Does boards.ie block TOR?

Daegerty

Sometimes I run a TOR exit node and a while after boards won't load for me at all. This continues until days after I close the TOR node (even though it doesn't exit to Port 80).

Does boards block it or am I doing something wrong?

Conor

Yes. The vast, vast majority of traffic coming from Tor was spam or other abuse.

I'd love to have a better solution for dealing with the problem but until such time as Tor is used more for good than for evil it will stay blocked.

Conor

Just to add: we do the same thing for any "normal" proxy server where the bad traffic greatly outweighs the good.

Black Swan

Why use TOR? It is no longer secure (if it ever was). Several years ago I used TOR to access boards and often got timed-out during high traffic periods through random hubs. Do you need additional layers of security (anonymity) when accessing boards for some reason? If so, there are several more efficient and effective methods besides TOR.

Didn't know that... Was considering using it to get around the Vietnam Facebook block but never got around to it.
Might use a VPN instead since proxies are getting annoying.


Black Swan, how could it be less secure out of interest?

Hal Emmerich

Want Tor to really work?

...then please don't just install it and go on. You need to change some of your habits, and reconfigure your software! Tor by itself is NOT all you need to maintain your anonymity. There are several major pitfalls to watch out for:

1. Tor only protects Internet applications that are configured to send their traffic through Tor — it doesn't magically anonymize all your traffic just because you install it. We recommend you use Firefox with the Torbutton extension.
2. Torbutton blocks browser plugins such as Java, Flash, ActiveX, RealPlayer, Quicktime, Adobe's PDF plugin, and others: they can be manipulated into revealing your IP address. For example, that means Youtube is disabled. If you really need your Youtube, you can reconfigure Torbutton to allow it; but be aware that you're opening yourself up to potential attack. Also, extensions like Google toolbar look up more information about the websites you type in: they may bypass Tor and/or broadcast sensitive information. Some people prefer using two browsers (one for Tor, one for non-Tor browsing).
3. Beware of cookies: if you ever browse without Tor and a site gives you a cookie, that cookie could identify you even when you start using Tor again. Torbutton tries to handle your cookies safely. CookieCuller can help protect any cookies you do not want to lose.
4. Tor anonymizes the origin of your traffic, and it encrypts everything between you and the Tor network and everything inside the Tor network, but it can't encrypt your traffic between the Tor network and its final destination. If you are communicating sensitive information, you should use as much care as you would on the normal scary Internet — use HTTPS or other end-to-end encryption and authentication. HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites.
5. While Tor blocks attackers on your local network from discovering or influencing your destination, it opens new risks: malicious or misconfigured Tor exit nodes can send you the wrong page, or even send you embedded Java applets disguised as domains you trust. Be careful opening documents or applications you download through Tor, unless you've verified their integrity.
6. Tor tries to prevent attackers from learning what destinations you connect to. It doesn't prevent somebody watching your traffic from learning that you're using Tor. You can mitigate (but not fully resolve) the risk by using a Tor bridge relay rather than connecting directly to the public Tor network, but ultimately the best protection here is a social approach: the more Tor users there are near you and the more diverse their interests, the less dangerous it will be that you are one of them.
7. Do not use BitTorrent and Tor together unless you are using a system like TAILS.

Be smart and learn more. Understand what Tor does and does not offer. This list of pitfalls isn't complete, and we need your help identifying and documenting all the issues.

Number 5, when using Tor you are sent from router to router and whoever hosts the node at the end can if they want see what your at.

wikipedia

Weaknesses

Like all current low latency anonymity networks, Tor cannot and does not attempt to protect against monitoring of traffic at the boundaries of the Tor network, i.e., the traffic entering and exiting the network. While Tor does provide protection against traffic analysis, it cannot prevent traffic confirmation (also called end-to-end correlation).[24][25]
Steven J. Murdoch and George Danezis from University of Cambridge presented an article[26] at the 2005 IEEE Symposium on security and privacy on traffic-analysis techniques that allow adversaries with only a partial view of the network to infer which nodes are being used to relay the anonymous streams. These techniques greatly reduce the anonymity provided by Tor. Murdoch and Danezis have also shown that otherwise unrelated streams can be linked back to the same initiator. However, this attack fails to reveal the identity of the original user.[26] Murdoch has been working with - and has been funded by - Tor since 2006.
In March 2011, researchers with the Rocquencourt, France based National Institute for Research in Computer Science and Control (Institut national de recherche en informatique et en automatique, INRIA) have documented an attack that is capable of revealing the IP addresses of BitTorrent users on the Tor network. The "bad apple attack" exploits Tor's design and takes advantage of insecure application use to associate the simultaneous usage of a secure application with the IP address of the Tor user in question. One method of attack depends on control of an exit node or hijacking tracker responses, while a secondary attack method is based in part on the statistical exploitation of distributed hash table tracking.[27] According to the study:

This attack against Tor consists of two parts: (a) exploiting an insecure application to reveal the source IP address of, or trace, a Tor user and (b) exploiting Tor to associate the usage of a secure application with the IP address of a user (revealed by the insecure application). As it is not a goal of Tor to protect against application-level attacks, Tor cannot be held responsible for the first part of this attack. However, because Tor’s design makes it possible to associate streams originating from secure application with traced users, the second part of this attack is indeed an attack against Tor. We call the second part of this attack the bad apple attack. (The name of this attack refers to the saying 'one bad apple spoils the bunch.' We use this wording to illustrate that one insecure application on Tor may allow to trace other applications.)[27]

The results presented in the bad apple attack research paper are based on an actual attack in the wild launched against the Tor network by the authors of the study. The attack targeted six exit nodes, lasted for 23 days, and revealed a total of 10,000 IP addresses of active Tor users. This study is particularly significant because it is the first documented attack designed to target P2P file sharing applications on Tor.[27] BitTorrent may generate as much as 40% of all traffic on Tor,[28] which means a significant number of Tor users are potentially at risk. Furthermore, the bad apple attack is effective against insecure use of any application over Tor, not just BitTorrent.[27]


In September 2007, Dan Egerstad, a Swedish security consultant, revealed that he had intercepted usernames and passwords for a large number of email accounts by operating and monitoring Tor exit nodes.[29] As Tor does not, and by design cannot, encrypt the traffic between an exit node and the target server, any exit node is in a position to capture any traffic passing through it which does not use end-to-end encryption such as TLS.



While this may or may not inherently violate the anonymity of the source if users mistake Tor's anonymity for end-to-end encryption they may be subject to additional risk of data interception by self-selected third parties.[30] (The operator of any network carrying unencrypted traffic, such as the operator of a wifi hotspot or corporate network, has the same ability to intercept traffic as a Tor exit operator. End-to-end encrypted connections should be used if such interception is a concern.) Even without end-to-end encryption, Tor provides confidentiality against these local observers which may be more likely to have interest in the traffic of users on their network than arbitrary Tor exit operators.

Nonetheless, Tor and the alternative network system JonDonym (Java Anon Proxy, JAP) are considered more resilient than alternatives such as VPNs.



Were a local observer on an ISP or WLAN to attempt to analyze the size and timing of the encrypted data stream going through the VPN, Tor or JonDo system, the latter two would be harder to analyze as demonstrated by a 2009 study.[31]
Researchers from INRIA showed that Tor dissimulation technique in Bittorrent can be bypassed.[32]

Going by the Wiki page if you can set up TLS right it should be secure, should.

Or something.

Daegerty

Black Swan wrote: »

Why use TOR? It is no longer secure (if it ever was). Several years ago I used TOR to access boards and often got timed-out during high traffic periods through random hubs. Do you need additional layers of security (anonymity) when accessing boards for some reason? If so, there are several more efficient and effective methods besides TOR.

No I was running an exit node for the people who might need it, wasn't actually using tor to access boards. Have used it recently and the speeds are not bad

I blocked port 80 outgoing as well as the standard outgoing ports that TOR blocks because I have no interest in forwarding people's unencrypted traffic

What does boards use for it's list of tor nodes, how regularly is it updated? When I go away from the house I'm inclined to leave it on as the bandwidth would be going to waste otherwise if I'm not seeding something

Conor

Daegerty wrote: »

What does boards use for it's list of tor nodes

One of the publicly-accessible lists of Tor exit nodes. I'm not going to go into more detail than that, sorry.

Daegerty wrote: »

how regularly is it updated?

Currently daily, but making that more frequent is on my list of things to do. I probably won't update more often than hourly though.

Wolfe Tone

Black Swan wrote: »

Why use TOR? It is no longer secure (if it ever was). Several years ago I used TOR to access boards and often got timed-out during high traffic periods through random hubs. Do you need additional layers of security (anonymity) when accessing boards for some reason? If so, there are several more efficient and effective methods besides TOR.

Out of interest what would they be?

nesf

Wolfe Tone wrote: »

Out of interest what would they be?

VPN would be one. Plenty of free ones out there, better paid services out there too if you feel the need for downloading anything substantial.

Conor

Conor wrote: »

Currently daily, but making that more frequent is on my list of things to do. I probably won't update more often than hourly though.

It's now every 4 hours.

Black Swan

Wolfe Tone wrote: »

Out of interest what would they be?

VPN, NAT, anonymous proxy server, FF switchproxy, ip randomizer, shadow network, free wifi hotspots, piggybacking with permission of license holder, and the list goes on and on. Some ISPs offer ip randomization. In some cases you can use combinations to add more layers, or switch from one to another. Of course, there are some stealth methods we cannot discuss on boards.