Mozilla Dusts Off Old Servers, Lights Up Tor Relays 80
TechCurmudgeon writes According to The Register, "Mozilla has given the Tor network a capacity kick with the launch of 14 relays that will help distribute user traffic. Engineers working under the Foundation's Polaris Project inked in November pulled Mozilla's spare and decommissioned hardware out of the cupboard for dedicated use in the Tor network. It included a pair of Juniper EX4200 switches and three HP SL170zG6 (48GB ram, 2*Xeon L5640, 2*1Gbps NIC) servers, along with a dedicated existing IP transit provider (2 X 10Gbps). French Mozilla engineer Arzhel Younsi (@xionoxfr) said its network was designed to fall no lower than half of its network capacity in the event of maintenance or failure. The Polaris initiative was a effort of Mozilla, the Tor Project and the Centre for Democracy and Technology to help build more privacy controls into technology."
Re: (Score:1)
the system designed by government to protect against other governments
FTFY
LOL ... what? (Score:4)
LOL ... geez, I wish I had something like that just laying around in a cupboard.
Sheeee-it.
Re:LOL ... what? (Score:5, Funny)
Ah, but it comes with a catch. These are Mozilla servers.The AX (Administrator Experience) team has made regular improvements to them every month. As of this writing, the case has been modified so that it has no front-panel status display (not even a status bar of LEDs to show temperature and system load), and the case has been modified so that the power button is operated by a foot pedal, and next week the fiber/ethernet ports will be covered over with a 2-inch thick layer of beautifully minimalistic white epoxy laboriously hand-polished to a glossy sheen.
Re:LOL ... what? (Score:5, Funny)
*bites lip* Oh, keep talking nerdy to me.
Re: (Score:2)
*bites lip* Oh, keep talking nerdy to me.
Time to "dust off" the old "server", I presume?
Re: (Score:1)
tor clients connecting to these servers will need the 'classic tor restorer' plugin to restore basic functionality.
Re: (Score:2)
You had me at Mozilla
Re: (Score:3)
It's older gear that is not that expensive. [ebay.com] Not bad, but not exactly bleeding edge.
I'm not criticizing; this is more than I've donated to the cause.
Re: (Score:1)
That's the best they could come up with from their scrap pile? *puke* They'll pay more for power over the next 3 years than it would cost them to buy some decent enterprise-level servers with real switches.
The EX-4200 is great, for a basic SOHO or OOB switch, but I wouldn't use it where any real connectivity was required.
Re:Why make enemies of goverments? (Score:5, Insightful)
Mozilla has just given the world governments very own honeypot a great boost in capacity. Why would that make them an enemy?
Re: (Score:1, Interesting)
I see the propaganda has worked well on you, and you actually believe that Tor is only used by criminals.
Re: (Score:2)
Do you see how your statement defeatz itself in context?
He did not say only criminals use it, he said criminals love to use it. Also, as long as that is the theme being pushed by the governments (propaganda), his point is still valid as governments and law enforcement are demonizing it and it will make them the enemy.
Re: Why make enemies of goverments? (Score:1)
Funny how all the Tor apologists claiming the government as enemy number one always gloss over the fact that the project was initiated by and receives funding from the US government. It's in the american's best interest to play it publicly like Tor is some dangerously effective tool...Anonymous members, the Silk Road, all kinds of arrests being made and information being collected. All from a tool that purports to provide anonymity to a user that follows a careful list of instructions on how to browse "safe
Re: (Score:2)
Re: (Score:2)
I have a balaclava (ski mask) that I have used when outside in the winter. Keeps my face warm. I like it.
Also criminals use them because it hides your face well. From eyes as well as the cold.
So if I'm out walking around wearing a ski mask don't assume I'm a criminal.
Oh wait, this is slashdot - I should have made a car analogy!
Re: (Score:2)
And I bet you have throwing stars and walk around pretending you are a ninja too.
No one said if you use TOR you would be a criminal. They said criminals use TOR so governments dislike it. Now, do you think the corner drug store clerk doesn't like you walking in wearing your ninja mask? I would bet he has no problem with you personally, just when you dress up like a crook trying to rob the store.
Re: (Score:2)
And I bet you have throwing stars and walk around pretending you are a ninja too.
No one said if you use TOR you would be a criminal. They said criminals use TOR so governments dislike it. Now, do you think the corner drug store clerk doesn't like you walking in wearing your ninja mask? I would bet he has no problem with you personally, just when you dress up like a crook trying to rob the store.
ok, lets continue the analogy.
If I walk into a store wearing a ski mask, and don't take it off, I think it would make most people nervous. It's strange behavior.
If I visit a website using TOR, what happens? For one, they won't know who I am unless I have cookies or log in.
Will they freak out? Will they be nervous?
Re: (Score:2)
Still doesn't prevent anyone from not liking TOR. But you are correct, no one would know who you were which was the point- you are not a criminal because you use it, but it still allows people to dislike it.
Oh and it might make some people a little more than nervous [nydailynews.com] if you walked into a store wearing a ski mask.
Re: (Score:2)
It doesn't really matter as it is outside any point made. 20 people, one person, or no one at all, it does not make someone a criminal but it doesn't mean the clerk or store owner can hate ski masks.
Re: (Score:2)
the AC's extension of the analogy is actually really good - It's probably a pretty good way of looking at encryption, VPN, and TOR.
Say it's really really cold out, like an "arctic vortex" kind of condition, which is the state of the internet right now with surveillance and monitoring.
So everyone needs to wear their ski masks to go out, if they're smart. So it would be wrong to prevent people from walking around in ski masks.
But someone ... likely there IS someone ... is up to no good who is ALSO wearing a s
Re: (Score:3)
It's not that only criminals use Tor, it is more like criminals use only Tor.
Re:Why make enemies of goverments? (Score:5, Insightful)
Short answer: Because they're there.
Long answer: What you don't seem to understand is that none of us owe any of the world's governments a goddamn thing. They govern with our sufferance. Their continued existence depends entirely on our reluctance to face the consequences of overthrowing them. They need us more than we need them. Therefore, the world's governments should remember their place while they still have one.
Re:Why make enemies of goverments? (Score:4, Insightful)
Because when the state makes its enemies based on whether or not their legitimate use of technology annoys them, then the state deserves enemies.
You are evaluating the situation in a vacuume. If everyone took that approach then the government just gets whatever it wants out of fear. Giving in to that and making decisions based on it, encourages such rule by fear attitudes.
Re: (Score:3)
So what? Tor is perfectly legal. The use of Tor doesn't say anything about you other than you are using Tor. Anyone who thinks it implies something nefarious or criminal is going on is fucked in the head.
Re: (Score:1)
Yes, why resist tyranny? You might lose your watered down beer and tv football privileges.
Payed by who? (Score:2)
"Whom surely", sorry couldn't resist.
But seriously, did they do this out of the goodness in their hearts, or did someone pay for it? Yahoo payed them enough to switch the default search engine, what three letter agency would pay for them to do this and get free monitoring, of a huge tor network chunk?
Re: (Score:2)
Re: (Score:2, Informative)
Honestly, lately I find Firefox to be more of a memory pig than Chrome ... as of the last update to Firefox grows to using 2GB of RAM after a few hours, instead of staying under 1GB after several days.
Because every developer apparently feels that all of my memory is there for just them.
Yeah, Mozilla, I'm looking at you guys -- that's just sloppy.
Re: (Score:1)
I bet you'd be the first to complain if Firefox capped it's cache at 256MB making it unusably slow.
Relays, not exit nodes (Score:5, Informative)
Apparently, Mozilla is considering [ycombinator.com] eventually deploying exit nodes as well though.
Finally, for those that will scream "child porn", it should be noted that a very, very small minority [wired.com] of tor traffic is actually linked to that type of content, despite what the DoJ says; the best estimates from the tor project is around 1.5%. This move by Mozilla is a good thing - amongst other things helping countless defenders of freedom in oppressed regimes speak up in safety.
