tor 匿名访问_Tor:匿名者变得更好或更糟

tor 匿名访问

为什么要使用Tor? (Why use Tor?)

Transport Layer Security (TLS) already provides privacy by encrypting the data sent over a connection between a client and a server. An eavesdropper on the wire will not be able to read the data sent from your machine if the data is sent over a connection that uses TLS. Is this always enough?

传输层安全性 (TLS)已通过对通过客户端和服务器之间的连接发送的数据进行加密来提供隐私 。 如果数据通过使用TLS的连接发送,则网络上的窃听者将无法读取从您的计算机发送的数据。 这总是足够吗?

Imagine you are trying to access a website that is banned in your country. You could potentially face time in prison for accessing these websites. It is not enough that the messages to the web server of the website are encrypted; you need to prevent any entity monitoring your network such as the Government or an ISP from seeing which servers your machine visits. What you desire is anonymity. Sometimes, you might want anonymity when privacy is not necessary. For example, a user might want to be anonymous from the web server of the site that they are visiting. In particular, they may want to prevent their search engine from creating a personalized profile of their search history which can be sold to advertisers. However, they might not care if the search requests themselves are private.

想象您正在尝试访问您所在国家/地区禁止的网站。 您可能会因为访问这些网站而面临入狱时间。 加密发送到网站的Web服务器的消息还不够。 您需要防止任何监视您的网络的实体(例如政府或ISP)看到您的计算机访问了哪些服务器。 你想要的是匿名 有时,当不需要隐私时,您可能希望匿名。 例如,用户可能想从他们正在访问的站点的Web服务器中匿名。 特别是,他们可能希望阻止其搜索引擎创建其搜索历史的个性化配置文件,然后将其出售给广告商。 但是,他们可能不在乎搜索请求本身是否是私有的。

Would a Virtual Private Network (VPN) or a proxy server be enough to ensure anonymity? While these services do provide partial anonymity to their users from eavesdroppers and destination servers, the VPN or Proxy provider can still track the users’ traffic history. In other words, VPNs and Proxies provide limited anonymity against government entities since the VPN/Proxy provider can be subpoenaed into providing identities and IP addresses. Additionally, an attacker could compromise the VPN and leak its customer logs. Ultimately, Tor seeks to address these concerns by providing anonymity to its users without having to trust any centralized provider or authority.

虚拟专用网 (VPN)或代理服务器是否足以确保匿名? 尽管这些服务确实从窃听者和目标服务器向其用户提供了部分匿名性,但VPN或代理提供程序仍可以跟踪用户的流量历史记录。 换句话说,VPN和代理对政府实体的匿名性受到限制,因为VPN /代理提供商可以被传唤提供身份和IP地址。 此外,攻击者可能会破坏VPN并泄漏其客户日志。 最终,Tor寻求通过向用户提供匿名性来解决这些问题,而不必信任任何集中的提供者或授权。

Tor到底是什么? (What exactly is Tor?)

Tor is an open source software project originally developed by the U.S. Navy to provide anonymous communication on the Internet. Tor is composed of an overlay network of volunteer relay nodes that implement the onion routing protocol, which uses multiple layers of encryption to conceal the origin of network requests. In this blog post, we will explain the mechanics of the onion routing network in detail, and discuss some attacks that have been performed to try and de-anonymize Tor users.

Tor是最初由美国海军开发的开放源代码软件项目,旨在在Internet上提供匿名通信。 Tor由自愿中继节点的覆盖网络组成,该网络实施洋葱路由协议 ,该协议使用多层加密来隐藏网络请求的来源。 在此博客文章中,我们将详细解释洋葱路由网络的机制,并讨论为尝试使Tor用户匿名而进行的一些攻击。

Tor如何工作? (How does Tor work?)

Onions have layers. ̶O̶r̶g̶r̶e̶s̶ Tor packets have layers.” — Shrek

洋葱有一层。Tor数据包具有层 。” —史瑞克

Suppose a user named Alice wants to communicate anonymously with her friend, Bob. To connect to this Tor network, Alice must download a Tor client, such as the Tor browser. Alice’s Tor client sends a request to a Tor Directory Server to get a unique circuit ID and the addresses of at least three Tor nodes. These Tor relay nodes will be used to form a circuit between the Tor client to the destination server. Before sending the packets, Alice’s Tor client has to encrypt the packets in a special way to protect her machine’s anonymity.

