 00:01:08,130 --> 00:01:15,630 So the first point toll is high profile many nation states intelligence agencies have declared war on 13 00:01:15,630 --> 00:01:22,190 Tor and will spend serious time and resources attempting to deal anonymize the users. 14 00:01:22,260 --> 00:01:28,910 These agencies are concerned about what they can't see what you're doing and why. 15 00:01:29,040 --> 00:01:37,230 You paint a target on your back by even using tool and will get placed on automatic profiling lists 16 00:01:37,380 --> 00:01:44,760 plus attacks against Tor or an active area of academic and security research. 17 00:01:44,820 --> 00:01:49,140 Tor is high profile there's no doubt about that. 18 00:01:49,200 --> 00:01:57,450 Tor is also complex and complexity is the nemesis of security and breeds mistakes that all browser is 19 00:01:57,450 --> 00:02:03,990 a good attempt to make Tor appear and be much more simple to the average user. 20 00:02:03,990 --> 00:02:11,700 But it's easy to get all wrong if you start making special configurations in that talk file or various 21 00:02:11,760 --> 00:02:12,840 other changes. 22 00:02:13,020 --> 00:02:19,040 And to be really safe when the consequences are high you do need to make some changes. 23 00:02:19,110 --> 00:02:26,030 Two examples of changes you need to make or warm you need to better isolate that or browser. 24 00:02:26,050 --> 00:02:29,270 I.e. just installing it in your standard operating system. 25 00:02:29,310 --> 00:02:30,730 That's really no good at all. 26 00:02:30,780 --> 00:02:35,730 And two you need better purging of the browser recorded data. 27 00:02:35,790 --> 00:02:39,020 The tool browser does an excellent job of removing that data. 28 00:02:39,120 --> 00:02:42,950 But for me it's not good enough when the stakes are high. 29 00:02:43,320 --> 00:02:45,130 So let's cover these two issues. 30 00:02:45,130 --> 00:02:51,350 Now the browser is not sufficiently isolated from exploitation. 31 00:02:51,360 --> 00:03:00,660 Nation states will spend serious time and resources in buying and developing exploits for the Tor Firefox 32 00:03:00,660 --> 00:03:01,550 browser. 33 00:03:01,560 --> 00:03:11,960 We know the NSA FBI and GCH Q use the quantum system Fox acid an egotistical giraffe to actively compromise 34 00:03:11,970 --> 00:03:22,560 browsers selected extracts from here show details of how the NSA is egotistical giraffe is used to attack 35 00:03:22,590 --> 00:03:24,590 Tor users. 36 00:03:24,590 --> 00:03:28,940 We also know the U.S. agencies had success in August 2013. 37 00:03:28,950 --> 00:03:37,770 The Firefox browser in many older versions of the Tor browser was vulnerable to a javascript type attack 38 00:03:37,860 --> 00:03:43,000 as no script was not enabled and is still not enabled by default. 39 00:03:43,050 --> 00:03:51,210 Once exploited the victims machines would then send the MAC address an IP address and Windows computer 40 00:03:51,210 --> 00:03:53,280 name to the attackers. 41 00:03:53,280 --> 00:03:56,880 Note this only targeted Windows users. 42 00:03:56,970 --> 00:04:04,000 So we should make the general assumption that serious nation states will have exploits for the Tor browser 43 00:04:04,260 --> 00:04:07,330 or if they don't they certainly may do tomorrow. 44 00:04:07,410 --> 00:04:14,610 If your adversary is a serious Nation-State then your security and privacy settings should be on high 45 00:04:15,030 --> 00:04:16,770 javascript disabled. 46 00:04:16,770 --> 00:04:25,910 Never any active content such as Java JavaScript Adobe Flash Adobe shockwave quick time reload Active-X 47 00:04:25,950 --> 00:04:26,950 etc.. 48 00:04:27,150 --> 00:04:31,030 Don't install extensions in plugins unless you really know what you're doing. 49 00:04:31,050 --> 00:04:36,570 You need the smallest attack surface in your browser but even that's not good enough. 50 00:04:36,570 --> 00:04:42,870 Never install the browser on your main operating system and especially not on Windows and especially 51 00:04:42,870 --> 00:04:48,100 not on Windows 10 your main operating system is a soft target. 52 00:04:48,100 --> 00:04:52,600 You need to use isolation and compartmentalization. 53 00:04:52,600 --> 00:05:00,760 Look at that section in this course which provides details on how to provide isolation and compartmentalization 54 00:05:00,760 --> 00:05:08,300 for your browser by using things like virtual machines sandboxes physical isolation cubes. 55 00:05:08,350 --> 00:05:18,010 You can see here and so on to create the isolation for the browser or even use dedicated securely built 56 00:05:18,100 --> 00:05:20,090 devices for your isolation. 57 00:05:20,200 --> 00:05:23,350 Never install that whole browser on your main operating system. 58 00:05:23,440 --> 00:05:30,490 If the consequences are high you need isolation and the isolation also needs to be hard and I consider 59 00:05:30,820 --> 00:05:37,840 browser exploits one of the biggest risks for the anonymising new that you have to mitigate if you're 60 00:05:37,840 --> 00:05:41,050 just running the Tor browser in Windows. 61 00:05:41,050 --> 00:05:43,000 That's just not a good idea. 62 00:05:43,060 --> 00:05:49,050 Issue the Tor browser is exploitable mitigate through isolation. 63 00:05:49,090 --> 00:05:56,110 The second issue I mentioned the lack of browser non-persistent the browser is persistent. 64 00:05:56,230 --> 00:06:01,630 So all the data it collects has to be deleted according to tool. 65 00:06:01,660 --> 00:06:10,360 After closing all tabs they then emit browser code on purge session history which instructs Adams and 66 00:06:10,360 --> 00:06:17,250 various Firefox components to clear their session state and then manually clear the following state 67 00:06:17,260 --> 00:06:23,670 search box and find box Tex Hayes ETP or SSL state OSI as peace day. 68 00:06:23,680 --> 00:06:31,660 Site specific content preferences including hate vs TS state content and image cache off line cache 69 00:06:31,720 --> 00:06:39,820 off line storage Cookie's crypto tokens Dohme storage the safe browsing key and the Google Wi-Fi geo 70 00:06:39,820 --> 00:06:42,490 location token if it exits. 71 00:06:42,610 --> 00:06:50,260 We all so clear no scripts site and temporary permissions and all other the site permissions. 72 00:06:50,260 --> 00:06:58,330 So that's a lot of things that are cleared but only non-persistent can a future proof against the next 73 00:06:58,530 --> 00:07:06,300 on known tracking threat that could be stored in your browser and not deleted relatively recently haziest 74 00:07:06,400 --> 00:07:14,470 TS was used to track browsers which was previously on known AV So relying on the whole browser to purge 75 00:07:14,470 --> 00:07:16,890 the browser data isn't good enough. 76 00:07:16,930 --> 00:07:20,920 If the consequences are high you need Norne persistence. 77 00:07:20,980 --> 00:07:27,910 You can get this through options like live operating systems such as tails and VM snapshots and you 78 00:07:27,910 --> 00:07:35,620 can also help mitigate this with special secure Dilley and hold this encryption or a combination of 79 00:07:35,740 --> 00:07:42,910 and what I mean by non-persistent is that the entire application and its data no longer exists anymore 80 00:07:42,920 --> 00:07:42,960 . 81 00:07:43,000 --> 00:07:45,210 And it goes back to its original state. 82 00:07:45,250 --> 00:07:49,290 After you are finished with it the browser fingerprint. 83 00:07:49,380 --> 00:07:56,140 It is obvious to an observer you are using the tool browser because it has a unique fingerprint which 84 00:07:56,440 --> 00:08:04,630 should make you look identical to all the other Tor users unless you do things like maximize your browser 85 00:08:04,640 --> 00:08:04,700 . 86 00:08:04,780 --> 00:08:07,110 So this is great for anonymity. 87 00:08:07,210 --> 00:08:10,200 In some ways but it makes you stand out. 88 00:08:10,290 --> 00:08:18,040 Anyone who is targeting all users and we know that all users are targeted in the examples of the NSA 89 00:08:18,340 --> 00:08:21,780 and DC-X Q with egotistical giraffe. 90 00:08:21,790 --> 00:08:28,270 So by using all this makes you a target and because they can't distinguish between people who they are 91 00:08:28,270 --> 00:08:30,640 actually interested in who they are not. 92 00:08:30,640 --> 00:08:41,350 This makes everyone using tor a target traffic confirmation or end and correllation attacks and in combination 93 00:08:41,350 --> 00:08:49,690 with civil attacks and or did us attacks so tall is a low latency anonymising service. 94 00:08:49,690 --> 00:08:54,030 This means the traffic has to get to the destination quickly and come back quickly. 95 00:08:54,030 --> 00:08:58,660 You can't wait five minutes for a response when you're browsing the web or you just going to get bored 96 00:08:58,660 --> 00:08:58,880 . 97 00:08:58,920 --> 00:09:00,030 You're not going to use Tor. 98 00:09:00,160 --> 00:09:08,110 As I've said previously all low latency anonymizing services VPN is towards on Dhanam are susceptible 99 00:09:08,110 --> 00:09:12,180 to traffic conformational and and correllation attacks. 100 00:09:12,190 --> 00:09:18,250 Let me read from the Tor blog traffic information attack is possible when the attacker controls or observes 101 00:09:18,580 --> 00:09:27,880 the relays on both ends of the Tor circuit and then compares traffic timing volume or other characteristics 102 00:09:28,180 --> 00:09:33,530 to conclude that the two relays are indeed on the same circuit. 