Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


pointertovoid

Tor is defeated

Recommended Posts

Sad, but... From my observations, Tor is defeated in Europe.

I'm covertly censored on one newspaper's blog. First noticed as some keywords combined with my name triggered an automatic censorship that raised a false "error 503" (further experiments showed that my messages passed through without my name, or by reformulating the contents, while my name and the keywords repeatably trigger the so-called error 503, even by retrying seconds apart).

For some time I could continue posting by using other names.

Then my IP address was censored, but I could go on by hiding my IP address using Tor. Just like in any other dictatorship, you know.

Since Bernard Cazeneuve's visit to De Maizière and the subsequent European agreement (to combat terrorism of course), even Tor doesn't get through.

From my observations, it could be that the European governmental agencies have identified nearly all the nodes of the Tor network. Keep also in mind that the Tor team now advises not to use it.

  • Like 1

Share this post


Link to post
Share on other sites

14 hours ago, pointertovoid said:

Keep also in mind that the Tor team now advises not to use it.

Can we have a link of some sort? This gets interesting...

Share this post


Link to post
Share on other sites

And no, I can't find a link, because my memories were wrong. The Tor team recommends Tor as it always did. Complete and sincere apologies.

What stays is that the newspaper's blog can presently censor me despite Tor.

Share this post


Link to post
Share on other sites

TOR is a US government system, so it has always been "not safe" for those who wish to hide from the government. Over the years, many times people have said TOR is compromised and not to use it. The most recent that I can tell is when the FBI took the Freedomhost domains and used malware to track site visitors.

Share this post


Link to post
Share on other sites
On 1/17/2017 at 1:48 AM, pointertovoid said:

Sad, but... From my observations, Tor is defeated in Europe.

Yes, I live in the hell-hole that is known as the UK and TOR connections by straightforward means -- launch TOR browser and off you go -- stopped working for me about a year and a half ago. I'm no expert in the area, just took it that UK "authorities" were now onto it and blocking it somehow, naturally I would suspect this would require the in secret co-operation of your ISP.

Eventually I found out that I could try using the "obfuscation" methods built into TOR to try and make connection into TOR relays. None of them worked for me. Then I tried using the built-in "meek-bridges" -- they worked. So whoever is doing the blocking is, for now, unable to do so for the meek-bridges, or they are holding off on doing so for some reason. That said, the latest version of TOR (TOR Browser v7.5.5) has removed meek-amazon owing to some bug. So, for now, only meek-azure option is available for me. Funny TOR flags their meek bridges as "(works in China)". Yeah, right! I live in the land of the "free" UK and I have to use it too! What!

In all, Pointertovoid, I think your suspicion that European authorities are working on blocking TOR fully are well founded. It was an object lesson to me in distrust of my local "authorities" when in TOR browser I had to tick, "Tor is censored in my country." Big lesson learnt there!

I wonder what it is they after though? Just don't like folks being able to browse in private? Or are they really after shutting-down the dark-net? Or both of these things, of course. Whatever the case, I'm sure there is more of this kind of sh** in the pipeline. Dark days for internet freedom are developing fast now and a lot of it being "legitimated" by governments under the guise of "anti-terrorism" protections for its own citizens. Aye, right! No kidding!

Edited by Radish

Share this post


Link to post
Share on other sites

There is not so much of TOR "exit nodes" to not block them all by their IPs. Any website administrator can do this if he want. So, despite that TOR (if used properly) is effective in hiding your identity, it can't guarantee you to pass censorship.

Share this post


Link to post
Share on other sites
11 hours ago, Yellow Horror said:

There is not so much of TOR "exit nodes" to not block them all by their IPs. Any website administrator can do this if he want. So, despite that TOR (if used properly) is effective in hiding your identity, it can't guarantee you to pass censorship.

I'm using Tor and I2P side-by-side and they both get the job done. I use Pale Moon with (Tor) instead of the (TOR Browser) and so far no issues. Interesting combination.