假设名为Alice的用户希望与她的朋友Bob进行匿名通信。 要连接到该Tor网络,Alice必须下载一个Tor客户端,例如Tor浏览器。 爱丽丝的Tor客户端向Tor目录服务器发送请求,以获取唯一的电路ID和至少三个Tor节点的地址。 这些Tor中继节点将用于在Tor客户端与目标服务器之间形成电路。 在发送数据包之前,Alice的Tor客户端必须以一种特殊的方式对数据包进行加密,以保护其计算机的匿名性。

How does a Tor client encrypt the packets?

Tor客户端如何加密数据包?

Using the Diffie-Hellman key exchange, Alice’s Tor client exchanges public encryption keys with each of the relay nodes in the circuit. After its name, “The Onion Router,” the Tor client will encrypt the data in successive layers like an onion starting with the innermost layer.

使用Diffie-Hellman密钥交换,Alice的Tor客户端与电路中的每个中继节点交换公共加密密钥 。 以其名称“洋葱路由器”命名,Tor客户端将在连续的层中对数据进行加密,就像从最内层开始的洋葱一样。

Starting at the innermost layer, Alice updates the packet’s header with the exit relay as the source address and Bob as the destination address, and then encrypts the packet. For the next layer, Alice sets the packet’s payload to the previous layer. Alice updates the packet’s header with the middle relay as the source and the exit relay as the destination, and then encrypts the entire packet with the blue key.

从最内层开始,Alice使用出口中继作为源地址并使用Bob作为目标地址来更新数据包的标头,然后对数据包进行加密。 对于下一层,Alice将数据包的有效负载设置为上一层。 爱丽丝使用中间中继作为源,使用出口中继作为目的地来更新数据包的报头,然后使用蓝色密钥对整个数据包进行加密。

For the next two layers, Alice’s Tor client will continue this process in updating the packet header and payload. At each layer, Alice will encrypt the resulting packet with the destination relay node’s public encryption key. The resulting encrypted packet would be like Figure 2. It should be noted that each relay node can only decrypt its own layer, because Alice uses the particular node’s encryption key at that node’s layer.

对于接下来的两层,Alice的Tor客户端将继续此过程,以更新数据包头和有效负载。 在每一层,Alice将使用目标中继节点的公共加密密钥对结果包进行加密。 生成的加密数据包将类似于图2。应该注意,每个中继节点只能解密自己的层,因为Alice在该节点的层使用特定节点的加密密钥。

Image for post
Fig 2. This diagram represents a packet encrypted by Alice in layers, starting from white to red. Each layer contains the corresponding source-destination pairs of the packet header. 图2.此图表示由Alice加密的数据包,从白到红依次分层。 每一层都包含数据包头的相应源-目的地对。

How does the Tor client send packets?

Tor客户端如何发送数据包?

After encrypting the packet in multiple layers, Alice’s Tor client sends the packet to the entry guard which is the first relay node in the circuit. The entry guard decrypts the outermost layer, because they have the red key. By reading the packet headers, the entry guard forwards the packet to the middle relay. For that circuit ID, the entry guard records that it receives packets from Alice and sends packets to the middle relay.

在对数据包进行多层加密之后,Alice的Tor客户端将数据包发送到条目保护 ,后者是电路中的第一个中继节点。 进入保护区解密最外层,因为它们具有红色密钥。 通过读取数据包头,条目保护将数据包转发到中间中继。 对于该电路ID,入口防护记录其接收到来自Alice的数据包并将数据包发送到中间中继的情况。

Similarly, the middle relay decrypts the next outermost layer with the green key and finds that the destination is the exit relay, to which it forwards the packet. Finally, the exit relay decrypts the next layer with the blue key and forwards the unencrypted (at the Tor protocol level) packet to the destination server.

同样,中间中继使用绿色密钥解密下一个最外层,并发现目的地是出口中继,它将数据包转发到该出口中继。 最后,出口中继使用蓝色密钥解密下一层,并将未加密的(在Tor协议级别上)数据包转发到目标服务器。

How does the server send a packet response?

服务器如何发送数据包响应?

