[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Network diversity [was: Should I warn against Tor?]

On Fr, Jul 19 2013, Gregory Maxwell wrote:
On Fri, Jul 19, 2013 at 10:03 AM, Jens Lechtenboerger <tortalk@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
but going much further than that may well decrease your security.

How, actually? Iâm aware that what Iâm doing is a departure from network diversity to obtain anonymity. Iâm excluding what I consider unsafe based on my current understanding. It might be that in the end Iâll be unable to find anything that does not look unsafe to me. I donât know what then.

Because you're lowering the entropy of the nodes you are selecting maybe all the hosts themselves are simply NSA operated, or if not now, they be a smaller target to compromise.

I donât buy the entropy argument. If the NSA compromises Tor nodes, wouldnât they target as many nodes as possible, regardless of guard selection strategies?

Note that Iâm avoiding guards that they can monitor without having compromised them.

Maybe it actually turns out that they all use a metro fiber provider in munich which is owned by an NSA shell company.

What are the implications then? All metropolitan area customer data of that provider turned over to the NSA? As I wrote a couple of minutes ago on this list: If that happens everywhere in Germany, I donât see a technical solution, just political ones.

In Germany this may not be much of a risk. But if your logic is applied to someplace that is less of a hotbed of Tor usage it wouldn't be too shocking if all the nodes there were run by some foreign intelligence agency.

Exactly.  Citizens there would be driven by other motives than me.
First, they would need to figure out whether they worry more about their own government or about foreign ones. Then they need to decide whether Tor can help and, if so, what nodes to avoid.

Best wishes Jens
tor-talk mailing list