Share this post


Link to post
Share on other sites
14 hours ago, Yellow Horror said:

There is not so much of TOR "exit nodes" to not block them all by their IPs. Any website administrator can do this if he want. So, despite that TOR (if used properly) is effective in hiding your identity, it can't guarantee you to pass censorship.

As said before, if I just launch Tor (Browser) and try to get it to connect via its standard means (without using a meek-bridge) I get an error message of the following type every time: "Tor failed to establish a Tor Network connection. Connecting to the Tor network failed (insufficient resources - 167.114.35.107.443)." (The IP address can be different but the error message is always the same.)

If I try to connect to Tor network using the "obfuscation" means available I get the following results:

obfs4 > "Establishing an encrypted directory connection" > (leave it trying to connect for a few minutes and the result is: nothing happens, cant establish a connection, Tor Browser doesn't open.)

obfs3 > Establishing an encrypted directory connection > (Result: same as for obfs4)

fte > Establishing an encrypted directory connection > (Result: same as for obfs4)

It's not any area I have expertise in but my reading these results are saying that Tor (Browser) can't connect to the Tor network at all (unless I use a "meek-bridge"). If that is correct reasoning then, at least for me, something is deliberately preventing a connection to the Tor network. I would think "authorities" and my ISP would be involved in the blocking of Tor. Also this is happening before the Tor browser opens -- in fact there as complete failure of the browser to open. I just wonder if this UK-wide (or as Pointertovoid is suggesting Europe-wide) or is it, shock horror, only me! :w00t:

Share this post


Link to post
Share on other sites
5 minutes ago, Radish said:

I would think "authorities" and my ISP would be involved in the blocking of Tor.

You are almost right, but In fact, your ISP may block TOR connections even without being under direct pressure from "authorities".

You need also understand the difference between TOR "entry nodes" and "exit nodes".

"Entry node" allows you to connect the TOR network. Your ISP can block "entry nodes" by their IPs because all of them are public. If you can't connect one of "entry nodes", you can't use TOR without help of a "bridge", which is (in a simplified view) a nonpublic "entry node" which IP is unknown to your ISP. If you can connect to the TOR, you can access any of the .onion websites. There is no censorship inside TOR.

But, if you use TOR to connect a "conventional" website (to be anonymous or to pass a government's firewall like Great China Firewall or russian Roscomnadzor), you need also help from a TOR "exit node". "Exit node" allows your connection to pass from TOR to "conventional Internet" again. And the connection may be rejected by the target website just because it is coming from the TOR. All the "exit nodes" IPs are public, and there is no "exit bridges" or another tech in the TOR that can pass such a target website "censorship".

  • Like 1

Share this post


Link to post
Share on other sites
1 hour ago, Radish said:

Also this is happening before the Tor browser opens -- in fact there as complete failure of the browser to open.

In fact, the "TOR browser" is a specially configured Firefox with some privacy protection mods preinstalled and preconfigured proxy settings. The essential part of the TOR is the proxy service that starts before the browser to establish connection to the TOR network. So, if there is a trouble to connect TOR, the TOR browser won't start. The TOR proxy service can be configured to work without the TOR browser, and you can configure your preferred browser to use with it. But this isn't recommended because any of the popular browsers reveal your identity unless carefully modded and configured (which is already done to the TOR version of Firefox).

  • Like 1

Share this post


Link to post
Share on other sites

Okay, Yellow, thanks very much for the clarification. However, I'd think that Virgin Media wouldn't be blocking Tor without pressure from the "authorities". (Could be wrong in that but I doubt it.)

Whatever the case, though, do you, or anyone else, know if there is any inherent security risk to the Tor user by having to use meek-bridges?

Edited by Radish

Share this post


Link to post
Share on other sites
1 hour ago, Radish said:

Whatever the case, though, do you, or anyone else, know if there is any inherent security risk to the Tor user by having to use meek-bridges?

As far as i know, not. Using bridges do not add any extra risk to using TOR in general. A bridge may be compromised, but same is true about any TOR node. And control of just your entry node or bridge do not give the attacker any info except that you exactly use TOR, when, and how much.

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...