Can't speak to the 2nd part, but to the first: in the US, for example, the number of active Tor users is in the hundreds of thousands, so you stand out but not much. On the other hand, even at the height of the protests in Egypt there were at most 1500 Tor users in the whole country. That's a lot of doors to knock on but not prohibitively many. n
On Mar 21, 2014, at 3:04, rysiek <rysiek@hackerspace.pl> wrote:
Hi there,
As I am running a local cryptoparty and do a lot of basic encryption/privacy talks and workshops, I am often recommending Tor as one of the means of protecting one's privacy and yes, even security (for example, by running a hidden service and making it possible for users not to leave the darknet).
Of course it's far from being enough, and I make that very clear.
But lately I got to wonder if using Tor does more harm than good? If the NSA can impersonate any IP on the planet, they can impersonate any Tor node; tis has two important consequences:
1. they know when you're using Tor, and can flag you accordingly, and (for example) deliver some nastiness when (not "if"!) they get the chance, because "when you have something to hide..."
2. they can guess with high probability whom are you communicating with; they don't have to break encryption, it's enough they listen-in and see that a Tor packet from your IP to Node A is x bytes; a packet from Node A to Node B is x-( header + Tor encryption layer size ) bytes, and so on.
So, is using Tor today doing more harm than good? Would ordinary Joe Schmoes be far better of not using Tor? How about more high-profile targets, like activists/hacktivists, etc?
-- Pozdr rysiek