Re: Relays, not exit nodes (Score:4, Insightful)
how does the DoJ know what percentage of ANYTHING is going through it
That's an easy one: they make that number up, to spread FUD about it. And read the article I linked, BTW (and the source it links): the number in question has been easily disproved, with a relatively simple analysis of hidden services' hostnames resolution. Tor is not the USA's tool - it is an open source, publicly available software that was originally financed by part of the US government, period.
I realize all the Snowden revelations have made lots of people a bit paranoid (which is a good thing, mostly); but the fact is, it is extremely unlikely that tor is compromised in any serious way. Barring human error, tor works, mostly - there are some attacks possible, and there are demonstrated attempts by the NSA and others to compromise it (with some extremely limited results, both in their scope and in their duration); however, I have not seen any shred of evidence suggesting that it has been compromised in any serious way. This growing meme that "tor is broken for good", and the larger one that "if it's connected to a network, it's accessible by the NSA" is simply bullshit.
The thing is, in all likelihood, tor works. GPG works. If you encrypt something with GPG and the key is not available to them, even the most powerful security agency on the planet will not be able to read it. The advances both in basic mathematics and/or computing required to break those are so extreme that it would be very, very hard to hide it. And nothing in the Snowden leaks has suggested that those have been broken - quite the contrary, in fact, since several of the revealed documents suggest that tor and the growing encryption usage are a serious problem to those agencies.
That doesn't mean that it'll stay that way, mind; personally, I think that some sort of quantum computing might be in reach of those same agencies in a few years (and they are dumping and storing all the encrypted, non-breakable traffic they can in the meantime, I imagine waiting for this day) - and even that personal opinion will seem paranoid and far fetched to most experts in the field. But in the meantime, the most likely hypothesis is simply that those encryption algorithms and protocols are still secure. If you have any shred of evidence that is not the case, please link those - I'd genuinely appreciate it.
And finally, about Ulbricht and the other dark net markets taken down more recently: all of those have been clearly linked to human error, from corroborating testimonies from several parties. So sure, you can believe that this is entirely parallel construction, and you can also believe that Obama and most of the five eyes countries are bitching about encryption more and more to present a plausible deniability front while decrypting everything in the background; but right now, once again, there's nothing public even hinting at that.
Re: (Score:2)
Re: (Score:2)
That's easy: you set up an exit node and watch the traffic going by.
Tor only promises to protect the data as it travels between your computer and the exit node. If you want protection after that, you'd better use SSL.
Re: (Score:2)
Comment removed (Score:5, Interesting)
Re: (Score:3)
I2P is (or seems) good for anonymously accessing eePsites, but it's not particularly useful [geti2p.net] for general browsing. And as of now there only seems to be one outproxy, which makes it even worse.
Re:Can we please get the fuck off TOR (Score:4, Insightful)
There is nothing wrong with TOR other than not enough people are providing capacity. The biggest reason the government can attack TOR is that the number of relays and nodes is so pathetically small as to make it trivial to attack it for a large well funded organization. And your suggestion is to reduce the effectiveness of TOR even more AND put your trust in a system in which the developers themselves can't guarantee it's secure because it's never been audited, unlike TOR, and operates on the exact same principles and methods.
You sir are a fool.
Of I2P, freenet, Tor and all the others TOR is the only one with good financial backing and an audited codebase that more than 3 people have looked at. I2P on the other hand is built on Java with literally one developer and is even smaller of a network, and likely suffers the exact same weaknesses as TOR, the most important of which is that the smaller the number of machines connected the easier it is to crack and track the network encryption and routing.
Re: (Score:3)
I2P cant be used to access google and the general internet. Tor can be. So you should be using Tor, just keep in mind that anything unencrypted can and will usually contain malicious content. Even if not by the spooks, people change stuff for lolz, and monitor stuff for research and lolz. It doesnt mean tor is not good. It is just something you have deal with.