Mozilla will start hosting Tor relays as part of Polaris privacy push

11 Comments

Credit: Alexey Fursov

Mozilla will give the Tor Project a capacity boost as part of the Firefox maker’s new strategic privacy initiative, Polaris, which it unveiled on Monday as part of its tenth anniversary celebrations.

The Polaris initiative will see [company]Mozilla[/company] work alongside partners such as the Tor Project and the Center for Democracy & Technology (CDT) to promote online privacy, largely through the inclusion of new features in Firefox. In a Monday blog post, Mozilla said it wants to “accelerate pragmatic and user-focused advances in privacy technology for the web,” which appears to denote a focus on user-friendliness.

Polaris is kicking off with two experiments, the first of which builds on the fact that the Tor Browser – the Tor Project’s easy-to-use implementation of its anonymized surfing technology – is based on Firefox code. According to the post, by Mozilla business and legal affairs chief Denelle Dixon-Thayer, Mozilla is evaluating what the Tor Project has done in order to see how it can make Firefox more Tor-friendly.

But there’s more. The way Tor hides the connection between its users and the sites they’re visiting is by bouncing their traffic through a series of “middle” relays, then finally through an “exit” relay, which visited sites will interpret as being the source of the user’s traffic. Middle relays are legally pretty safe to run, because if someone is using Tor for something illegal, middle relays can’t be mistaken as the traffic source.

So Mozilla’s going to start hosting high-capacity middle relays, making the Tor network faster and more robust. Along with [company]Facebook[/company]’s recent decision to launch a “hidden service” for Tor users, support for the network could be on the cusp of going mainstream.

Denelle Dixon-Thayer also wrote that Mozilla is running an “in-product Polaris experiment” that will aim to create a way for users to escape tracking “without penalizing advertisers and content sites that respect a user’s preferences.” As the high-profile Do Not Track initiative ended in failure, this will be interesting to watch.

Also on Monday, Mozilla added the privacy-focused DuckDuckGo search engine as a pre-installed option for Firefox users across Windows, Mac, Linux and Android. There’s also a new Firefox feature called Forget, which gives users a simple way to clear out all tracking information covering the last five minutes, two hours or 24 hours – as opposed to going through a relatively technically-phrased list asking whether users want to clear cookies, history and so on.

11 Comments

Mike

So, Mozilla will be using all of those relays that the FBI just finished using?

IDK if you guys would know, but since I’m here I may as well ask. Will Facebook still be offering that .onion access?

Joey

Um, no. Mozilla is going to be hosting new relay nodes for Tor, increasing the capacity and speed of the network.

… also curious about the Facebook question. For me, the idea of Facebook being Tor friendly is truly bizarre. Facebook has historically been diametrically opposed to anything resembling privacy.

David Meyer

I hope you’re right, but the signs so far have really not been good, with all those big web firms saying they don’t honor requests. I’m interested in seeing what the Polaris mechanism achieves though – the more servers can be *forced* to respect the client’s stated preferences, or just taken out of the decision-making equation altogether, the better.

Valerie O'Neill

Some may be forced but hopefully many more will respond because user trust will increasingly become a competitive imperative.

I also think publicity about maladvertising will make security of delivery and proper safeguarding of any personal data collected a necessity.

Joey

Well, that makes my decision to stop using FireFox even easier.
If they’re going to do that, they may as well go ahead and just start hosting some hidden services too and become international distributors of illegal drugs and child pornography.
For all of those privacy advocates that feel a need to slam me for this comment, I recommend you actually spend some time visiting the hidden services enabled by the Tor network before you flame me. I have spent some time there, and generally speaking, the sites hosted as hidden services fall into three broad categories:

1. Obscure, but relatively harmless (things like repositories of outdated information).
2. Marketplaces for illegal products (after this weekend there are fewer of these, but they’ll come back).
3. Illegal pornography (not all of it is child porn, but rest assured, if it’s porn, and it’s hosted on Tor, there’s probably a reason…).

One thing I have yet to find, Tor Project propaganda notwithstanding, is any site hosted as a hidden service on Tor that offered anything both useful and legal that could not just as easily have been hosted on the open Internet.

And just to answer the first flame that someone is likely crafting as they read this… don’t waste your time with the whistle-blower or tip-line example. I have been a whistle-blower, though I did it correctly/legally. If someone is a whistle-blower and they are actually doing it for the reasons they usually give, then there are two paramount concerns. The first is that they are able to do this safely (and that may mean anonymously). The second, and equally important, is that they are able to get the information to the right people. If you are submitting whistle-blower or tip-line information to a site hosted as a hidden service on Tor, where you have no possible way of validating who is actually receiving the information, then you are an idiot.

Flame away…

Guest

The middle relays are still used to anonymise clearnet traffic passing through Tor. I can see that being useful, regardless of .onion sites.

Joey

I don’t have any issue with the classic use of anonymizers. The problem with Tor is that because the two services are bundled together (anonymization and hidden services) you can’t support one without supporting the other (and by support, I mean sending them money).

RK

I don’t get your point. FF is not hosting tor or connecting you to tor, so you don’t get access to .onion websites and the code for FF is open to public, so anyone can see what services are running.
People who want to go to .onion site will go to .onion sites there is nothing Mozilla can do about it.

Joey

My point is that the predominant use of the Tor network if for illegal activities (including the international distribution of child pornography). And if Mozilla is going to actively support the Tor network by providing server space, then I’m not going to use their browser.

Comments are closed.