To make Tor work better on the web, we need to be honest about it

To make Tor work better on the web, we need to be honest about it

To make Tor work better on the web, we need to be honest about it

Posted by   Martijn Grooten on   May 6, 2016

[Original Post: HERE]

If you regularly browse the web through the Tor network, you will have noticed that many websites are either inaccessible, or have strong barriers (in the form of difficult CAPTCHAs) put in front of them.

In a blog post, ‘The Trouble with Tor’, CloudFlare CEO Matthew Prince, whose company is responsible for many of these CAPTCHAs, explains that this isn’t a deliberate measure against Tor, but that his company is in the business of protecting websites from abuse, and CAPTCHAs are automatically put in place if a lot of abuse is seen from a particular IP address. Apparently, 94% of the requests CloudFlare sees through the Tor network are malicious.

Although it is not clear what exactly is measured to derive this figure, last year Akamai came to a similar conclusion in its State of the Internet report (pdf), in which it said that HTTP requests made through Tor were 30 times as likely to be malicious as those not made through the Tor network. Anecdotal evidence from people whose job it is to protect websites confirms this: blocking Tor is often a simple and effective way to stop certain attacks.


The problem for Tor here is that the Internet is still largely built on IPv4, whose size of roughly four billion addresses is small enough to be stored in a blacklist, yet large enough to ensure that different people almost always use different IP addresses. And thus, whether it is for blocking spam or malicious web traffic, keeping a list of IP addresses that have engaged in abuse and putting barriers in front of subsequent requests from those addresses is an effective way to mitigate a lot of abuse.

Tor routes traffic through a small number of exit nodes, which means that websites can’t track users by their IP address, while the Tor Browser (the recommended way to use Tor on the web) removes most other ways of tracking users. A consequence of this is that Tor users share each other’s reputation. Unfortunately, many people use Tor to do bad things, so this reputation often isn’t particularly good.

Tor, understandably, doesn’t concern itself with the content of the traffic; it would be impossible for it do so without compromising its security. From Tor’s point of view, therefore, no traffic is ‘bad’. However, in the case of website security, it is fair to say that bad traffic is that which the site owner doesn’t want to receive.

It is often suggested that websites that put barriers in front of Tor traffic don’t care about privacy or anonymity. With perhaps a few exceptions, this misses the point. For a website owner, putting such barriers in place is often a sensible security decision that stops a lot of abuse while hurting relatively few people.

If we want to make the web more accessible through Tor — and I think this is something worth striving for — we should at least acknowledge this.

We could make the argument that anonymity and privacy are so vital that they make it worth trying to deal with the bad Tor traffic in other ways; I have seen this argument work in individual cases. There may also be technical ways to mitigate some of the abuse, for instance by building some kind of proof-of-work into the Tor Browser, which might make it less attractive to use in automated attacks.

But we could also try to solve the problem in another way: by making more people use Tor.

Tor is often said to be very useful for journalists wanting to protect their sources and for opposition activists under repressive regimes. This is certainly true, but it is fair to say that most people fall into neither category. At worst, they suffer from government censorship — a problem which is just as well solved by VPNs.

But Tor can be useful for average Internet users too, even those that aren’t particularly concerned about privacy. It is, for instance, a great way to check prices in online shops, to ensure you aren’t quoted a higher price based on your past browsing activity. It can also be useful to login to social media when on a trip you don’t want everyone to know about; this prevents you from accidentally leaking your location. Indeed, the fact that a million people used Facebook‘s .onion site last month suggests that there is certainly an interest in doing so.

Of course, while increasing the ‘good’ Tor traffic will make it less attractive for websites to put barriers in place, it won’t stop the bad traffic. But it will force website owners and those tasked with protecting their websites to look for other solutions to deal with this problem.


A Kidnapping Survival Guide: How to Combat Digital Ransomware (Part 1)

A Kidnapping Survival Guide: How to Combat Digital Ransomware (Part 1)

A Kidnapping Survival Guide: How to Combat Digital Ransomware (Part 1)

Kidnappers can easily take your digital information using one of the most dreaded types of malware: ransomware. Cyber-criminals are relying more and more on these malicious programs to block our computers.  Now, they are asking for larger amounts of money if you want them to “give back” access to your hard-drive.

The losses that a business can incur from an attack of this kind are enormous, which is why it is essential to be knowledgeable about the basic precautions that should be taken if you are in this type of situation.  First to prevent these types of attacks; and then to fight them.

