On 11/25/2019 09:45 PM, Punk-Stasi 2.0 wrote:
On Mon, 25 Nov 2019 20:56:09 -0700 Mirimir <mirimir@riseup.net> wrote:
On 11/25/2019 08:07 PM, Punk-Stasi 2.0 wrote:
On Tue, 26 Nov 2019 00:58:09 +0000 Peter Fairbrother <peter@tsto.co.uk> wrote:
It should be noted that NSA do not say they can break TOR in practice, and afaik there is no evidence that they have.
yeah, the NSA can't break tor but some random university can
https://www.vice.com/en_us/article/d7yp5a/carnegie-mellon-university-attacke...
That bug was patched. But there obviously could be others. And the NSA does tend to stockpile 0days.
Also, one wonders how long the NSA etc had used the bug that CMU exploited.
here, yet another attack
https://www.freehaven.net/anonbib/cache/circuit-fingerprinting2015.pdf Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Services
and the introduction to that article states
"over the past few years, hidden services have witnessed various active attacks in the wild [12, 28], resulting in several takedowns [28]"
but hey, the nsa can't break tor..
That's why it's prudent for users and onion sites to hit Tor via nested VPN chains.