Mobile-first course charted by privacy-protecting technology

The Tor Project is planning to improve network speed and performance, particularly for mobile users and those with older devices or on slower connections.

The initiative, the result of many years of collaboration with the research community, has multiple facets.

These include streamlining the tuning of the network, deploying smarter methods for balancing traffic, and rolling out the fruits of performance and scalability research. Proactively detecting, diagnosing, and resolving user-facing performance issues will also play a part in the upgrade.

Although the total relay capacity (bandwidth) of the Tor network has increased due to events such as the Edward Snowden disclosures over recent years, this has not been matched by corresponding increases in utilisation and throughput. Less than half of the capacity on the Tor network is been used.

BACKGROUND Tor security: Everything you need to know about the anonymity network

Speaking during Tor’s State of the Onion conference on Monday, developer Mike Perry said that the two-year upgrade project that began in October is designed to fix these issues. The scheme will include RTT-based congestion control and traffic splitting across multiple circuits, among other technological improvements.

Perry explained: “Most of these improvements are client and parameter-based [though] some will require exit [node] upgrade, particularly congestion control. All will require careful tuning and experimentation.”

A prototype experiment, with just the client-side improvements, was able to achieve 5 mbps over a full six-hop Onion service circuit where normally only 200-500 kbps is currently possible. These huge performance gains would be diluted if everyone was using the same client but nonetheless illustrate the potential for improving the technology, according to Perry.

The State of the Onion, a livestreamed online event, saw key developers and partners to Tor (such as SecureDrop, Library Freedom Project, and Ricochet Refresh) discuss upcoming development plans. A recording of the event has been uploaded to YouTube.

Mobile first

During the event Tor Browser developer lead ‘Matt’ (nicknamed @sysrqb) explained how the browser was transitioned from an old version of Firefox to a newer version during the second half of 2020.

The desktop version of the Tor Browser has moved from Firefox 68 ESR to Firefox 78 ESR as a foundation for enhancements. Over the same period the Android Tor Browser has been upgraded and built using Mozilla’s Fenix browser for Android as part of an evolving strategy to move to a more rapid release cycle and mobile-first focus for the privacy-protecting Tor Browser.

The Android version of the Tor Browser is based on Firefox 83, well ahead of the desktop versions (Windows, macOS, and Linux), which are based on Firefox 78 ESR.

Bad relays? That’s shallot

During the two-hour long livestream event other developers involved in the Tor Project discussed plans to weed out bad relays.

A bad relay joins the distributed Tor network to do something malicious instead of helping users to protect their privacy and circumvent censorship. 

Read more of the latest privacy news

“Identifying bad relays involves scanning the network to identify relays or groups of relays that are behaving in ways that indicate malicious intent,” a Tor Project representative told The Daily Swig. "We have a design proposal for how to improve the situation in a more fundamental way by limiting the total influence from relays we don't ‘know’ to some fraction of the network.

“Then we would be able to say that by definition we trust at least 50% (or 75%, or whatever threshold we pick) of the network,” they added.

Much of the discussion during the two-hour session, and particularly those from third-party software developers that rely on Tor such as Ricochet Refresh, referenced the depreciation of Tor Onion Service v2, which will be unsupported from July 2021.

YOU MIGHT ALSO LIKE Firefox introduces HTTPS-Only Mode to shield users from insecure connections