[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] isp monitoring tor

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] isp monitoring tor
From: Öyvind Saether <oyvinds@xxxxxxxxxxx>
Date: Tue, 7 Oct 2014 17:42:40 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 07 Oct 2014 11:43:08 -0400
In-reply-to: <N1-fSah43VDuP@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1-fSah43VDuP@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

> Sure, I understand what you mean. I'm assuming a situation that
> doesn't involve legal issues. This would be illegal surveillance,
> using average resources with your ISP supporting it for some reason.
> I think Tor would be able to handle this type surveillance if used
> correctly.
> 
> I would like to know what their procedure would be outside of
> monitoring ExitNodes. How much effort it would be to examine the
> packets and get any useful information.

I am personally NOT convinced Tor handles this kind of surveillance at
all but it depends on the threat model.

This is mine:

All (border-crossing) digital communications are by law required to be
routed through the FRA corporation[1]. This is done by my ISP and all
local ISPs because they are required to do so by law.

This means that FRA is able to monitor all end-users and all websites
and Internet services hosted within the Iron Curtain.

Is it possible that they could see that this particular pile of data
went out from webservice X and a similar pile of traffic went to
customer X? There is no way to know for sure.

You should assume that they are monitoring all ExitNodes. The local
situation is that they do not need to monitor ExitNode because they get
to see everything going from out from an ExitNode and into this country
anyway.

Using Tor makes it slightly harder for them and that is a good thing.
Just don't blindly assume they can not at minimum see parts of your
traffic because that is likely wrong.

One last little detail: I am talking about legal, mandated
surveillance. What is and is not legal in your country may also change.
I personally stopped caring about what is and is not legal a long time
ago, the local regime does not care at all. The only thing that does
matter is that you do not irritate anyone to the point where they
decide to take action against you.

[1] http://fra.se/

Attachment: signature.asc
Description: PGP signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- Re: [tor-talk] isp monitoring tor
  - From: garyr22

Prev by Author: [tor-talk] Tor Cloudflare Problem, Actual Alternative Solutions for Website owners?
Next by Author: Re: [tor-talk] Another Tor is Possible, Kane/Ksec
Previous by thread: Re: [tor-talk] isp monitoring tor
Next by thread: Re: [tor-talk] isp monitoring tor
Index(es):
- Author
- Thread