Mastodon: Support Tor-hidden servers
Some of the publicity given to Mastodon is thanks to the US government asking Twitter for the real identity of one of its users, I think. However, a question rapidly arises: is Mastodon safer than Twitter for this use case? Will an individual holding a server for a small group of people be more efficient than Twitter in suing a government in response, to protect its users?
Unfortunately, I don't think so, as size is required to make governments flex, would it be just to pay legal costs.
In order to better protect the users, a technical solution could be put in place to actually protect server admins from being "blackmailed" (I don't know the actual term for a government forcing one to deliver information) into giving away information about its users. Even the users using Tor is not enough, as private messages could be reached this way, or worse, malicious biometrics-based identification JS could be put on the server to identify the user despite Tor. (even if a special client could be developed to ban the development of such biometrics, the PM issue still exists)
I think this calls for running some mastodon servers as Tor hidden services.
The potential issues we identified are:
- Not all Mastodon instances run a Tor client.
- If relaying is put in place, banning a Tor server is much more complex (and it can change identity really easily to escape the ban)
Solutions could be:
- Change the protocol so that designated Tor bridges relay messages from/to the Tor network. Each Mastodon server would be configured to use one (or more?) such bridge(s), to get the message updates from Tor. As I don't know the details of the protocol, I don't know whether this means the server would have to trust the Tor bridge relatively to the name of the source server, but I'm not sure it matters much.
- Banning could be done either at a server level (trusting the name the Tor bridge sends the Mastodon instance), or at the network level (refusing any message incoming from Tor by not using any Tor bridge).
This would most likely require a protocol addition to support Tor bridges, but I'd think it's worth it, for privacy and security reasons.
What do you think about it?
- [x] I searched or browsed the repo鈥檚 other issues to ensure this is not a duplicate.
Ekleog
All 10 comments
any updates here?
ghost
on 3 Jul 2017
With the new FOSTA bill, this should now be a requirement, as well as probably very thorough encryption of the service.
At least if we have distributed Tor nodes here, then we should be able to keep related things alive.
Icekhaos
on 21 Apr 2018
I wrote a quick example of instructions of building a Tor instance.
https://gist.github.com/hcmiya/40f3810108c954b3a24017a78844e0b6
hcmiya
on 30 Apr 2018
I wrote a quick example of federating with Tor instances from clearnet.
https://gist.github.com/hcmiya/e635b31ae8c4b33d903f224ddbc45197
hcmiya
on 30 May 2018
and list of such instances https://ja.mstdn.wiki/Darknet%E9%80%A3%E5%90%88%E5%AF%BE%E5%BF%9C%E3%82%A4%E3%83%B3%E3%82%B9%E3%82%BF%E3%83%B3%E3%82%B9%E3%81%AE%E4%B8%80%E8%A6%A7
hcmiya
on 30 May 2018
Any news? It seems that this guy got an instance up successfully [1], but he's having a bad time while trying to set up email confirmation [2].
edoardopigaiani
on 24 Aug 2018
Activation of the account without checking the mail seems to be possible by changing the setting of Diverse and adding a worker of Sidekiq. https://theboss.tech/ and https://kurage.cc/ adopt this. The setting method is written in the following blog article:
Implemented by theboss.tech:
- https://github.com/theboss/mastodon/commit/36d484d168653e25d857cb5b2507d3fdb4b4f9d8#diff-a8a4112d0760c0fd11f691c6a5fb22ad
- https://github.com/theboss/mastodon/commit/002eefbf5f0e05697c879e9ca9926af8db20e0b1#diff-4b3a8cee1b3d13c85b99f36000965a21
Implemented by kurage.cc:
- https://github.com/yi0713/mastodon/commit/20d52fad78b1a297b771e65d40835fd6179dd47d#diff-a8a4112d0760c0fd11f691c6a5fb22ad
- https://github.com/yi0713/mastodon/commit/2b3ccfdb616015ac76b721f2f592c4ec7aee15c9#diff-4b8c40b3a00627d0ee3149f3b75f5ae3
hcmiya
on 24 Aug 2018
Thanks for the rapid answer and the links provided, very useful!
I reached out to this guy who is running an instance with ~150 users behind an .onion address and apparently he's willing to document the correct process needed in order to set up everything correctly.
I'll try and merge all the knowledge I've been able to find regarding Mastodon+Tor and see if I can have a comprehensive writeup on everything.
edoardopigaiani
on 25 Aug 2018
We also run on tor and can contribute to upstream if necessary.
ghost
on 28 Jun 2019
We also run on tor and can contribute to upstream if necessary.
Any chance we can get in touch?
edoardopigaiani
on 31 Jul 2019
Related issues
flukejones
路
3Comments
phryk
路
3Comments
marrus-sh
路
3Comments
svetlik
路
3Comments
cwebber
路
3Comments
Most helpful comment
Thanks for the rapid answer and the links provided, very useful!
I reached out to this guy who is running an instance with ~150 users behind an .onion address and apparently he's willing to document the correct process needed in order to set up everything correctly.
I'll try and merge all the knowledge I've been able to find regarding Mastodon+Tor and see if I can have a comprehensive writeup on everything.