Torpark - anonymity on the net

[-Demosthenes-]

I saw something (on Digg? I don't remember) about "Torpark," but I forgot about it. Later I looked it up, and I downloaded it. I'm using it right now, it routes your traffic through servers randomly (tor or onion servers or something like that) and it makes your browsing difficult or immpossible to trace.

 

I was wondering who exactly it hides your browsing from. I don't particularly care what people can see from here, from the comptuer, but what can your ISP see? I mean I like the idea of the ISP not knowing what I'm doing, but is that all it does? Is there a similar torrent client (sounds kinda stupid and slow, but is it possible ) ?

[timo]

Funnily, I read about programs anonymizing your browsing just yesterday on Wikipedia (I won´t go look for the link, I think it was the german version, anyways). That article also mentioned anonymized file-sharing techniques, also techniques that did not sound as if they slow down everything (t´was something about sending the data encrypted).

 

I have a pretty split opinion about anonymous surfing. On the one hand, I usually leave my house and go shopping or whatever without wearing a mask so I see little reason to do a similar thing on the web. On the other hand I find it strange that people (machines in this case) might collect data about me for reasons they are not telling me.

[MulderMan]

Can't really answer your question, but what sort of speeds are you getting using Torpark? When testing it the other day, it was extremely slow - not worth the hassle.

[-Demosthenes-]

Can't really answer your question, but what sort of speeds are you getting using Torpark? When testing it the other day, it was extremely slow - not worth the hassle.

 

Very slow, especially when on windows (doesn't seem to work very well with my wireless card). So even with a good connections it's slow, with a bad one, it's painful.

[-Demosthenes-]

Wait, from what I understand it only hides what your doing from the sites that you go to, not your ISP. I thought a big use of this would have been for countries like china where access is restricted, would it work in those countries?

[5614]

Demosthenes is correct. It hides you Public IP address from the sites you are visiting. It does not hide them for your ISP.

 

These sites offering 'anonymous surfing' often work by routing data through their servers. So if you want to go to Google then you (by typing in the Google site address) send a message to anonsurf.com and then anonsurf.com loads Google. This means that were Google to be tracking who loads data from their site it would register anonsurf.com and not you as the person requesting the data. This is obviously simplified, but I feel it gets the point across.

 

With the ISP it's different. Everything you do on the Internet goes through your ISP. The world works like this!

Your computer --> ISP --> Rest of the world

therefore everything goes through the ISP.

 

ISPs generally protect customer details very well, although when there is sufficient evidence they can be forced, by law, to give the details of customers using the Internet for illegal purposes, e.g. downloading.

 

It also is very linked to a few other related topics. In China data is censored at the ISP level, this means that you cannot get around the censoring.

 

A slight complication, although interesting all the same, is ports. For those who don't know a port is like a door or a window of a house. Just when you go to your neighbours you knock on their front door, so when you play, for example, Halo PC it uses port 2302. When you use a download program it will, by default, use a certain port. For example Bit Torrent uses port 6881. Some ISPs want to prevent people from downloading, so can block or limit data transfer on port 6881. NB: You can change the port a program is using, but many people do not or do not know how.

[-Demosthenes-]

Someone explained it to me that even sites protected with SSL (https: instead of http:) the traffic is completely hidden fromt he ISP. As the traffic is encription on you computer, sent to ISP with address of the site, and decripted be the site. So all they know is where it came from and where it's going.

 

And with Torpark using Tor servers, your traffic is encripted in the browser on you computer, sent to the ISP with an address to a Tor server, and decrited on a Tor server, and then sent to the site.

 

So, the ISP would only see where the traffic came from, random encripted traffic, and where the traffic would make it's first stop -- a Tor server.

 

Is this close?

[5614]

That's correct.

 

I'm not so sure about the ISP seeing "random encripted traffic" though. I don't think that all data is encrypted. And by looking at other things you can often guess what it is.

 

Say someone had multiple connections using port 6881 and a lot of data was being sent to multiple different IPs, flowing in both directions (down/uploading), it sounds very much like BitTorrent.

[-Demosthenes-]

I'm not so sure about the ISP seeing "random encripted traffic" though. I don't think that all data is encrypted. And by looking at other things you can often guess what it is.

 

All data except the address where it came from and where it's going, right? In this case countries where individuals need to worry about what they do online can do what they want with a tor server and encription using browser (as long as they are content to surf at dial up speeds ).

[5614]

All data except the address where it came from and where it's going, right?

What?

