[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] German police keylogger analysis (and the effects on Tor are....?)



On 2011-10-13 13:40 , andrew@xxxxxxxxxxxxxx wrote:
> On Wed, Oct 12, 2011 at 11:39:12PM -0700, williamwrightman@xxxxxxxxx
> wrote 1.1K bytes in 24 lines about: : Keyloggers would, I assume,
> defeat the whole purpose of Tor since the URL would be recorded and
> sent to the fedz.
> 
> If you lose control over your local computer, tor cannot help you.
> If the attacker can see every keystroke you enter, you've lost. I'm
> not sure if this is true for onscreen keyboards as well.

If the adversary is taking a video or a high enough rate of screenshots
then they should be able to catch what keys are being pressed, it does
make it a bit harder.

As you said though, if you are locally attacked, you already lost.
But like always, just depends on what you are protecting against.

> If the German customs agents took your computer away from you at a 
> border, you should assume the worst case and no longer trust your OS
> nor hardware. It's possible tails may help here, but depending upon
> hardware vs. software (bios firmware) attacks, the computer may not
> be trustworthy at all. If the bios is infected, tails cannot help.

Traveling with throw-away hardware is therefor always a good idea if you
want to keep your stuff secure. The US also has the nasty policy of
effectively placing you in a no-law-zone before immigration.

Again, all depends on what one is protecting against and how paranoid
one is ;)

Greets,
 Jeroen
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk