[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Off topic. What's the extent of the spying
At 04:30 PM 7/9/2013 -0400, you wrote:
>> Can they meaningfully browse all the data?
>
>De-anonymizing does not necessarily mean being
>able to read the content, only about establishing
>the network. Network analysis is powerful on its own.
>But without the content or other metrics it could just be chat
>about the weather. Tor encrypts the content traversing its
>network even while one or both endpoints become known.
Sorry, my bad. I wasn't very clear. What I'm wondering (first) is if the US gov't and its accomplices can analyze clearnet traffic with enough accuracy to know what (virtually all) users(or at least IP addys) are doing. Can they for instance pick a residential IP address from a city in japan or germany or thailand, and know what the user is doing? (downloading porn, chatting on irc...using Tor...etc). I'm assuming that's something that 'local' ISPs can trivially do? So, what about the NSA?
>Perhaps the next big leak in a few years will be the status of
>agency capabilities against RSA and AES.
>
>> - They have already broken tor but dont confess, being happy to gather even all traffic from those who believe they would be anonymous in the net.
>>
>> - They say: OK, we cant get that network under real control but its useful because we can benefit from that, so keep it up accepting that some are able to hide their activities.
>
>The answer as usual is probably a bit of both depending
>on how busy things are and the sort of traffic traversing
>and what specific is being attacked against.
>In regards to finding a client in course of casual browsing...
>that seems hard to de-anon. And it seems pretty clear that
>hidden services are not as near as immune to locating as
>formerly thought... protocol weaknesses exploited by non-PA's,
>or simply a PA repeatedly fetching something and watching
>their observation net for the pattern... though we have yet to
>see any news of either of these being used in the real world.
>_______________________________________________
>tor-talk mailing list
>tor-talk@xxxxxxxxxxxxxxxxxxxx
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk