AV-Portal 3.23.3 (4dfb8a34932102951b25870966c61d06d6b97156)

Onion adventures

Video in TIB AV-Portal: Onion adventures

Formal Metadata

Onion adventures
how to use onion services and the Tor network in your web endeavors
Title of Series
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date

Content Metadata

Subject Area
Tor is an important tool providing privacy and anonymity online. The Tor network itself is only a part of what Tor is. Tor also provides privacy at the application level through the Tor Browser. The Tor Browser was designed to provide privacy while surfing the web and defend users against both network and local forensic adversaries. The same properties can be adopted by applications and services wishing to integrate the tor network in their architecture. Furthermore, onion services provide better authentication and assurance of who you are talking to. With onion services Tor can provide bi-directional anonymity by making it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. This talk is going to explain how it is possible to integrate tor and build onion applications. or is an important tool providing privacy and anonymity online. The property of anonymity itself is more than just providing an encrypted connection between the source and the destination of a given conversation. Encryption only prevents the content of the communication between Alice and Bob from becoming known. There is in fact a lot of information that can still be learned by just observing encrypted communications. For example, it is always possible to guess certain information by learning some properties of the conversation beyond just the content, such as the length of the conversation, or who was involved, or even guessing a group of people that communicate with a certain frequency. These properties are called metadata and can be used to describe information even when the full data is not available. Anonymity is a broad concept, and it can mean different things to different groups. The main advertised property of the Tor network is that it provides strong anonymity given a variety of people using the network. For the Tor network to function properly and to satisfy users' needs, we need a certain degree of diversity. We need diversity in the nodes relays comprising the network and in the user population sending traffic through it. Lately, we have been introducing new traffic scheduling features in the network in order to solve problems, reduce congestion, and improve overall performance. The Tor network itself is only a part of what Tor is. Tor also provides privacy at the application level through the Tor Browser. Other applications can also make use of the Tor network to be more secure. Onion services provide better authentication and assurance of who you are talking to. In this case, Tor can provide bi-directional anonymity by making it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. This talk is going to introduce what it does mean to do web development with privacy in mind. We will start by presenting a few example of applications that use onion services and follow up with tips on how to integrate onion services in your architecture and how to provide a seamless frontend experience for privacy-concerned people that prefer to use the Tor Browser.
Group action Building Set (mathematics) Client (computing) Information privacy Mereology Mathematical model Facebook Web service Different (Kate Ryan album) Single-precision floating-point format Encryption Data conversion Information security Scripting language Service (economics) Email Software developer Electronic mailing list Bit Connected space Category of being Architecture Internet service provider Telecommunication Website Point (geometry) Service (economics) Link (knot theory) Virtual machine Web browser Metadata Twitter Internetworking Bridging (networking) Operator (mathematics) Touch typing Reduction of order Graph (mathematics) Information Projective plane Mathematical analysis Content (media) Computer network Line (geometry) Directory service Word Uniform resource locator Software Personal digital assistant Communications protocol
Point (geometry) Building Server (computing) Digital electronics Service (economics) Computer file Direction (geometry) Neuroinformatik Revision control Web service Different (Kate Ryan album) Address space Information Key (cryptography) Surface Data storage device Bit Database Line (geometry) Directory service Cartesian coordinate system Public-key cryptography Connected space Category of being Message passing Software Volumenvisualisierung Configuration space
Canonical ensemble Variance
hello yeah so those are thank you very
much [Applause]
those are my contact information if we want to ask question later also or just get in touch feel free it's my email my master Don and my Twitter so I I should do some advertising we have at our booth in building K where all the projects are there are stickers so feel free to go and grab and we have a relay operator meetup if you want to run a relay that's tomorrow 3 p.m. building H room 3 2 4 4 so note that down if you want to come it's one hour and you can ask questions and know how you can own a relay and what do you need so my name is Silvia online I'm here oh I work at the top project and I also part of the information security group but UPC Barcelona so what do the stuff is about it's not a general talk about tour but I will go through what Tori's and what does it do so that we have that information fresh the recent tour talk tomorrow in the privacy truck but Roger it's at 11:00 the room is Jason I think or Johnson Johnson not Jason yeah so then we talk about Runyon services again I would go quickly through our onion service work and the architecture because the main topic is how can I use onion services so what is stories actually so the tour is free software to begin with it's a community of people that do different things and we have developers you search relay operators volunteers everybody does different things some people just are advocates some people do more development work and some people do actual research and mathematical models so it's a bit of everything Tori's our network and