OnionDSL Sets Aim on Mass Surveillance
The UK is right around the corner from one of the biggest government surveillance power expansions since Snowden, and one network specialist isn’t going to let that stop him from bringing privacy to the people.
Since the current UK Prime Minister, Theresa May championed the Investigatory Powers bill, or the Snooper’s Charter, a vast new legal army for mass surveillance has been created for the government of the UK, making the programs discovered by Snowden, in fact legitimate. It also mandates that all Internet Service Providers must keep tabs on what their customers are doing online, handing over any of the collected data to law enforcement, per their request.
One man, Gareth Llewelyn, has taken it upon himself to fight back. He started building his own ISP that runs on the Tor Network. He wanted to design a system that will make it harder for the new surveillance measures to censor content, and comply with government requests for subscriber information.
Early last month at Hacker On Planet Earth, or HOPE, in New York; Llewelyn announced OnionDSL. It is his Tor based system designed specially for this one-man ISP, Brass Horn Communications. Llewelyn’s system prevents him from capturing any logs at all, making customer data invisible; in turn making it impossible for him to turn over any records at all.
All a new user would have to do is migrate their connection to Brass Horn, then configure their router or PC to connect to Llewelyn’s Tor bridge. The traffic from the customer would then be bounced throughout the Tor network as usual; turning their trip into cyberspace untraceable. The only activity anyone can see is the subscriber’s router using his bridge to gain entry into the Tor network.
With this new service, it makes bills like the UK’s Mass Surveillance idea technically impossible. It also combats another legal loophole caused by using the Tor network.
Three different U.S. judges all ruled that the users of Tor should have no expectation to privacy regarding their true IP addresses. This came about because their idea that in order to connect to the Tor network, one must expose their real IP address to the third party machine running the Tor bridge, which helps you move into the Tor network itself. They mean that by using the FBI’s NIT (network investigative technique), the FBI doesn’t need a warrant. The courts in the U.S. have taken it above and beyond, by one judge’s ruling that the FBI doesn’t even need a warrant to hack into anyone’s computer, anywhere.
“At the moment, the NIT is only being targeted at people who belong in jail, but as with everything it’s a slippery slope, next they’ll be targeting dark net markets then it’ll be WikiLeaks, etc., etc.,” Llewelyn said in an email after his speech at HOPE.
The OnionDSL system allows the subscriber to never have to share his or her IP publicly with anyone because their connections are tunneled privately through the ISP’s dedicated Tor bridge.
“The judge’s argument is that a normal Tor relay is a third party and you as a normal Tor user have to expose your publicly identifiable/router address to said third party by routing over the internet to connect to that relay. In the OnionDSL model no information about the user is exposed to third parties, and more importantly (as far as that judge’s ruling is concerned) there is no identifiable address to expose,” Llewelyn continued.
This Tor based ISP isn’t going to be for everyone, although it does have a couple major limitations. One being that it can only reroute web traffic using the TCP protocol. This means that running games and apps that use other communication standards simply won’t work. Everything is routed through Tor, bandwidth limitations and all other setbacks that come from using Tor would also apply.
“As a general use consumer broadband product OnionDSL falls short on many counts, but if taken solely as a dedicated censorship/surveillance busting broadband product then it is pretty damn cool,” Llewelyn also said.
He imagines it being used at places with vulnerable connections like libraries, and refugee shelters. Brass Horn Communications doesn’t have any subscribers, yet. He still considers it a more proof of concept plan, to help protest against the surveillance laws. He still thinks that if the UK’s IP bill is signed into law, and if he were to raise enough capital via crowdfunding, he will go ahead and launch it anyway.
“I’m not suggesting this is a good idea for everyone. If you say, ‘Hi, I’d like a special internet connection that no one can spy on,’ you will be red flagged,” he concluded.