On Mon, 29 Nov 2010, Justin Bull wrote:
On Mon, Nov 29, 2010 at 5:56 PM, J.A. Terranson <measl@mfn.org> wrote:
Tor has been in LEA (FBI++) sights for a long time now - just as the remailer system was under heavy scrutiny before it. I have zero doubt that the fedz run many nodes.
As a beginner in the crypto field, I thought Tor was actually quite secure. Seeing that is not the case, what is regarded as a safe, anonymous browsing practise? And, as far as I know, monitoring an exit node only reveals the destination address, not the sender... Is that really a security issue?
Certainly, however, that's not something Tor is really designed to mask - Tor is designed to mask the people requesting services via Tor. While Tor is likely quite secure in most respects, good intelligence does not necessarily require that the content of any request be known: there are many facets to any communication, and things like the existence of a particular target is certainly usable intel. Tor is designed to inhibit a number of attacks, including traffic analysis, but there is *no* absolute guarantee that every possible attack is known, or even just coded for. If your life relies on anonymity services, you will likely be a whole lot more careful than if it's seen as something you "merely provide to others on extra bandwidth". //Alif -- "Never belong to any party, always oppose privileged classes and public plunderers, never lack sympathy with the poor, always remain devoted to the public welfare, never be satisfied with merely printing news, always be drastically independent, never be afraid to attack wrong, whether by predatory plutocracy or predatory poverty." Joseph Pulitzer, 1907 Speech