Who is sitting in the Glass House? Its You!
December 6, 2015 9:48 AM   Subscribe

Mozilla's Glass House experiment

While it is clear to anyone that leaving window blinds up may provide third-parties with a view of what is going on in the room, explaining that the same thing may happen online as well is complicated due to the abstract nature of it. ...

Mozilla's Glass House experiment in Hamburg, Germany was an attempt to link privacy online with those at home.

The organization invited unsuspecting travelers from around the world to spend a night in a specially prepared apartment. Once the couples settled in and used the publicly displayed WiFi password to connect their devices to the Internet, all walls of the apartment were removed.
(via: ghacks.net)
posted by dancestoblue (17 comments total) 9 users marked this as a favorite
 
There are also some good links (notably this link to The Atlantic article about law enforcement agencies willingness to fight against any law(s) which would stop them from warrentless searches of email) and some good discussion in the comments section. One comment suggested that curtains on the outside might be a better metaphor than having everything taken down, because that alerts a person instantly, whereas having curtains with pervs peeking in at their leisure might go without notice a longer time.
posted by dancestoblue at 9:49 AM on December 6, 2015 [1 favorite]


I guess Tor Browser doesn't have the funding for stunts like this.
posted by indubitable at 9:58 AM on December 6, 2015 [1 favorite]


I'm typing this from a Firefox browser, and I will continue to use Firefox, but..

DAMN I would be miffed if I was one of the "unsuspecting travelers".
posted by cynical pinnacle at 10:10 AM on December 6, 2015 [1 favorite]


Speaking of Tor:
After the recent Paris terror attacks, the French government is proposing to forbid and block the use of the Tor anonymity network, according to an internal document from the Ministry of Interior seen by French newspaper Le Monde.
Not sure how workable this is, but it sounds like a bad idea.
posted by cynical pinnacle at 10:24 AM on December 6, 2015 [2 favorites]


Banning Tor is a ridiculous idea because it's just another element of security theatre. Tor has been compromised to hell for years and nobody who wants to securely communicate should use it.
posted by dilaudid at 10:35 AM on December 6, 2015


That's kind of a weird statement to make without any support.
posted by indubitable at 10:40 AM on December 6, 2015 [4 favorites]


Banning Tor is a ridiculous idea because it's just another element of security theatre. Tor has been compromised to hell for years and nobody who wants to securely communicate should use it.
posted by dilaudid at 12:35 PM on December 6

Cite please? First I've heard of this, not that I'm the most tech savvy guy, but I do read a lot (ghacks a great site IMO) of tech sites, I'd think I'd have heard about Tor being compromised. When did this come down? Who has compromised it? Who reported on same?
posted by dancestoblue at 10:56 AM on December 6, 2015


Also, encryption had literally fuck all to do with the Paris attacks. There are just a bunch of pigs sitting around waiting for a terror attack, with their arguments against encryption prepared, waiting to exploit free flowing paranoia and tech ignorance in the aftermath.

They're just craven ghouls trying to exploit people's fears.
posted by ernielundquist at 11:04 AM on December 6, 2015 [16 favorites]


There are known attacks against Tor but they are expensive and luck-based IIRC. High-profile cases of Tor users and services being de-anonymized have (as far as we know) been accomplished by working around Tor rather than breaking Tor.

There are no guarantees but seems like Tor remains a useful tool.
posted by grobstein at 11:27 AM on December 6, 2015 [1 favorite]


Maybe it's just one of those "well crap we're on vacation I guess we'll just go with it" things, but who on earth books an "apartment" that's basically just a portable in the middle of a busy pedestrian thoroughfare and doesn't think it at all suspicious?
posted by chrominance at 12:10 PM on December 6, 2015


As far as TOR being compromised, I'm guessing dilaudid has that impression based on Mark Ames' and Yasha Levine's reporting on the project's "deeply conflicted relationship with a number of US national security state agencies, including branches of the Pentagon, the State Department, and some old CIA cutouts." They're the first people I heard making these claims. Here's some pushback from Micah Lee (a "technologist" for The Intercept according to his side bio) if you want to get into it.

