> For those who want to donate bridges to the Tor network, the easiest route is to use Tor Cloud, an Amazon Web Service Elastic Compute Cloud image created by the Tor Project that allows people to leverage Amazon's free usage tier to deploy a bridge.
What are the risks involved in doing this? Both in regards to legal responsibility for traffic, and Amazon ToS.
As long as you don't operate an exit node, there are no risks that I am aware of (as a citizen of the USA or EU, YMMV otherwise). I've been running several entry nodes with directory caching enabled on Amazon for a year or so with no problems - nor do I expect any.
If you run an exit node on Amazon, you can expect to receive a C&D at some point. I'm not sure if Amazon will intervene. There are some services elsewhere that allow you to pay for the operation of exit nodes in bitcoin.
Tor is essentially just 2 proxies chained together such that the first proxy (the entry node) doesn't know the final destination, the second one (the exit node) doesn't know the source, and the final destination only knows the exit node. If a malicious entity is operating either entry or exit nodes, it still protects your identity as long as you did not expect the exit node to send information that leaks information about yourself. If the same malicious entity or cooperating ones get lucky and operate all of your nodes, then you are unmasked. If you are afraid of this possibility, then you can configure your client to make a circuit of more than 2 nodes.
In order to find out about all of the available public nodes that you can connect to, the client queries a list of hardwired directory servers. Here, you can get this yourself:
http://86.59.21.38/tor/status-vote/current/consensus
If you run a public server, your information will be distributed in this list. You can also run a private bridge, which is not shared publicly. You will not be used as an exit node unless you configure your server to allow exit traffic. You can specify this by port ranges, so as to only allow certain traffic. You can see this in the above consensus document in lines that start with "p". "p reject 1-65535" means it is not an exit node.
If you want to help in other ways, you can also run a directory cache that serves consensus information (as in the above link).
A public server is not an exit node unless it is specifically configured to be one. If you want to be absolutely certain that you are not an exit node, just check out your torrc configuration file and search for a line beginning with "ExitPolicy".
I believe this is the default on Ubuntu:
ExitPolicy reject <asterisk>:<asterisk>
(it seems HN filters out the literal asterisks in the above context, so replace <asterisk> with *)
There is no risk in setting up a bridge, only in setting up an exit node. When setting up an exit node, sites see your IP as the source of traffic. If you're just setting up a bridge or a normal non-exit relay, then no sites see your IP involved in the traffic, and you have no way of seeing what traffic you are forwarding on.
It's safe to be an entrance into the network, but it can be dangerous to be the exit, as you sometimes get blamed for the traffic.
You don't need a beefy network connection to run a useful Tor non-exit relay, either. As long as you have a machine that's on 24/7, and can spare at least 20KB/sec in both directions, running a Tor relay is just a nice and charitable thing to do, with zero risk.
From my own tests with TOR:
The hidden services architecture of TOR (i.e. services which only exist within TOR) works more or less like the Internet, so to get to an onion page you have two options:
- You use the onion url of a page: You will probably not encounter anything you do not want to see (depending on the source of the link).
- You use one of the hidden service search engines. These are NOT provided by TOR but by TOR users, i.e. they are TORs Google/Yahoo (especially old time yahoo with long lists of pages instead of a search). Here the risk is significantly higher: Most of these link lists/search engines have a strict "no censoring" policy, so you will at least risk to get links to such things. I've never had this problem (and I am grateful for that) but the risk exists.
In addition to what other have already noted, one other thing to keep in mind:
The Tor exit node that happens to handle any particular request gets to read the relevant traffic (since it is handling the request to the actual end server on your behalf). So, for instance, if you're logging into some bulletin board via unencrypted http, the Tor exit node handling the login request gets to see your username and password on that bulletin board in cleartext (as can all the other net infrastructure between that exit node and the bboard itself).
In one sense, this doesn't change your risk profile; if you're logging in over unencrypted http directly, you're also at risk of sniffing. However, the risk may be enhanced with Tor; there are persistent rumors of law enforcement and intelligence agencies (and others with darker-colored hats) running exit nodes which deliberately sniff the traffic they're proxying to see if something interesting comes up. It also might be possible for such a hostile exit node to mess with the content of unencrypted traffic, though I've personally heard no rumors of that.
Note that if you're using Tor to proxy encrypted traffic (https), the exit node sees only the encrypted data stream, which is as secure as the encryption you're using --- and the official Tor browser bundle includes the "HTTPS everywhere" Firefox plugin to try to get you to use HTTPS where available.
Additionally, if you're using Tor, anyone monitoring the net segments between you and the entry nodes you hit may be able to tell that you're using it (though they won't be able to tell what you're using it for). If the local secret (or other) police frown on that sort of thing in principle, it could be trouble.
What worries me is that if you want to do government work (even quite innocuous stuff), your job depends on getting security clearance.
Certainly in the UK, Europe general and probably in the US, your ISP retains a list of all the IP addresses you connect to, and they supply this to the government if they have national security grounds.
At least in the UK, security clearance is grounds to pull your internet records, they say so on public government websites.
I think that in future, if your household connects to known TOR bridge nodes, that might well impact if you can do government work, from IT at your local tax office to army work.
