Linux User Group of Mauritius Promoting open source software in our beautiful island

17Dec/150

Tor Users in Mauritius

Posted by logan

How many tor users in Mauritius ?

Tor is an anonymizing Network, which is free of access by anybody. It hides your Internet Traffic. It is used world-wide by Journalists, dissidents, and various groups. The question of the number of Tor users in Mauritius has been on the mind of hackers.mu for a while. We expect at most around, 200 Users at most. Upon looking at the Tor statistics, we realised that there are around 700 active Tor Users from Mauritius !! We were shocked ! URL here: Tor from Mauritius.

Why is that number so high in Mauritius ?

One of the first acts of Internet Censorship in Mauritius occured in 2007, when ICTA ordered all of the ISPs to block facebook. We believe that this caused people to get interested in technologies such as Tor that protect their online privacy, and prevent censorship.

More cases of censorship ?

It is very likely that we will see more attempts by the government of Mauritius to censor the Internet. ICTA has deployed a blackbox to block child pornography. However, the setting up of the blackbox was shrouded in secrecy as Internet Users were not invited to the public consultation. Hackers.mu has been advocating the use of Tor in Mauritius since day one, on top of our other initiatives such as promoting signal, an SMS/voice encrypted communication medium, which is easy to use. We have also sent patches to Tor & Signal to try to make those privacy tools better.

Conferences about Freedom, Privacy and Security in Mauritius

We would like to see more conferences about protecting the privacy of Internet Citizens in Mauritius. The government should implement measures to protect our privacy, as written in the Constitution of Mauritius. The High number of Tor Users in Mauritius is a sign that people feel that their privacy is not being respected by the Government of Mauritius.

Filed under: tor No Comments
11Dec/150

Tor hardened memory allocator improvement

Posted by logan

Tor's Hardened memory allocator

Tor supports a hardened memory allocator from the OpenBSD project. OpenBSD's memory allocator was designed to be heavily randomized. During the porting effort to make OpenBSD's malloc work on Tor & non-OpenBSD platforms, arc4random() was replaced by rand(). A modulo bias is introduced by using "rand() % bp->free". To reduce modulo bias, hackers.mu sent a patch to the Tor project. Ideally, we would be happy to see tor ship with an arc4random_uniform() implementation from OpenBSD. arc4random_uniform() was designed to eliminate modulo biases.
Geeky details here.

Filed under: tor No Comments
10Dec/150

Tor & randomization

Posted by logan

Introduction to Tor

Tor is a piece of software which is used to remain anonymous on the Internet. Users can connect to the Tor Network, and all of their traffic is "hidden". Tor is used by several group of people: journalists living in China, Police Officers for Undercover operations, whistleblowers, human right activists, and even military officers who are on remote mission.

Mauritius & Privacy

In Mauritius, none of the local ISPs have made a public statement for protecting the privacy of their users. This means that the Internet traffic of Mauritians is probably monitored. ICTA has a blackbox which supposedly blocks only child pornography. We do not know what else it can do. Hackers.mu (a group of Ninjas living in Mauritius) publicly encourages Internet Users in Mauritius to adopt Tor, particularly for visiting sensitive websites such as political parties, making comments on forums against the government, and also making the truth known. We encourage civil servants who would like to disclose sensitive documents to use TOR.

Improving Tor

On UNIX/Linux systems, Tor relies on the Operating System to provide it with a random source of data. It's generally /dev/random. However, opening /dev/random implies keeping a file descriptor open throughout the course of execution of tor. If someone sandboxes tor for security, this weakens the sandbox. Someone who compromises a tor process can close the file descriptor for /dev/random, and open another file which is outside of the sandbox. Hackers.mu sent a patch to the tor project which takes advantage of a new API on Linux, which opens the random source in tor without the need for a file descriptor. This in turns leads to tighter sandboxing on tor, and therefore improves the security & privacy of tor users. A different patch by Y. Angel was committed to Tor to take advantage of the new API on Linux.

Adoption of Tor

It is our aim that Mauritian users adopt tor to protect their online privacy, and we will continue to work on improving the code to protect your privacy online! Happy Tor :)

Filed under: tor No Comments
10Dec/150

Tor & randomization

Posted by logan

Introduction to Tor

Tor is a piece of software which is used to remain anonymous on the Internet. Users can connect to the Tor Network, and all of their traffic is "hidden". Tor is used by several group of people: journalists living in China, Police Officers for Undercover operations, whistleblowers, human right activists, and even military officers who are on remote mission.

Mauritius & Privacy

In Mauritius, none of the local ISPs have made a public statement for protecting the privacy of their users. This means that the Internet traffic of Mauritians is probably monitored. ICTA has a blackbox which supposedly blocks only child pornography. We do not know what else it can do. Hackers.mu (a group of Ninjas living in Mauritius) publicly encourages Internet Users in Mauritius to adopt Tor, particularly for visiting sensitive websites such as political parties, making comments on forums against the government, and also making the truth known. We encourage civil servants who would like to disclose sensitive documents to use TOR.

Improving Tor

On UNIX/Linux systems, Tor relies on the Operating System to provide it with a random source of data. It's generally /dev/random. However, opening /dev/random implies keeping a file descriptor open throughout the course of execution of tor. If someone sandboxes tor for security, this weakens the sandbox. Someone who compromises a tor process can close the file descriptor for /dev/random, and open another file which is outside of the sandbox. Hackers.mu sent a patch to the tor project which takes advantage of a new API on Linux, which opens the random source in tor without the need for a file descriptor. This in turns leads to tighter sandboxing on tor, and therefore improves the security & privacy of tor users. A different patch by Y. Angel was committed to Tor to take advantage of the new API on Linux.

Adoption of Tor

It is our aim that Mauritian users adopt tor to protect their online privacy, and we will continue to work on improving the code to protect your privacy online! Happy Tor :)

Filed under: tor No Comments