Tuesday, June 18, 2013

Hiding your data transmissions from the NSA, Part 2

Part 1 is here, and involves a discussion about keeping your data private.  But even without being able to read your data - or even knowing that you're sneaking data through these communications - the NSA is really good at figuring out who is talking with whom.  In fact, it's likely that this traffic analysis technique has been instrumental in identifying the communications hierarchy of Al Qaeda.  If the critical nodes are identified, then those can be eliminated.  If enough of these are removed from the cell hierarchy, the network falls apart.

So how do you hide the fact that you are browsing to a Double-Plus Ungood Enemy Of The State® site like The High Road?  Sure, the NSA might not know what you're saying, but it's bad if they know that you're saying it there, right? 

So use Tor. Tor is a program and a network of servers designed to make Internet use anonymous.  It's not perfect, but it likely will raise the cost to the Fed.Gov in watching where you browse.  Your computer connects to a server called a Tor Router using an encrypted connection.  The router removes your IP address information and sends the data on (using an encrypted connection, 'natch) to another Tor router, which then does the same thing, sending your data on to a third Tor Router.  These routers are more or less randomly distributed geographically, and where the routers are and which will be used for any connection are essentially random.

What's important is that only the first Tor Router knows where you are - none of the others (or even the final destination web server) know where you are or who you are.  It anonymizes your 'Net communications. Net/net (so to say), it's hard for NSA to know that you're hanging with the Gun Nuts at THR by doing traffic analysis.

Tor is open source, so you download for free.  You get extra irony points, because Tor was originally developed to help people in countries where the Government is censoring Intern usage - Iran, Red China, etc.  In fact, 80% of the Tor Project's funding comes from the State Department.  Ironic Irony is ironic.

Now there are some important warnings.  First, your ISP is collecting data that would let the NSA know that you're talking to a Tor Router.  In other words, they might not be able to tell what you're talking to, they almost certainly would know that you are using Tor.  It's shining a big light on yourself.  If you want to keep as low a profile as possible, do not use Tor.  It will give you basically as high a profile as possible.

Second, it is possible that the NSA is watching both ends of the communications stream: you to the first Tor Router, and from the last Tor Router to the remote server.  It's actually likely that they're doing this.  It's thought that it would be very difficult to correlate these together, but not impossible.  I haven't heard of this happening yet, but it might be doable.  Paranoia runs deep, if you're smart. 

Third, there have been a series of problems identified in Tor over the last 5 years or so.  These have been fixed pretty quickly, but you need to understand that Tor is a big target for a lot of Governments, possibly including ours.  This is a presentation from a couple years ago that gives you a pretty good (if geeky) overview of this.

Fourth, Tor is good for web stuff, but only helps your privacy for data in flight; once the data is received at the server, it's subject to normal data collection.  For example, it doesn't make sense to use Tor with Gmail, because Google will just give your data up to the NSA on request.  If you really want a secure email, you will need to get more apps.  I'll cover that in the next installment.


Carteach said...

Interesting. Thanks, and please continue.

Crapgame said...

Really interesting articles so far. Of course, from a tinfoil hat perspective, the fact that 80% of Tor's funding comes from the State Department would leave me to think there's going to be a backdoor for US government snoopers.

Borepatch said...

Crapgame, Tor is open source, so you have the source code. While you or I might not spend too much time looking through the code for back doors, groups like the Electronic Frontier Foundation absolutely will.

Dave H said...

I'd be more concerned about Tor if it was getting funding from DHS. State Department has a (somewhat) different agenda, like fomenting rebellions and stuff. In other words, State hands out weapons to foreigners, and Homeland Security tries to keep them from shooting back at us.

Crapgame said...

Fair enough. Just keeping a healthy level of paranoia. :)