SecDocs Feed for author Roger Dingledine

[Video] How governments have tried to block Tor

Sun, 18 Mar 2012 06:30:10 +0100

Authors: Jacob Appelbaum Roger Dingledine
Tags: Tor privacy
Event: Chaos Communication Congress 28th (28C3) 2011
Abstract: Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January 2011 and September 2011. Bluecoat tested out a Tor handshake filter in Syria in June 2011. China has been harvesting and blocking IP addresses for both public Tor relays and private Tor bridges for years. Roger Dingledine and Jacob Appelbaum will talk about how exactly these governments are doing the blocking, both in terms of what signatures they filter in Tor (and how we've gotten around the blocking in each case), and what technologies they use to deploy the filters -- including the use of Western technology to operate the surveillance and censorship infrastructure in Tunisia (Smartfilter), Syria (Bluecoat), and other countries. We'll cover what we've learned about the mindset of the censor operators (who in many cases don't want to block Tor because they use it!), and how we can measure and track the wide-scale censorship in these countries. Last, we'll explain Tor's development plans to get ahead of the address harvesting and handshake DPI arms races.

[Audio] How governments have tried to block Tor

Sat, 17 Mar 2012 06:40:45 +0100

[Slides] Putting the P back in VPN

Sun, 04 Dec 2011 06:28:33 +0100

Authors: Roger Dingledine
Tags: VPN privacy
Event: Black Hat USA 2004

[Slides] Why is Anonymity So Hard?

Sat, 19 Nov 2011 06:35:58 +0100

Authors: Roger Dingledine
Tags: privacy
Event: Black Hat USA 2002

[Slides] Attacks on Anonymity Systems (Theory)

Thu, 13 Oct 2011 19:35:23 +0200

Authors: Len Sassaman Roger Dingledine
Tags: Tor privacy
Event: Black Hat USA 2003

[Slides] Attacks on Anonymity Systems (Practice)

Thu, 13 Oct 2011 19:35:23 +0200

Authors: Len Sassaman Roger Dingledine
Tags: Tor privacy
Event: Black Hat USA 2003

[Video] Why Tor is Slow, and What We're Doing About It

Sat, 06 Mar 2010 06:02:11 +0100

Authors: Roger Dingledine
Tags: Tor privacy
Event: DEFCON 17

[Paper] Why Tor is Slow, and What We're Doing About It

Sat, 06 Mar 2010 06:02:10 +0100

Authors: Roger Dingledine
Tags: Tor privacy
Event: DEFCON 17

[Audio] Why Tor is Slow, and What We're Doing About It

Sat, 06 Mar 2010 06:02:09 +0100

Authors: Roger Dingledine
Tags: Tor privacy
Event: DEFCON 17

[Video] Tor and censorship: lessons learned

Mon, 25 Jan 2010 06:06:50 +0100

Authors: Roger Dingledine
Tags: Tor privacy
Event: Chaos Communication Congress 26th (26C3) 2009
Abstract: Tor was originally designed as a civil liberties tool for people in the West. But if governments can block connections *to* the Tor network, who cares that it provides great anonymity? A few years ago we started adapting Tor to be more robust in countries like China. We streamlined its network communications to look more like ordinary SSL, and we introduced "bridge relays" that are harder for an attacker to find and block than Tor's public relays. In the aftermath of the Iranian elections in June, and then the late September blockings in China, we've learned a lot about how circumvention tools work in reality for activists in tough situations. I'll give an overview of the Tor architecture, and summarize the variety of people who use it and what security it provides. Then we'll focus on the use of tools like Tor in countries like Iran and China: why anonymity is important for circumvention, why transparency in design and operation is critical for trust, the role of popular media in helping – and harming – the effectiveness of the tools, and tradeoffs between usability and security. After describing Tor's strategy for secure circumvention (what we thought would work), I'll talk about how the arms race actually seems to be going in practice.

[Slides] Tor and censorship: lessons learned

Mon, 25 Jan 2010 06:06:48 +0100

[Audio] Tor and blocking-resistance

Thu, 03 Dec 2009 06:11:51 +0100

Authors: Roger Dingledine Nick Mathewson
Tags: Tor privacy
Event: DEFCON 15

[Audio] Security and Anonymity Vulnerabilities in Tor: Past, Present, and Future

Fri, 06 Nov 2009 06:11:21 +0100

Authors: Roger Dingledine
Tags: vulnerability Tor privacy
Event: DEFCON 16

[Slides] Why Tor is slow

Sun, 18 Oct 2009 01:09:00 +0200

Authors: Roger Dingledine
Tags: Tor privacy
Event: HAR 2009
Abstract: Many of you have probably tried Tor, and then stopped because you found it too slow. Now that Tor has several hundred thousand users, our original design decisions are showing their age. We need to figure out and deploy some major changes if we want the Tor network to scale up to the million-user mark. Problem #1 is that Tor's congestion control does not work well. We need to come up with ways to let "quiet" streams like web browsing co-exist better with "loud" streams like bulk transfer. Problem #2 is that some Tor users simply put too much traffic onto the network relative to the amount they contribute, so we need to work on ways to limit the effects of those users and/or provide priority to the other users. Problem #3 is that the Tor network simply doesn't have enough capacity to handle all the users that want privacy on the Internet. We need to develop strategies for increasing the overall community of relays, and consider introducing incentives to make the network more self-sustaining. In this talk I'll walk through these problems and more: why we think these are the right problems to solve, and how we're solving them.

[Video] Why Tor is slow

Sun, 18 Oct 2009 01:09:00 +0200

[Video] Tor and blocking-resistance

Sat, 06 Jun 2009 12:15:00 +0200

Authors: Roger Dingledine Nick Mathewson
Tags: Tor privacy
Event: DEFCON 15

[Slides] Tor and blocking-resistance

Sat, 06 Jun 2009 12:11:00 +0200

Authors: Roger Dingledine Nick Mathewson
Tags: Tor privacy
Event: DEFCON 15

[Video] Security and anonymity vulnerabilities in Tor

Sat, 02 May 2009 14:48:00 +0200

Authors: Roger Dingledine
Tags: vulnerability Tor privacy
Event: Chaos Communication Congress 25th (25C3) 2008
Abstract: There have been a number of exciting bugs and design flaws in Tor over the years, with effects ranging from complete anonymity compromise to remote code execution. Some of them are our fault, and some are the fault of components (libraries, browsers, operating systems) that we trusted. Further, the academic research community has been coming up with increasingly esoteric – and increasingly effective! – attacks against all anonymity designs, including Tor.

[Video] Security and Anonymity Vulnerabilities in Tor: Past, Present, and Future

Sat, 28 Mar 2009 22:00:00 +0100

Authors: Roger Dingledine
Tags: vulnerability Tor privacy
Event: DEFCON 16

[Slides] Security and anonymity vulnerabilities in Tor

Fri, 23 Jan 2009 15:00:00 +0100

Authors: Roger Dingledine
Tags: Tor privacy
Event: Chaos Communication Congress 25th (25C3) 2008
Abstract: There have been a number of exciting bugs and design flaws in Tor over the years, with effects ranging from complete anonymity compromise to remote code execution. Some of them are our fault, and some are the fault of components (libraries, browsers, operating systems) that we trusted. Further, the academic research community has been coming up with increasingly esoteric – and increasingly effective! – attacks against all anonymity designs, including Tor.