Peeling onions: understanding and using the Tor network

written by Silvia Puglisi [Hiro] on 2018-02-04

Tor is an important tool providing privacy and anonymity online. The property of anonymity itself is more than just providing an encrypted connection between the source and the destination of a given conversation. There is in fact a lot of information that can be still learned by just observing encrypted communications. Anonymity is a broad concept, and it can mean different things to different groups. The main advertised property of the Tor network is that it provides strong anonymity given a variety of people using the network. The Tor network itself is only a part of what Tor is. Tor also provides privacy at the application level through the Tor Browser. This talk is going to present what Tor is and how it works. We are also going to present new features we have been developing lately. Finally we are going to explain how you can build applications that use Tor.

Tor is an important tool providing privacy and anonymity online. The property of anonymity itself is more than just providing an encrypted connection between the source and the destination of a given conversation. Encryption only prevents the content of the communication between Alice and Bob from becoming known.

There is in fact a lot of information that can still be learned by just observing encrypted communications. For example, it is always possible to guess certain information by learning some properties of the conversation beyond just the content, such as the length of the conversation, or who was involved, or even guessing a group of people that communicate with a certain frequency. These properties are called metadata and can be used to describe information even when the full data is not available.

Anonymity is a broad concept, and it can mean different things to different groups. The main advertised property of the Tor network is that it provides strong anonymity given a variety of people using the network. For the Tor network to function properly and to satisfy users' needs, we need a certain degree of diversity. We need diversity in the nodes comprising the network and in the user population sending traffic through it. Lately, we have been introducing new traffic scheduling features in the network in order to solve problems, reduce congestion and improve overall performance.

The Tor network itself is only a part of what Tor is. Tor also provides privacy at the application level through the Tor Browser.

Other applications can also make use of the Tor network to be more secure. In this case Tor can provide bi-directional anonymity by making it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. The next generation onion services have been recently launched in alpha and we are excited to touch on some of the new features that have been introduced on the old hidden service design.

Slides

Video

venue: "FOSDEM"

location: "Brussels, Belgium"

You never surf alone. Ubiquitous tracking of users’ browsing habits

written by Silvia Puglisi [Hiro] on 2015-09-21

In the early age of the internet users enjoyed a large level of anonymity. At the time web pages were just hypertext documents; almost no personalisation of the user experience was offered. The Web today has evolved as a world wide distributed system following specific architectural paradigms. On the web now, an enormous quantity of user generated data is shared and consumed by a network of applications and services, reasoning upon users expressed preferences and their social and physical connections. Advertising networks follow users' browsing habits while they surf the web, continuously collecting their traces and surfing patterns. We analyse how users tracking happens on the web by measuring their online footprint and estimating how quickly advertising networks are able to profile users by their browsing habits.

Slides

venue: "Vienna University of Technology (TU)"

location: "Vienna, Austria"

Potential mass surveillance and privacy violations in proximity-based social applications.

written by Silvia Puglisi [Hiro] on 2015-08-20

Proximity-based social applications let users interact with people that are currently close to them, by revealing some information about their preferences and whereabouts. This information is acquired through passive geo-localisation and used to build a sense of serendipitous discovery of people, places and interests. Unfortunately, while this class of applications opens different interactions possibilities for people in urban settings, obtaining access to certain identity information could lead a possible privacy attacker to identify and follow a user in their movements in a specific period of time. The same information shared through the platform could also help an attacker to link the victim's online profiles to physical identities. We analyse a set of popular dating application that shares users relative distances within a certain radius and show how, by using the information shared on these platforms, it is possible to formalise a multilateration attack, able to identify the user actual position. The same attack can also be used to follow a user in all their movements within a certain period of time, therefore identifying their habits and Points of Interest across the city. Furthermore we introduce a social attack which uses common Facebook likes to profile a person and finally identify their real identity.

Slides

venue: "Aalto Univerisity"

location: "Helsinki, Finland"