On Sun, Oct 10, 2021, 2:03 AM Peter Fairbrother <peter@tsto.co.uk> wrote:
On 10/10/2021 [offlist] wrote:
 > If the US is compromised by 100%, Tor would not work at all, right?

For providing reliable anonymity against the US and UK government
agencies in the form of the NSA and GCHQ, yes, Tor is completely useless.

But please don't use anything less.  Your web browsing is private, and it is appropriate that somebody should need to have probable cause and work hard to monitor and log it.

Against a lesser adversary, well there are many other possible attacks
against Tor's anonymisation - I particularly liked the hitting set
attack - and I don't keep up in detail, so while Tor probably provides
some protection I don't really know how much.



There is another factor to consider though - the best position for a
code-breaking agency to be in is if they can break the code but
everybody else thinks they can't and so continues using the broken code.

That is pretty much the position of USG/NSA with respect to Tor, which
is why USG fund 80% of it. [4]

The phrase "bodyguard of lies" comes in here, as does eg subsection
56(1) of the UK's Investigatory Powers Act 2016, see [5] below (you can
tell a lot about what spy agencies are doing by studying the relevant
legislation)

The result of this that while NSA and GCHQ may know, they aren't
necessarily going to tell anybody, at least not about the routine stuff.

Even in Bin-Laden-hunt situations the most they might say is that they
got some chatter (or whatever the current circumlocution is) indicting
some intelligence may be correct or a direction for investigation.

As for dumping everything they know about eg dark nets to the FBI or
local cops, it ain't likely to happen soon. Though it might, one day..

Incidentally that's why other agencies like the FBI and the NCA in the
UK at least apparently, and probably actually, do the work which leads
to criminal convictions on darknets.

I suspect they get a little "help" from the code guys, like "you can't
use that in court" or maybe "try looking in a different direction".





[4] It also has the to-them benefit: "to aid democracy advocates in
authoritarian states" while they can still tell who is who, if not
(mostly) what is said. To do this it has to provide some level of
protection against lesser adversaries, though that may not be a very
high level. cf the anonymity of Afghan translators who worked for the
British Army...


[5] (1)No evidence may be adduced, question asked, assertion or
disclosure made or other thing done in, for the purposes of or in
connection with any legal proceedings or Inquiries Act proceedings which
(in any manner)—

(a)[...]

(b)tends to suggest that any interception-related conduct has or may
have occurred or may be going to occur.



[6] #TOR FAQ: Criminals can already do bad things. Since they're willing
to break laws, they already have lots of options available that provide
better privacy than Tor provides....

Tor aims to provide protection for ordinary people who want to follow
the law. Only criminals have privacy right now, and we need to fix that....

So yes, criminals could in theory use Tor, but they already have better
options, and it seems unlikely that taking Tor away from the world will
stop them from doing their bad things.

At the same time, Tor and other privacy measures can fight identity
theft, physical crimes like stalking, and so on.



 > What about connection, cell padding? Does it help to reduce the
matching success?

As I have said I'm not totally up-to-date on Tor, but probably not much.

Peter Fairbrother


On Sun, Oct 10, 2021, 2:03 AM Peter Fairbrother <peter@tsto.co.uk> wrote:
On 10/10/2021 [offlist] wrote:
 > If the US is compromised by 100%, Tor would not work at all, right?

For providing reliable anonymity against the US and UK government
agencies in the form of the NSA and GCHQ, yes, Tor is completely useless.

Against a lesser adversary, well there are many other possible attacks
against Tor's anonymisation - I particularly liked the hitting set
attack - and I don't keep up in detail, so while Tor probably provides
some protection I don't really know how much.



There is another factor to consider though - the best position for a
code-breaking agency to be in is if they can break the code but
everybody else thinks they can't and so continues using the broken code.

That is pretty much the position of USG/NSA with respect to Tor, which
is why USG fund 80% of it. [4]

The phrase "bodyguard of lies" comes in here, as does eg subsection
56(1) of the UK's Investigatory Powers Act 2016, see [5] below (you can
tell a lot about what spy agencies are doing by studying the relevant
legislation)

The result of this that while NSA and GCHQ may know, they aren't
necessarily going to tell anybody, at least not about the routine stuff.

Even in Bin-Laden-hunt situations the most they might say is that they
got some chatter (or whatever the current circumlocution is) indicting
some intelligence may be correct or a direction for investigation.

As for dumping everything they know about eg dark nets to the FBI or
local cops, it ain't likely to happen soon. Though it might, one day..

Incidentally that's why other agencies like the FBI and the NCA in the
UK at least apparently, and probably actually, do the work which leads
to criminal convictions on darknets.

I suspect they get a little "help" from the code guys, like "you can't
use that in court" or maybe "try looking in a different direction".





[4] It also has the to-them benefit: "to aid democracy advocates in
authoritarian states" while they can still tell who is who, if not
(mostly) what is said. To do this it has to provide some level of
protection against lesser adversaries, though that may not be a very
high level. cf the anonymity of Afghan translators who worked for the
British Army...


[5] (1)No evidence may be adduced, question asked, assertion or
disclosure made or other thing done in, for the purposes of or in
connection with any legal proceedings or Inquiries Act proceedings which
(in any manner)—

(a)[...]

(b)tends to suggest that any interception-related conduct has or may
have occurred or may be going to occur.



[6] #TOR FAQ: Criminals can already do bad things. Since they're willing
to break laws, they already have lots of options available that provide
better privacy than Tor provides....

Tor aims to provide protection for ordinary people who want to follow
the law. Only criminals have privacy right now, and we need to fix that....

So yes, criminals could in theory use Tor, but they already have better
options, and it seems unlikely that taking Tor away from the world will
stop them from doing their bad things.

At the same time, Tor and other privacy measures can fight identity
theft, physical crimes like stalking, and so on.



 > What about connection, cell padding? Does it help to reduce the
matching success?

As I have said I'm not totally up-to-date on Tor, but probably not much.

Peter Fairbrother