RetroShare over Tor

Feature requests for RetroShare

RetroShare over Tor

Postby user » Sat Nov 22, 2008 2:32 pm

Hi can you implement the Proxy Socket Configuration on Optons/Preferences?
So that users can use the ports of Tor onion routing?
That should work over tor?
user
 
Posts: 161
Joined: Mon Oct 27, 2008 7:21 pm

Re: RetroShare over Tor

Postby MarkReaves » Mon Nov 24, 2008 2:46 pm

I may be wrong, but I think implementing socks proxy support wouldn't be of any use. If I'm not mistaken, RetroShare wouldn't have a use for Tor.

On a side note, Tor isn't very secure...
MarkReaves
 
Posts: 10
Joined: Thu Nov 06, 2008 5:49 pm

Re: RetroShare over Tor

Postby defnax » Mon Nov 24, 2008 10:51 pm

Yes Tor is not realy secure .

Its bether make own anon Network with RetroShare.
User avatar
defnax
Site Admin
 
Posts: 446
Joined: Fri Oct 24, 2008 10:28 pm

Re: RetroShare over Tor

Postby mr_ » Fri Dec 05, 2008 1:22 am

Not talking about Tor: Proxy options would be useful for people forced to use a proxy to go online, therefore it's a good feature.

About Tor: Tor it's insecure, none of the anonymous users has been identified yet because of fault of the Tor network. Tor is serverbased, but decentralised while RetroShare is serverless. I don't need Tor myself but it could be useful for people who need/want to stay anonymous in RetroShare. Anyway, there are already products to chat over Tor.
mr_
 
Posts: 1
Joined: Fri Dec 05, 2008 1:15 am

Re: RetroShare over Tor

Postby cyberagorist » Wed Jun 27, 2012 2:57 pm

I'm new to RetroShare, so my impression about it may be quite wrong ...

But it seems to me that in comparison with Tor RetroShare is unsafe. Not? AFAIU, here my IP will be known.

Then, SSL allows for MITM attacks. I would not name this really safe.

Compare with Torchat. I can use it from everywhere. All I have to tell other people is my Torchat id. Of course, not a nice string, not easy to remember. But once it has been transferred, everything else works automatically, without any MITM attack danger. Nobody knows my IP address, it can change, nobody will even note it.

And about security - sorry, but Tor has already survived very serious practical security tests. There are, in particular, illegal activities, punishable in the US with arbitrary high sentences (distribution of child porn), which have survived over many years despite being known to US LEA. There are also the attempts of the Iran to censor Tor, with the result that Iran is on the second place in the world among Tor users.
cyberagorist
 
Posts: 5
Joined: Sat Jun 23, 2012 9:52 am

Re: RetroShare over Tor

Postby apoapo » Wed Jun 27, 2012 8:30 pm

AFAIK there is no known way to do a MITM with SSl while private certificates are still safe. TOR is a very different approach compared to RS. RS is f2f "friend to friend" TOR is more like p2p "peer2peer".

TOR has to hide direct IPs because you connect to everyone. RS connects only to friends you select.

One big advantage of RS:

-social control: users "control" there friends in a social way. If someone starts to share childporn he will most probably be blocked by his friends. I assume most people do not want to help distribute that kind of content

For me cp was the reason to leave Tor, stealthnet, because my bandwidth won't be used for this. I cannot control exactly what is sent over my line in RS either but i can carefully add friends.

I came to the conclusion that people watching each other seems to work out better. (Like in real life, you won't use another persons restaurant to distribute your flyer for illegal content, if you get me ;-) )

So we don't have a central controlling institution like states but circles of friends that "watch" each other. That sounds good to me.
apoapo
 
Posts: 189
Joined: Sun Jan 10, 2010 12:55 pm

Re: RetroShare over Tor

Postby cyberagorist » Sat Jun 30, 2012 4:14 pm

apoapo wrote:TOR has to hide direct IPs because you connect to everyone. RS connects only to friends you select.


But I would like to connect to other people, before I'm certain enough that they are friends worth to be selected. Because to decide about this, I have to communicate, and maybe even to cooperate, with them. So a network where I can connect only to friends is dangerous.

So, even if it makes sense to create f2f networks, they should allow me to preserve my pseudonymity.

-social control: users "control" there friends in a social way. If someone starts to share childporn he will most probably be blocked by his friends. I assume most people do not want to help distribute that kind of content

For me cp was the reason to leave Tor, stealthnet, because my bandwidth won't be used for this. I cannot control exactly what is sent over my line in RS either but i can carefully add friends.


I'm in favour of a world without censorship. For this, I'm ready to pay. The payment is that I have no way to prevent arbitrary communication between people I despise.

In Tor, anonymity increases if more people use the network - it becomes easier to hide your traffic. A form of cooperation between people who hate each other, say Nazis, pedophiles, and dissidents, but they share a common interest - their own anonymity.

So we don't have a central controlling institution like states but circles of friends that "watch" each other. That sounds good to me.

It is, of course, an advantage in comparison with state control.

