[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Does my ISP know I'm using Tor?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Does my ISP know I'm using Tor?
From: tagnaq <tagnaq@xxxxxxxxx>
Date: Wed, 15 Jun 2011 23:12:12 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 15 Jun 2011 17:12:49 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=0Vcj76zvkD607I/Uw4zqVjTEq/Tnw072Vem95pz3e9U=; b=Mljziw0ILD/ijGL6Ufpws5Iz551HtnaEiNW9kGi23B5/S9/HTxQv/3fRGpe+GpfjQ5 Q9DtdZQBCbufBomc0HUlRNmkjqlD866oWmj53eE9pQDy0cZ9McbybeD78o5GYFt+Relv L8lmtCKabJuW9yUJ/aOiQrkGe5RI+IgvhUAwM=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; b=wMqQX5cNj9GlfTn4Eg5AKbBw1zYzXaJoA5r2qIg3kotMYLyK6AXxViKo5nSBbEwU2M BbTYpVX3K+w5HQboIi+GHdgXYSmvhumH+OcGnQULwMEqmXpRPagA/HYIEWb95eRx3iBQ Fm447QT9a4bJdg3a8dBRv/RxUSia1BVR2TytI=
In-reply-to: <20110615001829.GA9193@shadowsquid>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1308095431.31850.1463212245@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20110615001829.GA9193@shadowsquid>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

>> Does my ISP know I'm using Tor?
> 
> Very short answer: Yes.
> 
> If your ISP would check, they would know, unless you're using
> bridges.
> 
> The more technical explanation is this: Unless you're using bridges,
> you are connecting to a server from a publicly available list. If you
> would like to check that one out, you could open 
> http://torstatus.blutmagie.de. Even if you are using bridges, it is
> technically possible, albeit rather hard (you need DPI for that one,
> probably), to determine that someone is using Tor.

If you are unlucky and your ISP actually cares, he probably does it the
chinese way: Fetch as many bridges as possible to detect as many bridge
user as they can.

>> Does my ISP know what information I'm looking at while using Tor?
>> Let's say I use DuckDuckGo to search for suppliers of Silly String.
>> I click on a link in the search results that takes me to
>> SillyStringSupplier.com
>> 
>> Does my ISP know what I was looking for and where I went?
>> 
> 
> No. That's what Tor is good for - your ISP knows _only_ that you are 
> connecting to a Tor node to do an encrypted transmission. It doesn't 
> know where you're connecting to and also can't read the content of
> the communication.

I think 'No.' is quite a strong wording here because it seams to imply
certainty. I'd like to add some uncertainty to it to rise awareness.
Awareness should help avoid dangerous situations or at least
detect/recognize them.
If you are unlucky and using an exit relay run by your ISP, this would
mean your ISP is in the position of seeing some of your traffic (by
correlation of input+output).
'some' because you won't use the same exit all the time.
How much 'some' actually is, is influenced by the bandwidth (and other
facts) of the ISP exit (if there is one).

Tor does not aim to protect against such a powerful adversary.
https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#Whatattacksremainagainstonionrouting



- --
52ecf9e2190d42846510587a1543883ab6aa5fbb1e44155263ab1536730b589e

-----BEGIN PGP SIGNATURE-----

iF4EAREKAAYFAk35ICwACgkQyM26BSNOM7bW7wD/TNQ+Nv9OGVXuSAlSui44XKwq
yBcgTNiW28N+8kS+9AkA/A4V4XP/0J3XPTFZdnhZAjez74UKaGcoIVUXNJVDEq4f
=7cv6
-----END PGP SIGNATURE-----
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Does my ISP know I'm using Tor?
  - From: andre76
- Re: [tor-talk] Does my ISP know I'm using Tor?
  - From: Manuel

Prev by Author: Re: [tor-talk] Torbutton: 'Disable Updates During Tor' - Option
Next by Author: [tor-talk] ControlPort "read-only" access?
Previous by thread: Re: [tor-talk] Does my ISP know I'm using Tor?
Next by thread: [tor-talk] Good email services?
Index(es):
- Author
- Thread