Probably paranoia, but I'm staying away from TOR for this reason. Which is a shame because what some ad networks do is really, really creepy.
I am going to assume that we are talking about the tor hidden network. Normal tor usage is relative safe, through https is a major safety net.
Risk and safety is hard to talk about, mostly because its hard to quantify it. I could say that the hacker risk is as risky as visiting a private hosted word press blog, through I suspect more blogs has viruses on them that tor pages has.
As for seeing child porn, so long you don't go looking for it, I suspect the risk is low. Any site that allows users to upload images (like forums) or video without pre-reviewing it could have such images. To be sure, turn of images in your browser when visiting such sites.
I appreciate yours and sgift's response. I will probably keep away to be honest. I always see stories where we only see 5% of the internet on the surface and I wondered what the other 95% could be.
I don't think I want to know to be honest, there's enough crap after page 2 on Google as it is
I don't mean to be rude, but that mindset confines you to local optima. Life is not pain free - and we are all better for it. With no contrast, life is meaningless. Explore a little! Check out page 3 :)
As is the case with every other part of the internet - you should probably use noscript if you are concerned about being attacked. You will never be completely safe from exploits - you need to get comfortable with that. To your browser, it's exactly the same as the rest of the WWW.
Due to the bandwidth issues, most sites are not going to serve images unless they are a media site of some sort. If you don't want to see animal porn on the WWW, how on earth do you keep your virgin eyes safe? You don't seek it out.
also http://crypto.stanford.edu/flashproxy/ (which seems to work - i have seen the colour of the image change on my pages; in fact one is in use right now).
This seems like a fatal flaw for one of Tor's stated use cases: helping political dissidents living with highly repressive governments. How do you publicize a service and at the same time not allow the relevant authorities to discover it? What they're doing seems to make it harder, but in principle it will always be detectable. This would make me think twice if my life depended on my connection not being detected.
This literally took me less than 5 minutes to setup. The defaults are perfect for those with a free AWS setup. Below are the default settings from the included torrc file.
# Start Tor as a bridge.
# Run obfsproxy
# Never send or receive more than 10GB of data per week.
# Running a bridge relay just passes data to and from the Tor network. so it shouldn't expose the operator to abuse complaints.
I tried helping out Tor. I installed their software that was supposed to make it one-click to set up a relay. Didn't work. Then I fumbled around a bit and Googled the error messages I was getting. No luck. Reboot a few times and try again. Nope.
Sorry. They need to make it way easier to get involved.
Worked fine for me, but I built from source (I guess that sounds harder; it was actually trivial if you're used to this kind of thing - just the usual ./configure; make; sudo make install) (note that this is for use only as a bridge - if you want to use it yourself, you should use a bundle with browser).
That response is like someone on HN who said it was easy to install third-party stuff on the Windows tablets. All you have to do is simply side-load the stuff like this...
If TOR wants widespread support, they need to create a simple tutorial with a FAQ that covers all the basic problems when you do a one-click install on Windows. If malware can be written to be easily installed and configured, then it shouldn't throw errors when you do a basic install using their Windows package that you need to Google and diagnose. If a software developer gets pissed off at their installers, what will average users think?
sorry, wasn't meant as criticism, although i do think tor try quite hard to package things - it's certainly improved over the years. perhaps posting a bug report with your issue is the best way to get them to improve?
https://trac.torproject.org/projects/tor
Didn't take it personally. I support TOR. I just don't like them complaining about network congestion/overloading when they don't do enough (IMO) to make it easy to expand the network.
Has Tor tried to do anything to reduce potentially unnecessary use of their bridges? Maybe I'm being naive, but I think some teenager using Tor to pirate stacks of blue-ray movies should have to wait in line behind a Chinese civil rights blogger.
Tor is unbearably slow for large downloads, so almost anyone is discouraged from doing so. There's also no reason whatsoever for a teenage pirate to need a bridge server, since their access to the standard servers is unimpeded.
The whole point of tor is to let people say things other people don't want them to; a system that decided what could and couldn't be sent over it would rather defeat the point.
IIRC there was a man in (I believe) Austria who recently got arrested for this exact reason and he was trying to scrounge up enough in donations to pay for his legal fees.
+-----+
| You |
+-----+
\ <= encrypted _
+----------------+ | T
| Tor Entry Node | | O
+----------------+ | R
\ <= encrypted |
+------------------------+ | N
| Tor Bridge/Relay Nodes | | E
+------------------------+ | T
\ <= encrypted | W
+---------------+ | O
| Tor Exit Node | | R
+---------------+ _| K
unencrypted => \
+----------+
| Internet |
+----------+
The exit node is the only one that the wider Internet sees. All other traffic within the network is encrypted.
It's that first step I don't get. How is the traffic between you and the entry node encrypted? Can't someone monitoring traffic know that you're on Tor (even if they can't know what you're doing on it)?
The box labeled "You" is not just a web browser. It should include a local (as in local to the machine running the browser) Tor proxy like Vidalia. See https://www.torproject.org/projects/torbrowser.html.en for an example.
It is basically TLS, so if you are connecting to a public node then it is easy to see that you are using tor. This is why we need more bridges that are slightly more difficult to enumerate.
What are the risks involved in doing this? Both in regards to legal responsibility for traffic, and Amazon ToS.