[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] "If you have access to certain tools, you can completely ignore Tor."



On 12/18/2011 5:33 PM, Matthew R wrote:
From:
http://www.wired.com/vanish/2009/09/interview-with-pi-steve-rambam-evan-can-be-found/

Wired: How much can one do with IP addresses that have been run through Tor?

SR: If you have access to certain tools, you can completely ignore Tor. You
can trap your subject’s IP address without wasting your time busting
through Tor. Without revealing too many tricks, for example, it’s easy
enough to send someone an e-mail that broadcasts location info back to a
server. Someone operating a trap website can grab Evan’s cookies and see
his entire browser history and his current IP address. With only a minimal
amount of work, you can determine where Evan is viewing a website from.

Does this make any sense?  I assume that what the PI means is that if you
send an e-mail to a non-webmail client (like Thunderbird) which does not go
via Tor, then the IP can be determined when it loads the 1x1 HTML pixel
from the website.  However, if the victim uses webmail then surely all
responses would go via Tor?

Or does he mean something else?
I didn't read the entire article yet, but have read of some similar claims like
Someone operating a trap website can grab Evan’s cookies and see
his entire browser history
Even if partly true, this is one reason I don't understand why TBB has default settings to allow all cookies, seeing as how its main goal is anonymity. Devs are very concerned about not writing anything to cache, but not concerned about cookies.

Tor wasn't developed for constant, everyday use by millions w/ the idea that anonymity could be provided for the masses. It probably never will achieve that. Authorities & hackers will always be looking for holes. People much smarter than me say if you're that concerned about true anonymity, you'd better encrypt everything. Cookies & browsing history are another matter.

Under current US & other nations' laws, it's possible that gov'ts have already forced developers of any software - incl. Tor - to put in backdoors. And in fact, say it's illegal for the devs of any software to outright disclose such. In general, most gov'ts aren't going to allow devising ways that criminals can easily & completely avoid detection. (No, Tor isn't only used by criminals - but gov'ts don't care). And if they determine such software / networks could provide 99.9% anonymity, w/ no way for them to crack it or no backdoors, they'd probably outlaw it.

I don't know that it has happened w/ Tor, but it certainly has in other cases. If you want true anonymity, don't use the internet, unless you're very well educated in all things related to internet anonymity (hard for one person to do), and taking extreme, well founded measures to thwart those seeking to identify you or your location, gather info, etc. Plus, it would be a full time job constantly testing your methods & keeping up w/ newest ways others could crack your system. A handful of people might have the ability (& almost none the time) to do this.
if you send an e-mail to a non-webmail client (like Thunderbird) which does not go
via Tor, then the IP can be determined when it loads the 1x1 HTML pixel
from the website
Could you clarify the question? As Phillip mentioned, Tbird can be Torrified, but I've never been impressed or convinced that the methods are fool proof by any means. Web beacons (web bugs) can be stopped in a few ways, that is probably more reliable than any overall anonymity on the web.

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk