It seems as though my rant on cryptography has struck a nerve. I got a lot of good feedback and have had the opportunity to have some really great conversations as a result, which is a by-product I wasn’t expecting from starting this blog.
One of the more interesting conversations was with a long time friend, we’ll call him Jake, for the sake of anonymity. Many people have many different reasons for their interest in cryptography. I wasn’t aware at the time, but the person asking about VPNs that spurred the tutorial on TunnelBear VPN was asking because of security. They’d been hacked on various platforms and wanted to make sure that never happened again. Jake was coming at the problem from a different, and in my opinion, interesting perspective. One of the most fascinating aspects of cryptography.
Jake was asking which VPN I use, and I said something along the lines of “I don’t use one, I host a tor relay node”. Which resulted in a whole host of questions, many of which I’m sure you’re also wondering. Some of you may be familiar with tor, and it’s quite possible a lot of you have used tor in the past. It also may be that you used tor, it was slow as hell, and you vowed never to use it again. Once again, I’ve elected to split this post into two, one for a tutorial explaining how to set up a tor node, and another deep dive into the details of how tor works, and why everyone should host a tor node. This post will be the deep dive, and in my opinion is the more interesting of the two.
Jake’s interest in cryptography was: what happens when the government decides to shut off the internet in a country, and does cryptography have the power to circumvent this? In fact it does. Tor doesn’t solve this problem (although it does solve the government firewall problem), but Firechat does. If there is interest, I’d be happy to dive further into Firechat in another post and how it’s empowering revolutionaries to get data outside a country after the internet is completely shut down. The general idea that ties both technologies is this. The more people using them, the more robust and faster they become, as we’ll see in this “case study” of tor.
What Is Tor?
I thought for a second about writing a big long explanation of tor, and how it works. I’d much prefer to link to information whenever necessary in this blog. The reason is two fold. First, if you can get the information straight from the horses mouth, this makes the information more “pure”. I don’t want us to play telephone, and the developers of tor say, “tor rocks” out the other end pops “tea socks” from me. Secondly, the majority of this information exists all over on the internet, and rather than adding to the glut of data for a few extra clicks, I view myself more as a filter or conduit to the information. Of course, it’s also just more efficient.
So, without further ado:
This is what tor is straight from the tor project themselves. Read it. If you have any questions, do not hesitate to get in touch, sjkelleyjr.com, @sjkelleyjr.
The TLDR version is, tor is a network running under the existing internet. A subset of the internet. This subset is sometimes called the deep web, a term that’s been loaded with political connotations thanks to politicians and the media. If you read the torproject link, you now understand how the dark web works. See? not so scary. This explanation of the deep web, and the difference between the deep web and the dark web is also pretty good.
The majority of tor users aren’t using tor to access the deeb web. As a user of tor, I can say, the deep web is more of a by product of tor’s engineering goals. The goal is to allow for untraceable web surfing (remember that haystack thing we talked about?), and to allow for this, you have to allow for deep web content to also be accessible on your network.
One way to think of it is. The internet is an infrastructure that’s owned by telecom companies. We’re all using their computers to route our packets, and we pay for that, and we also have not had much say in what’s happening on those computers historically. Tor is an internet that is owned by people like you and I hosting nodes, rather than telecom companies.
Why Host a Node?
Let’s finally cut to the chase. The whole reason for this blog post is to convince you to host your own tor node, and then make it easy for you to do so.
Remember above when I pointed out some users of tor may have opened it, it was slow as hell, and they closed it and never opened it again? The reason it was so slow was the lack of nodes on the tor network. If you look back on the torproject explanation of what tor is, you’ll see a grid of 9 computers in the image. Those are the tor nodes. They’re letting the tor network use their computer to route packets from Alice’s computer to Jane or Bob’s.
Let’s say 500 million people are trying to use the tor network (but aren’t hosting nodes), they’re the Alice’s. If you’ve ever torrented, they’re the leechers. Let’s also say there’s only 1 computer hosting a node. See a problem here? If 500 million people are all trying to route traffic through 1 computer, that computer is not going to be able to keep up at all. Not only that, if anyone wanted to trace anyone’s traffic, they would simply go to that 1 computer and look at all the packets coming in, and all the packets going out. A tor network of 1 computer is useless. It’s essentially your home router.
Now, let’s say that everyone using the tor network is also hosting a tor node. 500 million people are using the network, but also contributing their bandwidth to the network. In this way packets can choose 500 million different computers to use to get from Alice to Bob rather than just the 1, greatly reducing the load on each of the 500 million computers, and making it impossible to trace traffic through any route in the network.
So you see. The tor network is only as fast as the number of nodes in the network. If you used tor, and never hosted a node, you’re a leecher, and really, you can’t be surprised, or annoyed at speed or robustness of the network, as you’re the reason for that slowness.
But the reason for hosting a node is even deeper than that. Yeah, you want to torrent and you’re annoyed that your ISP is throttling that, or even blocking you from doing so, I get it. But what if your government was murdering the children of it’s dissidents? And what if that government also had a stranglehold on the internet in your country? and what if they decided it was time to cut off access to the outside world? What if you wanted the rest of the world to know about these murders? What if you found out about tor, figured out how to use it, and were uploading a video to twitter about the atrocities? and what if you weren’t able to complete the upload because the tor network couldn’t handle the bandwidth? Luckily, someone in the US was able to pirate all the seasons of Breaking Bad using the tor network though. Again, this would be much less of a problem, if everyone on the internet also hosted a tor node.
It’s interesting to me that everyone wants to talk about progressive politics and the plight of the working man, but no one is willing to take 30 seconds out of their day to figure out how to set up and host a tor relay node. We’re all willing to take a day off work to go march about Trump’s election, or will eat lunch somewhere that claims to send it’s profits to Uganda, but won’t consider a few small technological steps that mathematically produce results. We would have no idea of what the NSA was doing behind closed doors if it weren’t for the tor network. Edward Snowden leaked with tor.
I get it, we humans have certain biases, and actions in which we can’t see reaction are less important to us, and that’s why we go march. It gives us a much stronger psychological boost, but really, hosting a node is just too easy not to. And, once it’s up, it’s up for life.
I’m not trying to scare you off from using tor to pirate Breaking Bad. The last thing I want is for anyone to feel guilty using tor. However, I do feel that everyone should host a tor node. If you really want to be a progressive patriot, or care about people in oppressive governments, this is what you should be doing this weekend.