Hacker News new | past | comments | ask | show | jobs | submit login

That's interesting, I didn't know about these trusted authorities. Here are the IPs:

    $ curl -s https://gitweb.torproject.org/tor.git/plain/src/or/config.c | grep -Eo "([0-9]{1,3}\.){3}[0-9]{1,3}:" config.c | sed 's/://'
    128.31.0.39
    86.59.21.38
    194.109.206.212
    82.94.251.203
    131.188.40.189
    193.23.244.244
    208.83.223.34
    171.25.193.9
    154.35.32.5
    199.254.238.52
I get the same country list as you:

    $ cat ips | xargs -I% curl -s http://ipinfo.io/%/country | paste - ips | sort
    AT  86.59.21.38
    DE  131.188.40.189
    DE  193.23.244.244
    NL  194.109.206.212
    NL  82.94.251.203
    SE  171.25.193.9
    US  128.31.0.39
    US  154.35.32.5
    US  199.254.238.52
    US  208.83.223.34
And here are the organizations they're associated with:

    $ cat ips | xargs -I% curl -s http://ipinfo.io/%/org | paste ips -
    128.31.0.39 AS3 Massachusetts Institute of Technology
    86.59.21.38 AS8437 Tele2 Telecommunication GmbH
    194.109.206.212 AS3265 XS4ALL Internet BV
    82.94.251.203   AS3265 XS4ALL Internet BV
    131.188.40.189  AS680 Verein zur Foerderung eines Deutschen Forschungsnetzes e.V.
    193.23.244.244  AS50472 Chaos Computer Club e.V.
    208.83.223.34   AS40475 Applied Operations, LLC
    171.25.193.9    AS198093 Foreningen for digitala fri- och rattigheter
    154.35.32.5 AS14987 Rethem Hosting LLC
    199.254.238.52  AS16652 Riseup Networks



(I'm from The Netherlands)

For what it's worth, XS4ALL has a tremendous reputation when it comes to privacy in The Netherlands, being one of the first ISPs in NL, founded by true hackers. They were the first (and only one?) that started disclosing how many subpoenas they were receiving from the government, have fought a lot against blocking TPB in court, etc -- I'm not surprised at all they are the ones hosting the Tor servers (I am a customer, and am allowed to run an Exit node, and they are very supportive when they receive abuse complaints, their entire customer support staff knows about Tor). I would be surprised if they would easily cave to a government order / seizure of their servers.


Do note that XS4ALL is owned by KPN, which is a monolith like Comcast or Verizon. If the authorities come knocking hard enough, KPN will make sure it it shut down, or worde. XS4ALL is a good provider, I enjoy my IPv6 and fiber to home very much, service is good, they still provide a shell server which I use for IRC, I like them

I do however have my doubts about KPN...


Sad as it might be, I have to agree with you. Upon acquisition, KPN said it will let XS4ALL be as independent as possible, and as far as I can tell, they put their money where their mouth is (let them fight court battles, where KPN (the ISP) does not), but if there is little legal room for XS4ALL to move in, KPN will make sure XS4ALL complies.

On the other hand, XS4ALL is always looking for the boundaries of privacy and free speech -- if there is no more (legal) room left, and as such have reached the boundary, I have no doubt they would comply. But they probably make a big stunt out of it again, using it as a marketing opportunity, which KPN, of course, will have no problems with. As long as they comply with the law.


MIT runs Lincoln Lab which is a think tank / R&D facility for the military. You have to pass through an armed checkpoint to get to the the complex located on an AF base. I would consider that node compromised already.


Note that 'the military' and 'a hypothetical government agency opposed to Tor' are not necessarily the same thing.

Counterintuitively sometimes the best protection is to operate under another agency. That makes moving against Tor a battle of internal politics rather than a legal battle.

'The government' rarely has uniform views on something as complex as Tor.


The mistake of course being that the military (and the CIA, it's very useful for their assets) is pro-TOR and were the ones who developed it. It's the FBI/NSA that are anti-TOR. The government is rarely monolithic, especially when it comes to the security divisions.


It's not monolithic but power is magnified. A branch of the military relying on Tor for operational security ensures that the DoD will be at least split on officially sanctioning the technology.


I'm confused. Are you saying that the MIT Tor node is at Lincoln Lab, or are you suggesting that anything MIT-affiliated is tainted because of LL?


You realize that Tor came out of the US Naval Research Laboratory, right?

https://www.torproject.org/about/overview


It's also open source. Can we stop with this fucking red herring already? He's talking about a service, right now, under the direct control of the US military. You're talking about grant funding for an open source tool.

Stop.


No, he's not. He's talking about a single research laboratory MIT runs on a military base. Which somehow makes the entire university under direct control of the military?


FWIW according to the listserv traffic at MIT CSAIL right now, some members of the community seem to believe that the TOR node lives in CSAIL, not LL.


Assuming the PTR RRs are accurate, that would appear to be true:

  $ traceroute 128.31.0.39
  ...
  15  mitnet.trantor.csail.mit.edu (18.4.7.65)  40.218 ms  40.661 ms  40.900 ms
  16  asperta.helicon.csail.mit.edu (128.30.0.246)  45.345 ms  47.082 ms *
  17  belegost.csail.mit.edu (128.31.0.39)  44.074 ms !X  45.023 ms !X  45.549 ms !X


I have 0 Trust on MIT, since Aaron Swartz incident. I consider that place no more than deep shit.

I Don't want to believe, if I can trust a Tor Network passing through that gate in MIT




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: