[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] !!! Important please read. !!!

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] !!! Important please read. !!!
From: Andreas Krey <a.krey@xxxxxx>
Date: Wed, 8 Jan 2014 13:22:27 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 08 Jan 2014 07:26:45 -0500
In-reply-to: <DUB121-W100ED447E4F054F1BE7B10C8B10@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20140108022308.GI2527@sescenties.(null)> <DUB121-W100ED447E4F054F1BE7B10C8B10@xxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.4.2.1i

On Wed, 08 Jan 2014 11:25:02 +0000, Mark McCarron wrote:
...
> In regards to identifying Tor users, this is more simple than anyone imagines.

No, it isn't.

> A simple DB at an ISP recording IP addresses of those connecting to Tor nodes is all it takes.

Not all tor nodes are publicly known.

> In fact, the EU mandates that this data be held for 2 years:
> http://en.wikipedia.org/wiki/Telecommunications_data_retention#European_Union

No, it doesn't. The requirement is for access ISPs to log the association
between user and ip addresses over time, and for email/voip providers
to log all mail transfer/voip connections. Access providers are not
required to log each individual TCP connection, and that would be needed
for finding out even regular guard users.

> That data can be correlated with access to hidden services and other websites,

This, to the extent that it is actually true (namely that you can
correlate the times a person is online with the times a given persona
seems to interact with a webservice), is valid for any possible
anonymization network that provides interactive access to the web.

> so we know for a fact that Tor is extensively compromised at present and provides no anonymity as it fails to deal with traffic analysis.

In a fully infiltrated network anonymous communication is impossible.
So what are you aiming at?

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] !!! Important please read. !!!
  - From: Mark McCarron

References:
- Re: [tor-talk] !!! Important please read. !!!
  - From: Seth David Schoen
- Re: [tor-talk] !!! Important please read. !!!
  - From: Mark McCarron

Prev by Author: Re: [tor-talk] Risk of selectively enabling JavaScript
Next by Author: Re: [tor-talk] !!! Important please read. !!!
Previous by thread: Re: [tor-talk] !!! Important please read. !!!
Next by thread: Re: [tor-talk] !!! Important please read. !!!
Index(es):
- Author
- Thread