[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
From: williamwinkle@xxxxxxxxxxxxxxx
Date: Sat, 28 Jun 2014 21:38:05 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 28 Jun 2014 17:56:47 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=openmailbox.org; h=user-agent:message-id:subject:subject:from:from:date:date :content-transfer-encoding:content-type:content-type :mime-version:received:received; s=openmailbox; t=1403991485; bh=2JZF2N6OvsAPArI9G+UeevRBVrZX0WevjTc9KU3UD00=; b=LpxzKby88xgU xZEXkqAnx5qggarw/AK/GcJsDm+OWpiZb8NnVn7c/tyuGojDLMAmD/k+9GaLGwxI 7SEWy/c5Gxo7ZXXcgrpGvgojcW4Zuxr7CmWNiwOEiYSUVLp0r8EOJj/boCE/HDYs TpNEHOnFt5VMRQ2+OEacjvDYSqtnkdg=
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Roundcube Webmail/1.0.1

I recently read a Guardian article from last October(www.theguardian.com/world/2013/oct/04/tor-attacks-cnsa-users-online-anonymity)by Bruce Schneier about the N_S_A and Tor. His story was based on the"Tor Stinks" and "Egotistical Giraffe" presentations.

My understanding of the article is that if individual(s) are requestinghttp://www.target_website.com then, once the request leaves the exitnode, the N_S_A can use their Quantum servers on the Internet'sbackbones to redirect the request to their FoxAcid servers in order tocompromise the requester.


I don't understand what Schneier means by this:

"After identifying an individual Tor user on the internet, the NSA usesits network of secret internet servers to redirect those users toanother set of secret internet servers, with the codename FoxAcid, toinfect the user's computer."

Surely the whole point of Tor is that the requester ofhttp://www.target_website.com cannot be identified based on the trafficwhich leaves the exit node. Since the N_S_A would only know the IPaddress of the exit node and the destinationhttp://www.target_website.com, how can the client be identified even ifthe traffic is redirected to the FoxAcid servers?

Indeed, the previous paragraph appears to contradict the paragraphquoted above:

"The very feature that makes Tor a powerful anonymity service, and thefact that all Tor users look alike on the internet, makes it easy todifferentiate Tor users from other web users. On the other hand, theanonymity provided by Tor makes it impossible for the NSA to know whothe user is, or whether or not the user is in the US."

Therefore, the N_S_A can redirect traffic that leaves the exit node tothe FoxAcid servers but how could they send back a response to aspecific Tor user? Or have I misunderstood the article?


--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
  - From: Geoff Down
- Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
  - From: Roger Dingledine
- Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
  - From: Seth David Schoen

Prev by Author: Re: [tor-talk] multiple local proxy ports
Next by Author: [tor-talk] Can someone please help me understand section 1.10 of the rendezvous spec
Previous by thread: [tor-talk] readysim prepaid gsm - privacy focused marketing?
Next by thread: Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
Index(es):
- Author
- Thread