After the server receives a packet, it will likely need to send a response back. The server only knows that the packet came from the exit relay, so it sends the packet to the exit relay. When the exit relay receives the packet, it searches it’s local records for the circuit ID corresponding to the source of the request (Bob) and port number (multiple users may be communicating to Bob via that exit relay). The exit relay discovers that it should forward the packet to the middle relay based off the circuit ID. In the packet header, the exit relay sets the source IP address and TCP port to the exit relay and sets the destination to the middle relay. The exit relay sets the packet payload to its received packet and encrypts the payload with the Tor client’s public encryption key.

服务器收到数据包后,可能需要将响应发送回去。 服务器仅知道数据包来自出口中继,因此它将数据包发送到出口中继。 当出口中继接收到数据包时,它将在本地记录中搜索与请求源(Bob)和端口号相对应的电路ID(可能有多个用户正在通过该出口中继与Bob通信)。 出口中继发现它应根据电路ID将数据包转发到中间中继。 在数据包头中,出口中继将源IP地址和TCP端口设置为出口中继,并将目的地设置为中间中继。 出口中继将数据包有效负载设置为其接收的数据包,并使用Tor客户端的公共加密密钥对有效负载进行加密。

Both the middle relay and entry guard repeat this procedure of discovering who to forward the packet to, encrypting the payload, updating the packet header, and forwarding it. When Alice’s Tor client receives the packet, it’s encrypted with all three layers. Since Alice has the private decryption key corresponding to the public encryption key that the relay nodes used, she can unwrap all the packet layers to read Bob’s response.

中间中继和入口防护都重复此过程,以发现将数据包转发给谁,加密有效负载,更新数据包头并转发。 当爱丽丝(Alice)的Tor客户端收到数据包时,将使用所有三层加密数据包。 由于Alice具有与中继节点使用的公共加密密钥相对应的私有解密密钥,因此她可以解包所有数据包层以读取Bob的响应。

How can Tor be used to create a hidden service?

Tor如何用于创建隐藏服务?

For most of the Tor network, an eavesdropper would retrieve only encrypted packets. If an eavesdropper sniffs between the exit relay and the destination server, they would know that someone is trying to access that destination server using Tor. To mitigate this vulnerability, Tor introduced hidden services, which are destination servers existing entirely within the Tor network. Only Tor clients can access these hidden services, otherwise known as the “dark web”.

对于大多数Tor网络,窃听者只会检索加密的数据包。 如果窃听者在出口中继和目标服务器之间进行嗅探,他们将知道有人正在尝试使用Tor来访问该目标服务器。 为了缓解此漏洞,Tor引入了隐藏服务,这些服务是完全存在于Tor网络中的目标服务器。 只有Tor客户端可以访问这些隐藏服务,也称为“暗网”。

If an eavesdropper sniffs a packet going to a hidden service, they would not know the packet’s actual source and destination regardless of where they sniff the packet. These hidden services operate at the URLs ending with “.onion”. For example, Facebook’s public key, facebookcorewwwi, corresponds to https://facebookcorewwwi.onion/. Usually, these public keys are a nonsensical string of 16 random characters. Open source tools, like Shallot and Scallion, can generate keys starting with a certain prefix in a similar manner as Tor. Facebook used this approach to generate their vanity URL.

如果窃听者嗅探到隐藏服务的数据包,则无论他们在何处嗅探数据包,他们都不会知道该数据包的实际源和目的地。 这些隐藏服务在以“ .onion”结尾的URL上运行。 例如,Facebook的公共密钥facebookcorewwwi对应于https://facebookcorewwwi.onion/ 。 通常,这些公钥是16个随机字符的荒谬字符串。 诸如Shallot和Scallion之类的开源工具可以以与Tor类似的方式生成以某个前缀开头的密钥。 Facebook使用这种方法来生成其虚荣网址。

How do Tor clients find a hidden server?

Tor客户端如何找到隐藏的服务器?

Suppose Bob is a hidden server in the Tor network. Alice needs to be able to find Bob somehow, so Bob chooses three Tor nodes as introduction points. Bob establishes Tor circuits to each of these introduction points. Since these Tor circuits consist of three intermediary Tor nodes, eavesdroppers cannot determine that Bob is communicating with his introductory points.

假设Bob是Tor网络中的隐藏服务器。 爱丽丝必须能够以某种方式找到鲍勃,因此鲍勃选择了三个Tor节点作为引入点。 鲍勃为每个引入点建立了Tor电路。 由于这些Tor电路由三个中间的Tor节点组成,因此窃听者无法确定Bob正在与其介绍点进行通信。

tor 匿名访问_Tor:匿名者变得更好或更糟_第1张图片
Fig 3. Bob is a hidden service, so he establishes Tor circuits with 3 introduction points. Alice can retrieve these three introduction points from the database using Bob’s public key. 图3. Bob是一个隐藏的服务,因此他通过3个引入点建立了Tor电路。 爱丽丝可以使用鲍勃的公钥从数据库中检索这三个介绍点。

For Alice to find Bob, she needs to find an introduction point. Bob stores the IP addresses of these introduction points along with his public key into a distributed database. Bob may advertise his public key online, and Alice would use Bob’s public key to retrieve his introduction points from the database.

为了让Alice找到Bob,她需要找到一个介绍点。 鲍勃将这些介绍点的IP地址及其公共密钥存储在分布式数据库中。 鲍勃可以在线公布其公钥,爱丽丝可以使用鲍勃的公钥从数据库中检索他的介绍点。

How do Tor clients connect with the hidden server?

Tor客户端如何与隐藏服务器连接?

tor 匿名访问_Tor:匿名者变得更好或更糟_第2张图片
Fig 4. Alice establishes a circuit with a randomly chosen rendezvous point and shares a secret with this rendezvous point. 图4.爱丽丝用随机选择的集合点建立电路,并与该集合点共享秘密。

If everyone communicates with Bob over his introduction points, these introduction points would be overwhelmed with way too much traffic. Instead, Alice must establish a rendezvous point to meet with Bob. Alice randomly chooses a Tor node and asks it to act as a rendezvous point. In this request, Alice shares a one-time secret with the rendezvous point. To send this request, Alice forms a circuit to this rendezvous point with two intermediary Tor nodes, with the rendezvous point eventually forming the third intermediary Tor node.

如果每个人都在Bob的介绍点上与Bob进行交流,那么这些介绍点将被太多的流量所淹没。 相反,爱丽丝必须建立一个集合点与鲍勃会面。 爱丽丝随机选择一个Tor节点,并要求其充当集合点。 在此请求中,爱丽丝与集合点共享一次性秘密。 为了发送此请求,爱丽丝与两个中间Tor节点组成一个到该集合点的电路,该集合点最终形成了第三个中间Tor节点。

tor 匿名访问_Tor:匿名者变得更好或更糟_第3张图片
Fig 5. Alice sends an 图5.爱丽丝向引入点IP1发送 “introduce” message to the introduction point, IP1. IP1 forwards the message to Bob along with Alice’s secret and the rendezvous point. “引入”消息。 IP1将消息以及爱丽丝的秘密和会合点转发给鲍勃。

Once this rendezvous point has been established, Alice asks the introduction point to introduce her to Bob. Alice forms an “introduce” message, which includes the rendezvous point and the shared secret. She then encrypts the message using Bob’s public key. She sends the message to the introduction point over a circuit, and the introduction point forwards the message to Bob over another circuit.

一旦确定了这个集合点,爱丽丝便要求介绍点将她介绍给鲍勃。 爱丽丝形成“ 介绍”消息,其中包括集合点和共享机密。 然后,她使用Bob的公钥对消息加密。 她通过一条电路将消息发送到引入点,然后引入点通过另一条电路将该消息转发给Bob。

tor 匿名访问_Tor:匿名者变得更好或更糟_第4张图片
Fig 6. Bob establishes a Tor circuit with the rendezvous point with Alice’s secret. The rendezvous point matches Alice’s circuit with Bob’s circuit, because they share the same secret. 图6. Bob用爱丽丝的秘密在会合点建立了一个Tor电路。 集合点使爱丽丝的电路与鲍勃的电路相匹配,因为它们共享相同的秘密。

Only Bob can decrypt Alice’s message to discover where the rendezvous point is. Bob sends a message with the shared secret back to the rendezvous point. Since the rendezvous point received the same shared secret from Alice’s circuit and from Bob’s circuit, the rendezvous point establishes a connection between Alice’s circuit and Bob’s circuit. The connected circuit contains 6 intermediate Tor nodes: Two Tor nodes chosen by Alice; the rendezvous point; three Tor nodes chosen by Bob. This circuit between Alice and Bob’s hidden service is twice as long as a traditional Tor circuit. In exchange for this delay, Alice and Bob can communicate without anyone knowing where the packets originated from or are heading to.