 

In this case countries where individuals need to worry about what they do online can do what they want with a tor server and encription using browser (as long as they are content to surf at dial up speeds ).

No, well, it depends on what you mean. If you mean in countries where there is enforced censoring then that censoring is done on the 'borders' of the countries. All data which comes into the country will go through the ISP and all the ISPs (quite possible there is only one) will censor it. Ah, now I see where you're coming from, either:

1) When Torpak sends the 'illegal' webpage to you the ISP will stop it or

2) The censoring works, technically, differently.

These anonymous surfing sites are popular and not that new. AFAIK there is no way around a country's block on websites, and if there is it would not be something as simple and common as Torpak. Not that Torpak itself is common, but the idea and general programming behind it is.

[Cap'n Refsmmat]

From what I understand about Tor, censoring would not work, because the actual address of the site is encrypted until it gets to the "outlet" server. When the data is retrieved and sent back to you, it is also encrypted until it reaches your own computer.

 

As long as the outlet server was outside the country, censoring would be useless. Of course, countries like China probably have filters in place to block traffic that looks remotely like it's from Tor.

[-Demosthenes-]

What?

If you browser encrypts the traffic all it needs to give the ISP you're going through is the destination address right? And it is my understanding that this is all Torpark gives the ISP: some encripted traffic to send to a certain address (a tor server). So all the ISP can see is where it came from (because you sent them the traffic) and where it's going (becuase the ISP has to know where it's going to send it). But I probably have it all wrong

 

No' date=' well, it depends on what you mean. If you mean in countries where there is enforced censoring then that censoring is done on the 'borders' of the countries. All data which comes into the country will go through the ISP and all the ISPs (quite possible there is only one) will censor it. Ah, now I see where you're coming from, either:

1) When Torpak sends the 'illegal' webpage to you the ISP will stop it or

2) The censoring works, technically, differently.

These anonymous surfing sites are popular and not that new. AFAIK there is no way around a country's block on websites, and if there is it would not be something as simple and common as Torpak. Not that Torpak itself is common, but the idea and general programming behind it is.[/quote']

 

If the traffic is encripted how will the ISP know what it is to filter it? If nothing does that today, wouldn't something that encrypts the information work? Unless they block all traffic from tor servers...?

[5614]

Outgoing:

Home -> ISP -> tor -> site you're visiting

 

Incoming:

site -> tor -> ISP -> home

 

The ISP sees all. Do common browsers (IE, FF etc.) encrypt all data being sent? When a website has encrypted data such as passwords it does for sure, but generally I'm unsure. I don't think that plain text websites are encrypted.

 

If a website was encrypted then the ISP would not be able to easily read it. Say I develop a new language which is a cross between morse code and ancient egyptian (random!) I could use that to communicate to my friend over the Internet and our ISPs would not be able to understand it.

 

Going back to countries where censoring is enforced, incoming traffic:

site -> tor -> ISP -> home

those arrows represent the uncesored version of the site. When it goes through the ISP it will then be censored. The automated censoring software doesn't care whether the uncensored site is coming from tor or anywhere else.

 

The whole point of the anonymous surfing is that the site you're visiting thinks that Tor is viewing the site, and not you, therefore you remain anonymous.

[Cap'n Refsmmat]

The outgoing goes through the ISP, but the request address is for the Tor server, not the site you're visiting. The Tor server passes it on to another one, and another, until the address is decrypted and fetched.

[-Demosthenes-]

Outgoing:

Home -> ISP -> tor -> site you're visiting

 

Incoming:

site -> tor -> ISP -> home

 

The ISP sees all. Do common browsers (IE, FF etc.) encrypt all data being sent? When a website has encrypted data such as passwords it does for sure, but generally I'm unsure. I don't think that plain text websites are encrypted.

Only "secure sites" using SSL, if I'm right

 

If a website was encrypted then the ISP would not be able to easily read it. Say I develop a new language which is a cross between morse code and ancient egyptian (random!) I could use that to communicate to my friend over the Internet and our ISPs would not be able to understand it.

 

Going back to countries where censoring is enforced' date=' incoming traffic:

site -> tor -> ISP -> home

those arrows represent the uncesored version of the site. When it goes through the ISP it will then be censored. The automated censoring software doesn't care whether the uncensored site is coming from tor or anywhere else.

[/quote']

Unless the info about the site is encripted, right?

The whole point of the anonymous surfing is that the site you're visiting thinks that Tor is viewing the site, and not you, therefore you remain anonymous.

