[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Traffic retention of TOR-Relays in Denmark

On Friday, July 15, 2011 10:05:36 AM bemoo129@xxxxxxxxxxxx wrote:
> Hello,
> recently I read about the danish law to log every 500. IP-Packet,
> which is on wire between Customer and ISP. Allthough this Law
> doesnt affect hostet Servers, i thin it is dangerous for Tor-Relays
> which run on a normal PC at home.
> What do you think abou this? If very much Packets from Tor-Servers
> are logged due this law, are danish-Tor servers now very unsecure?

Let's take this apart into some easy to digest pieces.  

First, I belive the law is to record IP packet header information, not the 
contents themselves.  While this is bad, it's the basis of traffic analysis and 
exactly one scenario in which Tor can defend the user. In part, I'm basing my 
understanding of this law from 

The logs of a connection running a non-exit relay or bridge are going to only 
see encrypted traffic to and from the home computer.  The logged packets may 
show someone using Tor, but the traffic contained within is still encrypted. The 
connections will between Tor user and Tor relay, and Tor relay to Tor relay.  
Currently, Tor does not try to hide that you are using Tor.  Tor doesn't 
scream 'I'm using Tor', but at the same time, if your adversary is looking 
really closely, they can deduce you are using Tor.  The good news is that 
we're working on pluggable transports and obfuscating proxies to hide the fact 
that you are using Tor.  

The logs of a connection running an exit relay is going to see encrypted traffic 
from other relays and whatever traffic exited from itself to a destination.  The 
logs will record lots of traffic from people other than the ISP subscriber.  
Some small percentage of this data may be illicit, as defined by local laws.  
This is the same risk for exit relays now.  

Other information about protections tor provides against an adversary 
recording your traffic can be found at 

pgp 0x74ED336B
tor-talk mailing list