只有Bob可以解密Alice的消息才能发现集合点在哪里。 鲍勃将带有共享机密的消息发送回集合点。 由于集合点从Alice的电路和Bob的电路接收到相同的共享机密,因此该集合点在Alice的电路和Bob的电路之间建立了连接。 连接的电路包含6个中间Tor节点:Alice选择了两个Tor节点; 集合点; Bob选择了三个Tor节点。 爱丽丝和鲍勃的隐藏服务之间的电路是传统Tor电路的两倍。 作为这种延迟的交换,Alice和Bob可以进行通信,而无需任何人知道数据包的来源或去向。

Tor安全漏洞 (Tor Security Vulnerabilities)

Exit Node Sniffing

退出节点嗅探

Tor users are only as anonymous as the application level protocols that they send data over. Some application protocols, such as POP3, SMTP, and basic HTTP, are not secure. If an eavesdropper sniffs packets between the exit node and the destination server, they won’t know the original source address of the packet, but they will be able to read the packet message. If the message is in plaintext, it may contain some identifying information, such as an email address or username.

Tor用户仅与他们通过其发送数据的应用程序级别协议一样匿名。 某些应用程序协议(例如POP3,SMTP和基本HTTP)不安全。 如果窃听者在出口节点和目标服务器之间嗅探数据包,他们将不知道该数据包的原始源地址,但是他们将能够读取该数据包消息。 如果消息为纯文本形式,则可能包含一些标识信息,例如电子邮件地址或用户名。

The exit node itself might be untrustworthy. For example, researcher Dan Egerstad set up a Tor exit node and began to sniff all data going through his exit node. Soon, Egerstad began to pick up a lot of traffic coming from foreign embassies which had been using Tor to hide their sensitive diplomatic information from their host countries’ Internet networks. Unfortunately for these embassies, many employees were using unencrypted application protocols, allowing Egerstad to read their messages in plain text, giving him access to hundreds of diplomatic emails and passwords. This incident clearly highlights the fact that Tor’s encryption is only for anonymity, but does not guarantee that the data sent will be kept private.

出口节点本身可能是不可信的。 例如,研究人员Dan Egerstad建立了一个Tor出口节点,并开始嗅探通过其出口节点的所有数据。 很快,埃格斯塔德开始吸收来自外国大使馆的大量流量,这些外国大使馆一直在使用Tor来从其所在国的互联网网络中隐藏其敏感的外交信息。 不幸的是,对于这些使馆,许多员工使用的是未加密的应用程序协议,允许Egerstad以纯文本格式阅读其消息,从而使他可以访问数百封外交电子邮件和密码。 此事件清楚地表明了Tor的加密仅用于匿名性的事实,但不能保证发送的数据将被保密。

Protocol/Side Channel Leaks

协议/侧通道泄漏

If users are not careful, not all traffic will go through the Tor proxy. For example, a browser might be incorrectly configured to only route HTTP traffic through a Tor proxy. In this case, when you visit a website, the browser will make a DNS request directly to a DNS server to get the website’s destination IP address. Afterwards, the browser will route all HTTP traffic between your machine and the web server through Tor’s darknet. This would leak which websites you’re visiting to the DNS provider, but not which requests you send/receive from that web server. A possible mitigation to such a leak is enabling your firewall to block port 53 which is used for making DNS requests, or using Tor only with the Tor Project’s official browser.