your son nonprofit we have about two million users every day using the Tor network I said user not people because we don't know if those are people there could be machines and we have seized 6000 relays and about 1,000 bridges those are nodes in the Tor network that volunteers run so that you can use it so what does tour do to provide privacy to begin with provides anonymity provides communication security provides a traffic analysis resistant communication network those are mainly the same things said in different ways and to different people may be different set of people that would understand the concept with different words but the last point it's the most important point for us and this toward provides which ability against censorship most of the people they use tor want to access Facebook because they can not do it in their own country so how does it work don't provide privacy by distributing trust you have your traffic routed across a network of nodes run by volunteers and this is different from the idea of running a VPN where you only have one single point of failure or one single node where your traffic goes out I need to trust the service that you're using in this case you don't have to trust anyone the trust is distributed across the network so ok we have Allison Bob because we always listen Bob so Alice wants to visit Bob Bob is a website as it's Alice's Arthur client and obtains a list of nodes from a directory server picks a path to the Tor networks and reaches Bob calm so the purple lines are in clear that end run into the Tor network and the Green Line is out in the Internet and the encryption protocol on that connection depends on the encryption protocol that Bob is using in this case so if the using HTTP the traffic is in the clear if not is encrypted so it's always important to use secure protocols even if you news Indore so if then Alice wants to visit a different website like Jane Alice client would pick a different path a totally different path and will reach Jane calm so this is no there is no way in generally speaking to trace the to connection and understand Alice's visiting Bob first and Jane later so this is one concept we always says that tour provides anonymity and it's more than krypton anonymity because sorry if I'm calling a mental health helpline and the service I'm using doesn't know what I'm saying but knows I'm calling this half line at midnight they probably know that someone I know myself has some mental health issues and he's got for a lot of different things because encryption doesn't hide the conversation metadata you can hide the content but not the information about the conversation that can already say a lot about the content encryption doesn't hide your social graph who you're talking to it doesn't hide some meta data from the network it doesn't hide your location but anonymity does and this is what tour provides so there is always this question about why tours provides a browser and this is because we think that about the tor browser is a way that you can surf the web or in a safe way and this is the easiest way to provide safe use of tor and Taurus is a modified Firefox there are some things packaged inside its tor tor bottle no script and HTTPS Everywhere and the idea the properties that you get by using tor browser is of course you store safely than just running Firefox off at all it's a little bit different but also it's engineered let's say to reduce link ability between different activities so the idea that she which is a website first and then another later the advertising network on both website wouldn't be able to recognize you unless for example you are logged into Facebook and book and Google while using it or so we also provide these things called onion services to have where we say by
direction anonymity so the idea is that you are which website within the Tor network the service says in the Tor network so if you remember the Queen line representing an unencrypted connection that green line doesn't exist anymore the service stays in the Tor network and can enjoy all the properties provided by the Tor network so there are some other interesting thing about onion services they can be started from your computer they are peer-to-peer they are decentralized because they live on the Tor network they have a smaller attack surface they provide bi-directional anonymity and also they are the onion service address are public keys and with version 3 onion service you can create as many public as many sub Keys as you want so ideally you can use different keys for different purposes so more or less this is how onion service work Bob is an onion services and picks three nodes in the network and build circuits to them these are called introduction points and then advertise the service to the directory service which is basically a database and says hey I exist and send some information to the database and under is Alice and Alice knows that Bob exists so they asked some information to the database and set up a tour note it's a render point so Ali Saleh has learned the introduction point from the database picks one and send a message to Bob telling Bob something like hey meet me and render the points and also some a one-time secret to Bob Bob connects to the render who points they exchange a secret and they just used a tour sacred as normally so between Alice and the render for point there is a three up store circuit and between Bob and the render point there is another three up Sounion circuit so it's basically six tops of a circuit so that is the thing we have these services how do we use them the idea is to have a little bit of ecosystem of application and service they live on the Tor network so the first thing is like okay I am a certified society service from a docker container from my computer and I use it because I need to and okay I have a container I have some configuration and I just start the container and that's on my computer and it's accessible through SSH via tour of course so if you want to set up SSH server in reality you just need to configure the Taurasi tour CC file and just change a few lines you said Dana and service directory the port that you want to expose