Nov 11, 2019
TOR: The Dark Net Welcome to the History of Computing Podcast, where we explore the history of information technology. Because by understanding the past, we’re able to be prepared for the innovations of the future! I’ve heard people claim the Internet was meant to be open. The Internet was built using United States defense department grants. It wasn’t meant to be a freedom movement. These concepts were co-opted by some of the hippies who worked on the Internet. People I highly respect, like Stuart Brand and Doug Engelbart. Generations of engineers and thinkers later we got net neutrality, we got the idea that people should be anonymous. They rightfully looked to the Internet as a new freedom. But to be clear, those were never in the design requirement for any of the original Internet specifications. And sometimes the intent tells you a lot about the architecture and therefore explains the evolution and why certain aspects were necessary. The Internet began in the 1960s. But the modern Internet began in 1981 when the National Science Foundation took over funding and implemented Internet Protocol Suite, giving the IP part of the name to the acronym TCP/IP. Every device on the Internet has an IP address. You ask another host on the Internet for information and the site responds with that information. That response routes to the IP address listed as the source IP address in the packets of data you sent when you made the request. You can send the source IP address as an address other than your own, but then the response will be sent to the wrong place. Every device in a communication between two computers is meant to know the source and destination address of all the other devices involved in that communication. The Internet was meant to be resilient. It’s really expensive to have a private network, or a network where your computer talks directly to another. Let’s say your computer and another computer would like to have a conversation. That conversation likely passes through 10-12 other devices, if not more. The devices between you were once called IMPs but they’re now called routers. Those devices keep a table of addresses they’ve attempted to communicate with and the routes between other routers that they took to get there. Thus the name. Once upon a time those routes were programmed in manually. Later the routers got smarter, forming a pyramid scheme where they look to bigger routers that have more resources to host larger and larger routing tables. The explosion of devices on the Internet also led to a technology called Network Address Translation. This is where one of the 3,720,249,092 is split into potentially hundreds of thousands of devices and your device communicates with the Internet through that device. These are routers that route traffic back to the private address you’re using to communicate with the Internet. When bad people started to join us on the Internet these devices ended up with a second use, to keep others from communicating with your device. That’s when some routers started acting as a firewall. Putting names to the side, this is the most basic way to explain how computers communicate over the Internet. This public Internet was then a place where anyone with access to those routers could listen to what was passing over them. Thus we started to encrypt our communications. Thus http became https. Each protocol would encrypt traffic in its own way. But then we needed to hide all of our traffic. And maybe even what sites we were going to. A common technique to hide who you are online is to establish a VPN into a computer. A VPN, or Virtual Private Network, is a point to point network, established over existing Internet protocols. The VPN server you are logging into knows what IP address you are on. It can also intercept your communications, replay them, and even if encrypted, be aware of who you are actually communicating with. So a few minutes of over-simplified text lays out the basis of the Internet routing scheme under IPv4, that was initiated in 1983, the year the movie WarGames was released. Remember, the Internet was meant o build a resilient, fault tolerant network so that in the event of nuclear war, the US could retaliate and kill the other half of the people left in the world. If you’ve seen WarGames you have a pretty good idea of what we’re talking about here. Just to repeat: Privacy was never a concern in the design of the Internet. The United States has people in every country in the world that need to communicate home in real time. They need to do so in a secure and private manner. Part of the transition of the Internet to the National Science Foundation was to implement MilNet, their own network. But let’s say you’re an operative in Iran. If you try to connect to milnet then you’re likely to nat have a very good day. So these operatives needed to communicate back to the United States over a public network. If they used a VPN then the connection isn’t fully secured and they run the risk of getting found because eventually someone would be discovered and all traffic to a given address would be analyzed and that source device tracked down and more bad days. Let’s say you’re a political dissident in a foreign country. You want to post photos of war crimes. You need a way to securely and anonymously communicate with a friendly place to host that information. Enter the United States Naval Research Laboratory with Paul Syverson, David Goldschlag, and Michael Reed who were asked to find some ways to help protect the US intelligence community when they were on the public Internet. Roger Dingledine and Nick Mathewson would join the project and DARPA would pick up funding in 1997. They came up with what we now called TOR, or The Onion Router. Any property on the Internet that is intentionally exclusionary to the public can be considered a dark net or part of the dark web. Although usually we aren’t talking about your company intranet when we refer to these networks. Tor is simple and incredibly complicated. You install software, or a browser extension. Tor routes your data through a bunch of nodes. Each of those computers or routers is only aware of the node in front of or behind it in the communication route and encrypting the next node sent. Since each step is encrypted, these layers of encryption can be considered like a network with layers like an onion. The name might also come from the fact that a lot of people cry when they realize what TOR speeds are like. So if each step is partially encrypted, a compromise of any device in the route will still defeat network surveillance. Instead we’re *usually* talking about something like Tor. This is all pretty ingenious. So anyone can access the Internet anonymously? Yes. And when they do they can do anything they want, totally anonymously, right? Yes. And this is what is often called the Dark Web? Ish. There are sites you can access anonymously through Tor. Those sites might deal in drugs, fraud, counterfeit anything, gambling, hacking, porn, illegal guns, prostitution, anything. And anything might be really, really bad. You can quickly find terrible things, from violence for hire to child pornography. Humans can be despicable. Wait, so are we saying the US government really supports TOR? Yes. Most of the funding for the TOR project comes from the US government. Human Rights Watch, Reddit, and Google kick in money here and there. But it’s not much comparably. China, Turkey, and Venezuela banned Tor? Duh. They would ban it in North Korea but they don’t need to. TOR was used by Edward Snowden in 2013 to send leaked information to The Washington Post and The Guardian. And the use of the network has picked up ever since. According to leaked information the NSA finds TOR annoying. Even though the US government funds it. As does the Russian government, who’s offered a bounty for deanonymization techniques. After the fallout from Snowden’s leaked data, the US passed a bill allowing libraries to run Tor, opening the door for more exit nodes, or public-facing IP addresses for Tor. Now Tor isn’t the be all end-all. Your traffic is sent through an exit node. So let’s think about those library computers. If you’re listening to network traffic on one of those computers and the traffic being sent isn’t encrypted then, well, your email password is exposed. And flaws do come up every now and then. But they’re publicly exposed and then the maintainers solve for them. I’ve heard people claim that since Tor is government-funded, it’s watched by the government. Well, anything is possible. But consider this, the source code is published as well. It’s on GitHub at GitHub.com/torproject. If there are any intentional flaws they’re right there in broad daylight. The projects have been available for years. Given the fact that you have the source code, why don’t you give cracking it a shot? I have about 500 more episodes to record in the queue. We’ll see who wins that race. I should probably go start recording the next one now. All you spooks out there listening through Tor, stay safe. And to all the listeners, thank you for tuning in to yet another episode of the History of Computing Podcast. We’re so lucky to have you. Have a great day!