[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] NSA's "Tor Stinks"

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-relays] NSA's "Tor Stinks"
From: Jesse Victors <jvictors@xxxxxxxxxxxxxxxx>
Date: Tue, 08 Oct 2013 13:23:48 -0600
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 08 Oct 2013 16:10:12 -0400
In-reply-to: <mailman.13.1381233601.27053.tor-relays@xxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
Openpgp: id=C20BEC80
References: <mailman.13.1381233601.27053.tor-relays@xxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0

I recently ran across several articles related to the NSA's attempts at cracking Tor and de-anonymizing its users. They are after terrorists and other individuals who seek to do harm of course, but their work obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities. So far, it appears that the cryptographic standards and protocols implemented by the Tor devs appear to be holding, which I find interesting. The NSA has been trying other methods to figure out Tor, including identifying and then infecting user machines, trying to control/hijack the Tor network, or by influencing the network as a whole, and they've had a very small amount of success, but not much. One thing that was especially interesting to me (and I expect to everyone on this mailing list) is that they are trying to control more relays via cooperation or direct access, which can then be used for timing attacks or disruptions to the users. They are also trying to shape traffic to friendly exits. For anyone interested, I would highly recommend these links:
http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
http://www.bbc.co.uk/news/technology-24429332
http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption

Also, from http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-internet-anonymity it appears that their opinion of Tails is that it "adds severe CNE misery to [the] equation". These are all highly informative articles, and it appears that Tor is remaining resilient to their efforts, as long as people (including relay/exit operators) use the latest software, remain aware that Tor doesn't protect them in all aspects, and as long as there are enough non-NSA relays and exits (we need more!) such that everything they see still remains encrypted and anonymous. Interesting I say.

Jesse V.

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] NSA's "Tor Stinks"
  - From: krishna e bera
- Re: [tor-relays] NSA's "Tor Stinks"
  - From: Raistlin Majere

Prev by Author: Re: [tor-relays] Port for obfsproxy
Next by Author: Re: [tor-relays] NSA's "Tor Stinks"
Previous by thread: Re: [tor-relays] Port for obfsproxy
Next by thread: Re: [tor-relays] NSA's "Tor Stinks"
Index(es):
- Author
- Thread