We have prepared a summarized guide with the essential things that you need to be aware of. Here they are:

  • Do not forget the basics. Ignore any of the “simple” measures, which can be fatal for your company’s security. For example, if you allow your company’s employees to open email attachments containing executable files (like a PDF or Word document with a clickable tracking number for a delivery), then you are opening the door for cyber-attacks.
  • Remember that “human factor”. People are your business’ weakest links when it comes to security, since it is usually much easier to trick them then to trick a machine. It is essential that you give your team the right skills (for example, teach them how to recognize a supplanter or a suspicious email). Your employees can be your company’s best shield against ransomware, or they can be the black hole your organization falls into.
  • Perform an inventory of all of your company’s hardware and software. If something leads us to grow suspicious of a potential attack, it is important to know what “it” is and where we can find “it”.  How fast you are able to respond to an incident will largely depend on how long it takes you to locate the affected computers and systems.
  • Compartmentilize your company’s network, or in other words, divide your company’s network into areas with different access profiles. Apply internal rules to define the type of communication that can be exchanged between these groups and the privileges they have during certain events, in order to prevent greater problems.
  • The safety of our corporate network isn’t the only thing we need to worry about. Every computer (computers, tablets, mobile…) used by employees in the organization must be protected because they are both an entry point and a first line of defense against any type of infection. For instance, when a laptop connects from an external network not belonging to the company, the risk for infection is multiplied. We must prepare ourselves.
  • Buy a good security solution for your company. If you are constantly updating your database, then an anti-virus will more likely and more rapidly be able to detect all kind of threats, even some of the newest ones.
Even the inventor of the World Wide Web can be hacked. What about us?

Even the inventor of the World Wide Web can be hacked. What about us?

Even the inventor of the World Wide Web can be hacked. What about us?

contraseñas_FOTO2Even the inventor of the World Wide Web, Mr. Tim Berners-Lee, can have his password stolen. The hackers were able to access IT resources belonging to the organization that governs the Web (W3C). This makes us wonder: Is there a company that isn’t vulnerable to this type of attack?


We all face the same problem: We are only as strong as our weakest link. Stealing the password belonging to a single employee, especially if their access level is high (for example, a manager), is sufficient means for a cyber-criminal to sneak into a company’s entire system.


According to a recent report by the Cloud Security Alliance (CSA), nearly a quarter (22%) of the IT breaches in companies began with asingle password leak. In addition, 65 per cent of the study’s participants believe that there is a medium to high chance that there will be future risks caused by a compromised password.


A fourth of IT breaches began with a single password leak




Like many others, Tim Berners-Lee’s situation could have been easily avoided. If an attacker gained access to the back door of the W3C it was because Berners-Lee repeated passwords. It is possible that he used the same password as the one he used for the IRC chats he used to communicate with his team.


The intruder initially got into the system using Berners-Lee’s information, then the same password opened other access points without problem. It was even possible to sneak into the web’s editing area, retouch the founder’s profile, and leave an encryption seal to prove that the cyber-criminal had been there.


To avoid being in this situation, there’s a simple and effective measure that should be followed by everyone in your company: use a different password for every service. That way, if one of your passwords is stolen, cyber-criminals will not have access to other resources belonging to your company.

Likewise, it’s also important to have a dependable security solution for your business to fall back on, like Panda Adaptive Defense 360, which is able to combat the theft of corporate information against both external and internal threats.

Intel Launches Xeon E7-8800, 4800 v4 Broadwell-EX Family

Intel Launches Xeon E7-8800, 4800 v4 Broadwell-EX Family

Intel announced its newest Xeon E7-8800/4800 v4 Broadwell-EX series of processors. The Broadwell-EX E7 v4 series features an additional QPI lane to increase scalability compared to the E5-2600 v4 Xeons we recently reviewed, and increases the LLC (Last Level Cache) to 60 MB and the core count to 24 (an increase over the 18-core maximum found with the previous-generation E7 v3 Haswell-EX family). The E7 v4 Series is socket-compatible with the previous generation E7 v3 series Brickland platform after a BIOS update.

The E7 v4 series features the same 14nm Broadwell microarchitecture found on the Broadwell-EP E5 v4 series. Intel is focusing on offering more features for each generation of Xeons as it wrestles with the expiration of Moore’s Law. The E7 v4 series offers the expanded feature set that we found with the E5 v4 Broadwell-EP series, such as Posted Interrupts, Page Modification Logging, Cache Allocation Technology and Memory Bandwidth Monitoring, among many others. The E7 v4 series, like the E5 v4, offers 70 RAS (Reliability, Availability and Serviceability) features and up to 70 percent more encryption performance. The Broadwell-EX family provides up to 60 MB of Last Level Cache, as opposed to an upper limit of 45 MB for the E5 v4 series, and also brings the notable addition of support for 3DS LRDIMMs and DDR4 Write CRC (an enhanced error control scheme). The E7 v4 series reaches a maximum 165W TDP, but also offers 150, 140 and 115W TDP flavors.

