Dnia wtorek, 25 marca 2014 18:49:10 coderman pisze:
correct, an IP alone insufficient to impersonate a Tor node. you would also need key material.
Ok, I was not being very clear what I meant. I meant a situation in which the NSA can listen-in on any connection in the clearnet, including connections between Tor nodes. They *can't* break the encryption nor do they have the keys... ...*But* (esp. if most of these nodes are in the US) they *can* observe that in sequence there are packets being sent between IP1, IP2, IP3 and IP4, and that these packets get smaller at each step, in a way that is coherent with removing layers of Tor encryption. What they can get from that is information; IP1 is communicating via Tor with IP4. So now they know whom to target with QUANTUM when they'd be using clearnet for something. Tor encryption gets less relevant if NSA gets access to the endpoints via other means, and for that they need to know whom to target. Observing packets flying between Tor nodes can give them that info -- at least that's a suggestion somebody made elsewhere. So my question is, does that make sense? Is that a viable threat? -- Pozdr rysiek