But only to the site, using just tor. But in combination with encription, the ISP too?

[5614]

Only "secure sites" using SSL, if I'm right

Using SSL is not the only form of encryption. But is a good and common example.

 

Unless the info about the site is encripted, right?

But only to the site, using just tor. But in combination with encription, the ISP too?

I've just thought of a great example to share. In school there's a censoring system. It has varied from nothing to basic software, to advance software and is now integrated with the ISP (some special school ISP). I'd like to talk about the basic/advance software censoring. With the basic system I would be able to go onto a proxy and through that bypass the censoring. However with the advance system not only were nearly all proxys blocked, but if you did find one then it would come up with the proxy window, and then within that it would come up with the blocked sign.

 

The advanced system saw that it was the approved Tor site sending you the data, but the data itself was checked, and this was blocked. So what would happen if the data was encrypted? To be honest I don't know. Although a simple solution would be to just block encrypted data.

 

Sometimes when you're browsing a page will come up as normal, but then the advert in the top will come up as the blocked page sign, which is sometimes amusing to see.

 

Although I suppose if you used an encryption where A=1, B=2 etc. and then hosted the code for the site using this encryption it should get past the censoring, and then the user could decrypt and assemble the code at home.

[bascule]

The "Great Firewall" is little more than a deterrent to the determined and experienced Chinese computer hacker, and back in June the specific method by which the firewall worked was disclosed:

 

http://www.schneier.com/blog/archives/2006/06/ignoring_the_gr.html

 

It's obviously been changed since then, but needless to say that while the protection it offers is enough to deter your average user, it's something that can be bypassed in multiple different ways.

 

The real question is can you do it without getting caught by the Chinese government...

[-Demosthenes-]

So what would happen if the data was encrypted? To be honest I don't know. Although a simple solution would be to just block encrypted data.

 

Blocking encrypted data would block traffic from sites using SSL and other common encryption. I don't think it would work very well.

 

Assuming that they do not block all encrypted traffic, I think that that your traffic is completely hidden from the ISP. The Torpark site says:

 

Run Torpark.exe and it will launch a Tor circuit connection, which creates an encrypted tunnel from your computer indirectly to a Tor exit computer, allowing you to surf the internet anonymously.

 

I think that it encrypt, but I'm going to go ahead and post the question on the Torpark forum.

[-Demosthenes-]

Thepenguin from the Torpark forum was explained everything.

http://www.torrify.com/forum/viewtopic.php?p=1557#1557

Torpark uses tor like a local proxy' date=' you point your browser to use a port on the loop-back address for it to get and send data, because this is on your local machine, its not going out to the net.

 

Tor gets the data, encrypts it using TLS, then tunnels its connection to the tor network through your Internet connection, to its first randomly picked Tor server, that server doesnt even look at the encrypted data, it just forwards it to the next tor server that was again, randomly chosen, this happens again and it reaches the exit node.

 

The exit node then uses its key to decrypt the encrypted TLS data, looks at the request, grabs the needed data (for a web page or whatever) and encrypts it again bouncing it back through the tor network until it reaches your entry node which it forwards to your IP ENCRYPTED before it reaches your local machine where tor again decrypts it and sends it on to your Web browser.

 

Basically, your ISP cant see where your going, and cant sniff your data without brute forcing the packets to see whats inside (which anyone who uses PGP can tell you, takes a looooooooooooooooong time unless your a world supercomputer with a Beowulf cluster of supercomputers waiting to do your bidding) only knows your accessing a tor server, and nothing else, not what your sending, or watching, or buying via tor.

 

A good place for refrence would be the EFF's website for tor (http://tor.eff.org/) and more specifically the overview (http://tor.eff.org/overview.html.en)[/quote']

[5614]

bascule: that link doesn't work now , it looked like a good read!

 

Demosthenes: so seemingly tor acts as a local proxy and not a normal 'anonmous surfing' website, big difference.

It looks like 5614 is confusing Tor with a regular web proxy and is a little confused

He is totally correct. I've asked a question on the forum to clarify my understanding of how Tor works.

 

http://tor.eff.org/overview.html.en

Tor can't solve all anonymity problems. It focuses only on protecting the transport of data. You need to use protocol-specific support software if you don't want the sites you visit to see your identifying information. For example, you can use web proxies such as Privoxy while web browsing to block cookies and withhold information about your browser type.

[-Demosthenes-]

Yeah, you know about this stuff, I'm just starting to learn about it. Thanks for your help! I'll keep checking the torpark forum, nothing yet.