Nonetheless, such a diffuse neighbourship control enforces only a general conformity to mainstream moral standards.
cyberagorist
 
Posts: 5
Joined: Sat Jun 23, 2012 9:52 am

Re: RetroShare over Tor

Postby waseihou » Sat Jun 30, 2012 6:02 pm

I don't see a reason why would anyone wanted to use retroshare through tor, because it is already hiding your ass by being connected only to friends.

Regarding filesharing, it MIGHT be better to not connect to your friend or even people in you country, it happened in my country that a guy had his home searched and computer seized because some other guy downloaded some video through DC++ (direct connect, it is still sometimes used in some places, mainly college networks) and then he burned it to many dvds and started selling them. When they caught him they asked him where he obtained the grabbed video and he told him about this guy. Many people thing that they can stand police interrogation, but actually fail even with stupid refusal to answer any question, so don't depend on them and rather share your music and series with gyus from other side of planet...

It might be a good idea to create RetroShare opennet mode, where anyone could simply with few clicks connect to any other as long as their IPs were not located in the same country. If someone wanted to download say a video from a someone who is in the same country, then this would be proxified through few other guys in different countries. One hop tunnel should be enough for some minimal anonymity and even plausible deniability.

Another important feature that should the application for filesharing have is an encryption of settings, mainly locations shared directories. That's because they serve as an evidence, but if the settings are encrypted then forensic analysis is more difficult. Because of that, all the setting should be encrypted (and also somehow protected from damage by redundancy). For example in cache directory there is a list of all the series I have shared with retroshare and their hashes - that information should not be there, because if caught it could be used as an evidence of copyright infirgement and that is punishable up to five year in my country (they usually give suspended sentence to the offender, but the fact that he was found guilty is the main evidence in civil lawsuit with our local variant of RIAA, every year a few guys are arrested).

It would be nice to check ways which could be used to obtain forensic information and make it impossible or difficult to obtain them. Also it would be nice to have two passwords like in truecrypt - one real and another fake that would show only account sharing innocent things like family photos. Or make it that all user specific data are stored in truecrypt file and when the password is entered then decrypt it with that. It's not difficult to have like that right now, but people would have to enter password twice - once for truecrypt partition and once for retroshare (but it can remember password, also a solution). But it would be better if the application had those security features build in, because if the police know that it will be difficult to obtain evidence then they might not bother with getting search warrant in case of minor offences like illegal filesharing.
waseihou
 
Posts: 20
Joined: Thu Jun 28, 2012 2:27 pm

Re: RetroShare over Tor

Postby Veizar » Sat Jun 30, 2012 10:18 pm

But I would like to connect to other people, before I'm certain enough that they are friends worth to be selected. Because to decide about this, I have to communicate, and maybe even to cooperate, with them. So a network where I can connect only to friends is dangerous.

So, even if it makes sense to create f2f networks, they should allow me to preserve my pseudonymity.


I'm all in favor of screen names and pseudonyms.
The beauty of Retroshare's design is that if you are creating your own private social network and if you wish to include people you hate, go ahead.
...If you want to include government or censorship officials, go ahead.

I will have my own social network with my own small group of friends and we won't be a part of any of that.

I understand that you want to meet people and co-mingle but it's dangerous. And if you know someone who lives under an oppressive regime, by having no standards as to who can join your network, you are putting those friends in danger.

I was thinking that creating groups and clubs, separate from the person's main social network based on certain categorical criteria and a searchable database of them would be an interesting idea for finding new people to talk to however, again even that is risky.
Veizar
 
Posts: 8
Joined: Fri Jun 15, 2012 5:41 pm

Re: RetroShare over Tor

Postby cyberagorist » Sun Jul 01, 2012 10:07 am

@ Veizar, waseihou

Sorry, but I don't understand your points.

Even if I have a good friend, it may happen that his home is searched, and, then, the police learns about the connection with me. And, moreover, there is the danger of undercover cops or journalists. A connection through Tor is a good safety measure against these possibilities.

Moreover, what's the problem? Allowing connections through Tor is an important additional possibility, not an obligation. And you can, by the way, decide for yourself to accept as friends only those with open IP addresses. That's your choice.

But I personally know somebody who refuses to connect to other people except through Tor. And I would nonetheless like to add him as a friend into my personal f2f network. That's impossible today - he would not participate in the actual situation, without a possibility to connect through Tor.

And if you know someone who lives under an oppressive regime, by having no standards as to who can join your network, you are putting those friends in danger.

Yep, but if he connects with me through Tor only, there no longer is such a danger.

and if you wish to include people you hate, go ahead.
...If you want to include government or censorship officials, go ahead.

I don't want that. But I want to be able to include somebody else without much certainty that he is a real friend. Because communicating with him is a way to learn more about him. If I start to hate him after this, or start to suspect that he is a cop, I can simply interrupt the connection. And in this case it is quite helpful if the connection with him was only through Tor.
cyberagorist
 
Posts: 5
Joined: Sat Jun 23, 2012 9:52 am

Next

Return to Feature Requests

Who is online

Users browsing this forum: No registered users and 1 guest

cron