103 00:09:33,550 --> 00:09:39,640 If the first relay in the circuit called the entry God knows the IP address of the user and the last 104 00:09:39,640 --> 00:09:47,630 relay in a circuit knows the resource or destination she is accessing then together they can deal anonymize 105 00:09:47,640 --> 00:09:54,340 her and you can read more about traffic confirmation attacks including pointers to many research papers 106 00:09:54,640 --> 00:09:57,070 on this blog post here. 107 00:09:57,430 --> 00:10:04,660 If we compare Tor to VPN which is not really an equal comparison in some way traffic information attacks 108 00:10:04,660 --> 00:10:10,950 are easier with Tor them with VPN and in other ways they are harder with Tor. 109 00:10:10,990 --> 00:10:16,710 It is not easy for an adversary to take control of VPN servers. 110 00:10:16,900 --> 00:10:23,650 Making it harder to correlate traffic and especially if the VPN is in a country out of the sphere of 111 00:10:23,740 --> 00:10:26,110 influence of your adversary. 112 00:10:26,110 --> 00:10:34,030 It is part of the design of Tor that anyone couldn't run a tall relay making it easier to do co-relation 113 00:10:34,030 --> 00:10:38,940 attacks on Tor if you act as a number of relays. 114 00:10:38,950 --> 00:10:45,370 An example of a similar attack is where you are running toll relays and clients to establish trust either 115 00:10:45,370 --> 00:10:50,260 by passively observing and or potentially injecting traffic. 116 00:10:50,260 --> 00:10:52,560 This is known as a simple attack. 117 00:10:52,570 --> 00:10:59,560 There is human oversight over the Tor network which could detect traffic ulcerations but this will not 118 00:10:59,560 --> 00:11:02,960 prevent passive observation in a single attack. 119 00:11:02,980 --> 00:11:10,150 It is in fact not part of the Tor design to defend against co-relation attacks although it does in some 120 00:11:10,150 --> 00:11:11,580 way do that. 121 00:11:11,590 --> 00:11:19,690 The big advantage for toll over VPN is in my initial comparison for traffic correllation attacks is 122 00:11:19,690 --> 00:11:26,120 that Tor has many many more nodes and uses than the average VPN service. 123 00:11:26,230 --> 00:11:29,860 Making co-relation a much larger problem. 124 00:11:29,860 --> 00:11:34,930 The larger the network gets the larger the tonette it gets the better. 125 00:11:34,930 --> 00:11:43,900 The anonymity it will provide and defense against co-relation and Sibylle attacks in combination and 126 00:11:43,900 --> 00:11:52,300 separately a notable civil attack in combination with a traffic confirmation attack was launched against 127 00:11:52,300 --> 00:12:00,850 the Tor anonymity network for several months in 2000 and 14 by unknown perpetrators. 128 00:12:00,910 --> 00:12:13,390 Probably the NSA or see a autonomous system an autonomous system is a collection of connected IP routing 129 00:12:13,390 --> 00:12:17,890 prefixes under the control of one or more network operator. 130 00:12:18,010 --> 00:12:23,950 That presents a common clearly defined routing policy to the Internet. 131 00:12:23,950 --> 00:12:30,230 They are uniquely identified as individual networks on the Internet and a. 132 00:12:30,250 --> 00:12:40,140 As an autonomous system a large telco or ISP might administer one of these autonomous systems. 133 00:12:40,210 --> 00:12:41,110 And why does this matter. 134 00:12:41,110 --> 00:12:49,510 You might ask well if your talk circuit and destination exist within a single A s the administrator 135 00:12:49,690 --> 00:12:57,730 of the A-S could perform a traffic confirmation attack on the entry and exit segments of the path and 136 00:12:57,730 --> 00:13:03,040 potentially infer the destination with which the client communicated. 137 00:13:03,040 --> 00:13:10,300 It is my personal opinion that traffic confirmation attacks especially in combination with a passive 138 00:13:10,510 --> 00:13:18,790 or active Sibylle attack i.e. running lots of relays and clients and watching and or changing the traffic 139 00:13:19,120 --> 00:13:25,600 is one of the most likely methods to deal anonymize you and your users going forward. 140 00:13:25,600 --> 00:13:32,280 They could also did us relays forcing their targets onto other relays. 141 00:13:32,290 --> 00:13:39,310 They own an adversary with sufficient means to have international influence would find it much easier 142 00:13:39,310 --> 00:13:40,200 to perform. 143 00:13:40,300 --> 00:13:48,910 Although just having enough resources is all they may require especially if they are targeting someone 144 00:13:49,000 --> 00:13:51,460 in particular. 145 00:13:51,460 --> 00:13:56,740 If you are interested more in traffic co-relation attack as a paper here traffic correllation on toll 146 00:13:57,070 --> 00:13:59,270 by realistic adversaries. 147 00:13:59,320 --> 00:14:04,310 You might want to give that a read if traffic co-relation attacks interest you 17004