The E7 v4 only offers up to 32 PCIe 3.0 lanes in comparison to the 40 lanes provided by the E5 v4 series, but E7 processors tend to be deployed into quad-socket (or more) implementations. PCIe lanes scale accordingly with the addition of more processors, thus offering an increase in the number of PCIe lanes available to the system. For instance, a dual-socket E5 v4 system provides 80 PCIe 3.0 lanes, but a quad-socket E7 v4 provides 128 PCIe 3.0 lanes. Some Broadwell-EP E5 v4 SKUs scale up to four sockets, but the E7 v4 Broadwell-EX series supports up to eight sockets in a native configuration. The E7 v4 series also expands up to 32 sockets with third party node controllers (available from select server vendors). 

The E7 v4 series also supports up to 24 TB of memory in an eight-socket configuration (128GB 3DS LR-DIMMS), which is double the amount supported by the E7 v3 series. This incredibly dense configuration can be accomplished by deploying 24 DIMMs per socket (spread over the eight available memory channels).

The Brickland platform links the on-die four-channel memory controllers to four Intel Scalable Memory Buffers (codenamed Jordan Creek), through separate Intel SMI Gen 2 channels, which increases the number of memory channels to eight. A single socket supports up to 3 TB of memory with three of the 128 GB 3DS LR-DIMMs on each channel.

This continued expansion of addressable memory will be important for large-scale analytics applications in the enterprise. In-memory databases (storing the working data set in memory) are becoming widespread as data centers look to wring the utmost performance from the compute resource without the hindrance of limited storage performance.

Users can deploy 3D XPoint with NVDIMMs to use it as bit-addressable memory (much like a slower tier of memory). According to Intel, its forthcoming 3D XPoint memory offers up to 10x the density of DRAM, which could be another motivation for Intel to double the amount of memory supported on the platform.

The E7 v4 block diagram indicates that the Broadwell-EX architecture employs the same modular design as the E5 v4 HCC die, but brings the addition of the third QPI link to the ring on the right. The additional QPI link creates a mesh for data traffic. This reduces the number of “hops” required in quad-socket configurations by allowing all four CPUs to communicate directly with one another. The additional QPI link also reduces the number of jumps between each CPU in larger multi-socket configurations.

The high-end E5 v4 HCC die actually supported up to 24 cores, but Intel disabled one core on each side of the ring, which led to the 22-core limitation. Each core also features a 2.5 MB cache slice, so the two disabled cores on the E5 v4 reduced the maximum amount of LLC to 55 MB.

The E7-8890 v4 has all 24 cores active, and as a result, it offers up to 60 MB of LLC due to the cache associated with the extra two cores. The E7 v4 Broadwell-EX series scales from 8 cores/16 threads up to 24 cores/48 threads and clock frequencies span from 3.2 GHz to 2.0 GHz. All of the E7 v4 models support hyperthreading, but the E7-4820 v4 and E7-4809 v4 do not support Turbo Boost Technology.Intel extended Cluster On Die (COD) mode to the E7 v4 series in four socket environments, which is an increase in comparison to the dual-socket limitation with the Haswell-EX series. COD speeds performance by splitting the cores, LLC and home agents of each ring into a distinct cluster, which then operates within a NUMA domain to localize cache accesses to the same ring/cluster. This feature ultimately reduces LLC access latency, which improves performance.

Intel positions the Broadwell-EX E7 v4 series for scale-up compute-intensive workloads, such as real-time analytics, in-memory databases, online transaction processing (OLTP) workloads, supply chain management (SCM) and enterprise resource planning (ERP), among others.

Intel claims that the E7-8890 v4 provides up to 1.4x more performance with half the power consumption of an IBM Power8 platform, along with 10x the performance per dollar. Intel also touts that its new architecture supports 3TB of memory per socket in comparison to 2 TB per socket for the IBM Power8 competitor, but it is notable that IBM has its Power9 architecture waiting in the wings.

Intel indicates that the E7 v4 series has set 27 new benchmark world records and offers up to 1.3x average performance with several key industry-standard workloads (SPECjbb, SPECint, SPECvrt, TPC-E). The company also claims up to 35 percent more VM density in comparison to the E7 v3 series, as measured with the SPECvrt_sc 2013 benchmark.

Many of the users that will migrate to the new platform follow a multi-year update cadence due to maintenance contracts, so Intel included comparisons to the E7 v2 Ivy Bridge-EX series. Intel claims that the E7 v4 series provides up to twice the VM density, 4.6x faster ad-hoc queries, and 2.9x the performance with STAC-M3 theoretical profit and loss workloads in comparison to the E7 v2 series.



Source: tomshardware,31993.html

Contact us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Questions, issues or concerns? I'd love to help you!

Click ENTER to chat