[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Escape NSA just to enter commercial surveillance?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Escape NSA just to enter commercial surveillance?
From: Andreas Krey <a.krey@xxxxxx>
Date: Thu, 14 Jan 2016 22:37:25 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 14 Jan 2016 16:37:42 -0500
In-reply-to: <5697da42.d4658c0a.b6db6.fffff758@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <5697D3CA.9000803@xxxxxxxxxxx> <5697da42.d4658c0a.b6db6.fffff758@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.4.2.1i

On Thu, 14 Jan 2016 14:25:20 +0000, juan wrote:
...
> 	Of course. It's absurd. There's nothing hidden about
> 	facebook's location so a 'hidden' service is...nonsense.

You're attacking the name instead of the content.

Accessing facebook via the onion service means that you
know you're talking to facebook directly; using facebooks
via either tor or directly exposes you to the risk of
being MITM'd, including faked SSL certs.

Even if the NSA is capable of brute forcing the onion key
facebook itself could build a canary by trying to access
its own onion service. If the connection ending back up
with them has strange properties they know something
is wrong.

...
> > NSA would immediately command Facebook to offer the related user
> > identification.
> 
> 	...assuming facebook isn't already fowarding relevant data in
> 	real time, all of the time...

Facebook doesn't necessarily have identifying information on
their users.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Escape NSA just to enter commercial surveillance?
  - From: juan

References:
- [tor-talk] Escape NSA just to enter commercial surveillance?
  - From: Markus Hitter
- Re: [tor-talk] Escape NSA just to enter commercial surveillance?
  - From: juan

Prev by Author: Re: [tor-talk] Funding Tor Development trough Referral/Affiliate Marketing
Next by Author: Re: [tor-talk] How stream separation across multiple circuits can be implemented?
Previous by thread: Re: [tor-talk] Escape NSA just to enter commercial surveillance?
Next by thread: Re: [tor-talk] Escape NSA just to enter commercial surveillance?
Index(es):
- Author
- Thread