[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor users are not anonymous

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor users are not anonymous
From: Eugen Leitl <eugen@xxxxxxxxx>
Date: Fri, 6 Sep 2013 15:27:20 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 06 Sep 2013 09:41:40 -0400
In-reply-to: <20130906124606.GC12966@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20130905222239.GA5392@xxxxxxxx> <CAHQVkteqchJcXxpnQ4GrSjG4L4LFkjDTHvbiKcrKmJUJWTt3YA@xxxxxxxxxxxxxx> <20130906120457.GD29404@xxxxxxxxx> <20130906124606.GC12966@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)

On Fri, Sep 06, 2013 at 02:46:06PM +0200, Andreas Krey wrote:
> On Fri, 06 Sep 2013 14:04:58 +0000, Eugen Leitl wrote:
> ...
> > 
> > I wouldn't use TrueCrypt. Use open source tools (this includes the OS).
> 
> Is there a connection between the two sentences? TrueCrypt is open source,
> so why wouldn't you use it?

I might have been too paranoid about TrueCrypt (while we don't
know the details yet, we know that certain proprietary and open source
products as well as protocols and algorithms have been deliberately 
weakened by the NSA) as Snowden and Schneier seem to trust it but I 
went for dm-crypt instead of TrueCrypt for a new Debian install, for 
multiple reasons (history, license, mainline, full disk encryption 
support). 

If you're running a proprietary system, the weakest link will be
likely elsewhere.

For extra layers of tinfoilhattery you'd have to modify the hardware
(e.g. a FireWire port is wide open to a DMA attack, proprietary
blobs are a no-no for a trusted system, etc), but few people
bother to go that far, and if you're under that targeted a scrutiny
you have to bother about physical access you're somewhat screwed
already.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Tor users are not anonymous
  - From: grarpamp

References:
- [tor-talk] Tor users are not anonymous
  - From: sigi
- Re: [tor-talk] Tor users are not anonymous
  - From: Nathan Suchy
- Re: [tor-talk] Tor users are not anonymous
  - From: Eugen Leitl
- Re: [tor-talk] Tor users are not anonymous
  - From: Andreas Krey

Prev by Author: Re: [tor-talk] Tor users are not anonymous
Next by Author: [tor-talk] [Cryptography] 1024 bit DH still common in Tor network
Previous by thread: Re: [tor-talk] Tor users are not anonymous
Next by thread: Re: [tor-talk] Tor users are not anonymous
Index(es):
- Author
- Thread