[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
From: Geoff Down <geoffdown@xxxxxxxxxxxx>
Date: Mon, 30 Jun 2014 23:33:15 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 30 Jun 2014 18:41:42 -0400
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=fastmail.net; h= message-id:from:to:mime-version:content-transfer-encoding :content-type:in-reply-to:references:subject:date; s=mesmtp; bh= Y4dONBvru0fRSZJtH9Vj492At7c=; b=WyhLlvthLPOJl3FJGSaF5XN3BLNUEbnp 98EC5Jo9bkQoMH/Ui1IsVy4wlG0ajHzifKCAdHFCvSFcBHes3IIcMNdiXEU8mg9+ 3vfgaaQwuyDhY9/6m0Xz9zP4cFw6BudvtyS5j60lj6dPL32i+h0d9/uOYVEdwSSM yZFdARZP51k=
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=Y4dONBvru0fRSZJtH9Vj492At7c=; b=pjW 6p96bJpBMLHaCd5Jxpl7VhQRn52tZS583wLJEhpR9IbtgfXqufZXMucB/BxuKjTP u0h+9sy4rAY7uQUxd/Vztec4NQ7e+96CBbu07DKadYBnDJSxO7xWWGZMOkKqeM/r t4lmHVs/XvQ9Qtgc2L1C0SLMhcpFhIDJ6NbBsVq0=
In-reply-to: <1404162914.91055.YahooMailBasic@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1404162914.91055.YahooMailBasic@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Mon, Jun 30, 2014, at 10:15 PM, Bobby Brewster wrote:

> 
> But how can the person's computer be identified since all that is seen is
> the connection between the exit node and the destination
> target_website.com
> 
> The point, surely, is that real time code injection should not be
> possible since no-one can trace the connection from the exit node back to
> the user.
> 

 If the code is injected between the target_website.com and the exit
 node, the exit node will relay it faithfully back through the Tor
 network to the client.
It's all just bytes to Tor.

> I am not saying that the user cannot be traced e.g. if he logs into his
> own webmail account via Tor; I am saying that the trace should not occur
> due to the Tor network. 

The trace doesn't take place through the Tor network: the malware placed
on the target person's computer can call home over the clearnet (this is
where Tails/Whonix/VMs come in as a second line of defense); or the
cookies injected can end up being sent to another site that the target
visits which helps link them to an identity or pseudonym (good cookie
hygiene is some small help).
GD

-- 
http://www.fastmail.fm - Accessible with your email software
                          or over the web

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
  - From: Bobby Brewster

Prev by Author: Re: [tor-talk] torbirdy default settings
Next by Author: Re: [tor-talk] canvas fingerprinting
Previous by thread: Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
Next by thread: Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
Index(es):
- Author
- Thread