[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How to find trust nodes?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] How to find trust nodes?
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Wed, 27 Sep 2017 16:35:39 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 27 Sep 2017 16:36:36 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=OLPqeqh5JsFju6ismJKs6prYjdYlgyRcogvZ+zku6ek=; b=qp7Dp5K3IEMgIj1LNtpSlcsXUKL9Xy7YDki+hhcmY3StO2Tns/9TaCt92p0kipNG9X nHEwTaWEQN9+JK+julwodOy7+TSOWHJeEUtVZ0ikCW2HwcbfrKFMg/uGIaqQC/7DVGoD dbMChXwQqgRhFixVeo1Z4Rm5jOaDYoQrohAk7USnJ10jtFpUAmfbZDgsS+QZEF/YWMfB d1XivETeSeLcMXhrrIMZR5QhbJe5aTTz8bkSp0XspI4SANYwYlp/Z1HZkU+4+T2rTr/f GLbjREKObRADce6yIkMXrhz5gNofpT8MX5o+OIzYngtFc4Fs/BxX4QWME6dnNR/ZfTAS L4kA==
In-reply-to: <814881442.11470642.1506539073127@mail.yahoo.com>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <814881442.11470642.1506539073127.ref@mail.yahoo.com> <814881442.11470642.1506539073127@mail.yahoo.com>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Wed, Sep 27, 2017 at 3:04 PM, Jason Long <hack3rcon@xxxxxxxxx> wrote:
> How can I sure a Tor node that I connected to it is secure and is not a NSA or CIA node?

Go meet the operator and conduct an anal probe on them
far more intensive and long running than an SF-86 SSBI.
Parallel to that, go image the node, try to find reproducible
source code version to it, and pay $1M for a full audit.
Then go ask Intel / AMD about what's really inside their chips.
Then verify if the chips in the box are what rolled off the fab.

Or note improved odds with tor's multiple hops, plus user
opsec and defense in depth, pursuant to reading whitepapers
detailing exploits against tor and your entire stack and usage.

A non generic answer depends on your use case and
threat model. Once you can articulate those, you'll be
closer to finding an answer. Without them, we probably
aren't able to be of much help.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] How to find trust nodes?
  - From: Petrusko

References:
- [tor-talk] How to find trust nodes?
  - From: Jason Long

Prev by Author: Re: [tor-talk] How to find trust nodes?
Next by Author: Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation
Previous by thread: Re: [tor-talk] How to find trust nodes?
Next by thread: Re: [tor-talk] How to find trust nodes?
Index(es):
- Author
- Thread