FWIW I could honestly go either way on this one, maybe TOR's a boobytrap for credulous hax0rs, maybe it's an invaluable tool for evading the panopticon. Too cynical and technologically incompetent to tell the difference.
posted by 3urypteris at 1:05 PM on December 6, 2015 [1 favorite]


The situation with Tor is messed up in so many ways right now, and it's disturbing the extent to which its backers don't fully acknowledge the very real offline risks its users face when Tor is broken. Tor is, in some ways, the best we've got for what it does, but it is not a guarantee. When peoples freedom depends on your security being upheld, that's an incredibly serious burden, and it's up to you to be transparent about both the risks and benefits of your system. Otherwise, you're operating a honeypot for child porn aficionados, and while many would ague that's a worthy goal, it's clearly not what the Tor Project positions itself as.

There have been several incidents that we know of. Keep in mind that these are just what we know about recent activity in the US, where we, almost always, file public criminal charges and don't make people disappear, at least not for too long. We don't know what, if anything, might have taken place in other countries.

First, back in 2013, the FBI and/or the NSA, in collaboration with at least one private security contractor, exploited a zero-day in Firefox (Firefox is used to build the Tor Browser Bundle), compromised a hosting service, and used the vulnerability to de-anonymize users.

Since the users involved were apparently dealing in child pornography, there was largely a giant shrug outside the security community, but the precedent is concerning. Here is clearly a case where government officials sat on a critical exploit for a popular web browser to use it for offensive purposes, putting the entire internet at risk in the meantime. In addition, the Tor Project configured the Bundle to allow JavaScript by default, a trade-off that makes the browser more usable (and arguably more anonymous, though I'm not convinced it reduces the TBB fingerprint surface very much) at the expense of security. This is a hard trade-off to make, and it's not one that was communicated in a way that all but the most savvy users would understand.

Moving on... Back in July 2014, the Tor Project published an announcement that a number of suspicious relays had established themselves on the network for the last six months. These relays manipulated headers in ways that could de-anonymize traffic, possibly in connection with other attacks.

Last month, the Project claimed that the FBI paid over $1 million to Carnegie Mellon to break Tor. Their efforts appear to have been used to identify users, resulting in several arrests. CMU and the FBI both jumped up and down to claim this was false (as the article points out, there are ways it can be technically false yet still be true), but both are refusing to provide any explanation about anything. The alleged "computer security" researchers at CMU have refused to work with the Tor project to, you know, improve computer security. The fact that CMU CS students aren't protesting to demand answers of their university just confirms for me that CMU is a soulless void (and finals are coming up), but in any case...

For more on the situation, Fusion has a good longform article. One important note is that a Tor contributor noticed some of the anomalies back in February, but the problem wasn't taken seriously as it involved only internal relays, not exit nodes. Another interesting feature of this mess is that DoD and State spend a bunch of money to sponsor Tor in order to promote its potential military applications and to enable uncensored anonymous web access for dissidents in repressive countries; meanwhile, the FBI and NSA spend a bunch of money to attack Tor and de-anonymize its users. We can either conclude that Tor was a trap all along, or more likely, just sigh, apply Occam's razor, and say "your tax dollars at work."

So here we are. It appears that hundreds of people are in jail, perhaps quite deservedly, over the attacks on Tor, research ethics turn out to be nonexistent at what is widely regarded as the top CS program in the world, and there's a lot of egg on everybody's faces. And yet people, drug dealers and dissidents alike, are downloading Tor right now and are trusting it to keep them anonymous. Is their trust misplaced? The Tor Project has a number of good people who certainly do their best, and the project does promptly patch vulnerabilities once they are aware of them and have a fix, but overconfidence is a real issue. The Tor homepage does say it "helps you defend against traffic analysis," which implies that it only helps, but it also says "Tor prevents people from learning your location or browsing habits," which clearly has not been true for a number of people over the past few years.

So yeah, Tor, and this entire mishegas around it, is messed up.
posted by zachlipton at 1:10 PM on December 6, 2015 [29 favorites]


Bonus link: for more on the NSA and Tor, see last year's NDA Panorama report (co-authored by ioerror). It reveals that the NSA cannot simply de-anonymize Tor on demand, but it also describes the extent to which Tor users and developers are tracked.
posted by zachlipton at 1:42 PM on December 6, 2015 [4 favorites]


First, back in 2013, the FBI and/or the NSA, in collaboration with at least one private security contractor, exploited a zero-day in Firefox (Firefox is used to build the Tor Browser Bundle), compromised a hosting service, and used the vulnerability to de-anonymize users.
[...]
Moving on... Back in July 2014, the Tor Project published an announcement that a number of suspicious relays had established themselves on the network for the last six months. These relays manipulated headers in ways that could de-anonymize traffic, possibly in connection with other attacks.
[...]
Last month, the Project claimed that the FBI paid over $1 million to Carnegie Mellon to break Tor. Their efforts appear to have been used to identify users, resulting in several arrests.
It's worth noting that all of these incidents that you mention dealt with Tor hidden services, the people who hosted them and the people who used them. They were not attacks on people using Tor as an anonymizing gateway to the open internet.
Here is clearly a case where government officials sat on a critical exploit for a popular web browser to use it for offensive purposes, putting the entire internet at risk in the meantime. In addition, the Tor Project configured the Bundle to allow JavaScript by default, a trade-off that makes the browser more usable (and arguably more anonymous, though I'm not convinced it reduces the TBB fingerprint surface very much) at the expense of security.
Yes, given that much of the web today is unusable without JavaScript, TBB makes some tradeoffs between privacy and usability. Note that for people with the dire privacy requirements that you imply, there's a security slider that includes a "high security" level in which JavaScript is disabled. That whole design requirements document is very illuminating as to exactly what TBB is doing different from Firefox and is worth a read for the curious.

I think it is important to keep in mind that the perfect is the enemy of the good here. Most of us do not have nation-state adversaries but would still prefer to avoid having all of our online activities logged and profiled, and Tor/TBB works just fine for that.
posted by indubitable at 1:54 PM on December 6, 2015 [5 favorites]


Maybe it's just one of those "well crap we're on vacation I guess we'll just go with it" things, but who on earth books an "apartment" that's basically just a portable in the middle of a busy pedestrian thoroughfare and doesn't think it at all suspicious?
Ooooh! OOhhh! I know this one! Actors, that's who.
Mozilla notes that it brought in some actors "for dramatic effect", but that the reactions were genuine
posted by PareidoliaticBoy at 2:21 PM on December 6, 2015 [3 favorites]


It's worth noting that all of these incidents that you mention dealt with Tor hidden services, the people who hosted them and the people who used them. They were not attacks on people using Tor as an anonymizing gateway to the open internet.

(fwiw, the second and third incidents are really the same one.) That's how they were used, to our knowledge, in this case, by these attackers. Hidden services are also a core part of Tor and are used for anonymous email, whistleblowing to the New Yorker, web search, and Facebook (irony alert!), among others (say, child porn and drugs). The attacks used here would be useful parts of efforts to de-anonymize people using Tor to access the open internet as well.

I think it is important to keep in mind that the perfect is the enemy of the good here. Most of us do not have nation-state adversaries but would still prefer to avoid having all of our online activities logged and profiled, and Tor/TBB works just fine for that.

Absolutely. There is no perfect and never will be. Tor has always acknowledged, to those who read up on it, that onion routing appears to have intractable vulnerabilities to nation-state adversaries. That said, the CMU attack does cause me to question just how tiny of a nation-sate you have to be to qualify now.

However, look at Tor's Who uses Tor page (drug dealers and child pornographers are not listed it appears). Reading through the list, a good number of the applications they cite do involve nation-state adversaries: people researching "sensitive topics" behind national firewalls; people who circumvent censorship; journalists of all sorts; activists and whisleblowers; security breach information clearinghouses; militaries; IT professionals; etc...

My point isn't that we should give up and stop trying, but rather that Tor users aren't getting nearly the level of security they thought they had. This is a problem when people rely on Tor to, say, post things online the Chinese Government doesn't approve of. Obviously improving security is always the goal, but managing users' expectations appropriately is important too.
posted by zachlipton at 2:35 PM on December 6, 2015 [1 favorite]


I can imagine the interviews they didn't use for this campaign...

"I feel used and exploited... Spied upon. Treated like someone's product!"

"So, I bet you're going to be careful of your online security and use Firefox in the future, eh?"

"What are you talking about? They're the ones who exploited me!"

posted by markkraft at 2:52 PM on December 6, 2015 [3 favorites]


« Older Sprawled Out On The Freezer Case Of Your Heart   |   Antique Molds Newer »


This thread has been archived and is closed to new comments