如果用户不小心,并非所有流量都会通过Tor代理。 例如,浏览器可能被错误地配置为仅通过Tor代理路由HTTP通信。 在这种情况下,当您访问网站时,浏览器将直接向DNS服务器发出DNS请求以获取网站的目标IP地址。 之后,浏览器将通过Tor的darknet在您的计算机和Web服务器之间路由所有HTTP通信。 这会将您正在访问的网站泄漏给DNS提供商,但不会泄漏您从该Web服务器发送/接收的请求。 缓解这种泄漏的一种可能方法是使您的防火墙阻止用于发出DNS请求的端口53,或者仅在Tor Project的官方浏览器中使用Tor。

Traffic Analysis

流量分析

Suppose an eavesdropper can monitor the traffic between your Tor client and the guard node and between the exit node and the destination server. They may be able to match patterns in the incoming and outgoing traffic to determine that your client is communicating with the destination server. Certain patterns that the eavesdropper can observe include the timing of when packets are sent from your client and received by the server, and the volume of packets sent and received.

假设一个窃听者可以监视Tor客户端与保护节点之间以及出口节点与目标服务器之间的通信。 他们可能能够匹配传入和传出流量中的模式,以确定您的客户端正在与目标服务器进行通信。 窃听者可以观察到的某些模式包括从客户端发送数据包并由服务器接收数据包的时间安排以及发送和接收的数据包量。

In 2013, a bomb threat email was sent anonymously using Guerrilla Mail to Harvard University, leading to a massive evacuation of the school. The threat turned out to be a hoax, and investigators began to look for the sender of the email. It turned out that the email request to Guerrilla Mail was sent from a Tor exit node. Using traffic analysis of Harvard’s monitored campus network, it was discovered that at the time the bomb hoax email was sent, the only user communicating with a Tor directory was Eldo Kim. When authorities went to Eldo, he confessed to being behind the hoax.

2013年,炸弹威胁电子邮件使用游击队邮件匿名发送给了哈佛大学,导致该校大规模撤离。 威胁原来是骗局,调查人员开始寻找电子邮件的发件人。 原来,发给游击队邮件的电子邮件请求是从Tor出口节点发送的。 通过对哈佛大学监控的校园网络的流量分析,发现在发送炸弹骗局电子邮件时,与Tor目录通信的唯一用户是Eldo Kim。 当当局去埃尔多时,他承认自己是骗局的幕后黑手。

One way of mitigating such a traffic analysis attack would’ve been to use a busy public network, where the Tor user would have a short-lived IP address that would be harder to trace back to the user in real life. Another mitigation strategy would be to use a Tor bridge. Because Tor relays are publicly listed in the main Tor directory, an eavesdropper can see who within a network has been connecting to Tor. However, Tor bridges are special relays that are not publicly listed. Bridges must be requested from the Tor project and are only given out three at a time, preventing a malicious entity from finding out all the bridges available at a given time. Using a bridge helps obscure the fact that you are using Tor from eavesdroppers and can also circumvent Tor censorship by ISPs or governments.

缓解这种流量分析攻击的一种方法是使用繁忙的公共网络,在该网络中,Tor用户将拥有一个短暂的IP地址,在现实生活中将很难追溯到该用户。 另一个缓解策略是使用Tor桥 。 由于Tor中继已在Tor主目录中公开列出,因此窃听者可以看到网络中谁已连接到Tor。 但是,Tor桥是未公开列出的特殊继电器。 必须从Tor项目中请求网桥,并且一次只能分配三个网桥,以防止恶意实体找出给定时间可用的所有网桥。 使用网桥有助于掩盖您正在通过窃听者使用Tor的事实,并且还可以绕过ISP或政府对Tor的审查。

结论 (Conclusion)

Although Tor has been used to hide the activity of many questionable users such as drug traffickers and hackers, it must not be forgotten that Internet anonymity is essential in protecting our liberty. From journalists, to oppressed political dissidents, to just regular users who don’t want to be profiled by increasingly invasive Internet advertisers, anonymity is a must. We have seen how Tor provides this anonymity through a decentralized network of volunteer nodes which use Onion Routing. However, it should be noted that additional precautions should be taken by Tor users to avoid the several vulnerabilities that we mentioned above, especially if trying to remain anonymous against an extremely powerful eavesdropper such as a government entity.

