[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

  They are identified as a person of interest by visiting
  target_website.com (where target_website.com might be an
  site or a webmail box that has attracted attention) and
 then *in real
  time* code injection and redirection can be used to attack
 the person's
  computer. So 'identifying an individual Tor user' means
 'identifying as
  a person of interest, new or previously encountered but not

But how can the person's computer be identified since all that is seen is the connection between the exit node and the destination target_website.com

The point, surely, is that real time code injection should not be possible since no-one can trace the connection from the exit node back to the user.

I am not saying that the user cannot be traced e.g. if he logs into his own webmail account via Tor; I am saying that the trace should not occur due to the Tor network. 

Does this make sense?
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to