尽管Tor已被用来隐藏许多可疑用户的活动,例如毒品贩子和黑客,但不可忘记的是,互联网匿名对于保护我们的自由至关重要。 从新闻记者到被压迫的政治持不同政见者,再到不想被越来越多的侵入性互联网广告客户关注的普通用户,匿名都是必须的。 我们已经看到Tor如何通过使用洋葱路由的志愿者节点的分散网络来提供这种匿名性。 但是,应该注意的是,Tor用户应采取额外的预防措施,以避免我们上面提到的几个漏洞,尤其是在试图对诸如政府实体之类的功能强大的窃听者保持匿名的情况下。

In the end, we hope all those intending to use Tor remember: “With great ̶p̶o̶w̶e̶r̶ anonymity comes great responsibility.”

最后,我们希望所有打算使用Tor的人都记住:“ 匿名带来了极大的责任。”

[1] “The Tor Project: Privacy & Freedom Online.” Tor Project | Anonymity Online, www.torproject.org/.

[1]“ Tor项目:在线隐私与自由”。 Tor项目| 匿名在线 , www.torproject.org / 。

[2] “Tor Hidden Services — Computerphile”. YouTube, Uploaded by Computerphile, 9 June 2017. https://www.youtube.com/watch?v=lVcbq_a5N9I

[2]“ Tor隐藏服务-Computerphile”。 YouTube ,由Computerphile上传,2017年6月9日。https://www.youtube.com/watch?v=lVcbq_a5N9I

[3] “How Tor Works (The Onion Router)”. YouTube, Uploaded by Hussein Nasser, 29 Nov 2017. https://www.youtube.com/watch?v=gIkzx7-s2RU

[3]“ Tor的工作原理(洋葱路由器)”。 YouTube ,由侯赛因·纳赛尔(Hussein Nasser)上传,2017年11月29日。https://www.youtube.com/watch?v= gIkzx7- s2RU

[4] “Tor: Onion Service Protocol”, 2019.www.torproject.org/docs/onion-services. http://2019.www.torproject.org/docs/onion-services

[4] “ Tor:洋葱服务协议” , 2019年。www.torproject.org/ docs / onion-services 。 http://2019.www.torproject.org/docs/onion-services

[5] Gray, Patrick. “Embassy Hacker’ Dan Egerstad and the Tor Network.” ComputerWeekly.com, ComputerWeekly.com, 3 Dec. 2007, www.computerweekly.com/news/2240022106/Embassy-hacker-Dan-Egerstad-and-the-Tor-network.

[5]格雷,帕特里克。 “大使馆黑客的Dan Egerstad和Tor网络。” ComputerWeekly.com ,ComputerWeekly.com,2007年12月3日, www.computerweekly.com / news / 2240022106 / Embassy-hacker-Dan-Egerstad-and-the-Tor-network 。

[6] Dingledine, Roger, et al. “Tor: The Second-Generation Onion Router.” Jan. 2004, doi:10.21236/ada465464.

[6] Dingledine,Roger等。 “ Tor:第二代洋葱路由器。” 2004年1月,doi:10.21236 / ada465464。

[7] Thomson, Iain. “Dark Web Doesn’t Exist, Says Tor’s Dingledine. And Folks Use Network for Privacy, Not Crime.” • The Register, The Register, 11 Feb. 2018, www.theregister.co.uk/2017/07/29/tor_dark_web/.

[7]汤姆森,伊恩。 Tor的Dingledine说:“暗网不存在。 人们将网络用于隐私而非犯罪。” •The Register ,The Register,2018年2月11日, www.theregister.co.uk / 2017/07/29 / tor_dark_web / 。

[8] “Onion Routing — Computerphile”. YouTube, Uploaded by Computerphile, 31 May 2017. https://www.youtube.com/watch?v=QRYzre4bf7I

[8]“洋葱路由-计算机爱好者”。 YouTube ,由Computerphile上传,2017年5月31日。https://www.youtube.com/watch?v=QRYzre4bf7I

[9] “[Tor-Talk] Facebook Brute Forcing Hidden Services”. Lists.Torproject.Org, 2020, https://lists.torproject.org/pipermail/tor-talk/2014-October/035413.html.

[9]“ [Tor-Talk] Facebook暴力强制隐藏服务”。 Lists.Torproject.Org ,2020年, https: //lists.torproject.org/pipermail/tor-talk/2014-October/035413.html

翻译自: https://medium.com/systems-and-network-security/tor-anonymity-for-better-or-for-worse-d8407b1d9287

tor 匿名访问

你可能感兴趣的:(python,java,人工智能,leetcode)