----- Forwarded message from Jesse Victors <jvictors@jessevictors.com> ----- Date: Tue, 08 Oct 2013 13:23:48 -0600 From: Jesse Victors <jvictors@jessevictors.com> To: tor-relays@lists.torproject.org Subject: [tor-relays] NSA's "Tor Stinks" Message-ID: <52545BC4.3020106@jessevictors.com> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0 Reply-To: tor-relays@lists.torproject.org I recently ran across several articles related to the NSA's attempts at cracking Tor and de-anonymizing its users. They are after terrorists and other individuals who seek to do harm of course, but their work obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities. So far, it appears that the cryptographic standards and protocols implemented by the Tor devs appear to be holding, which I find interesting. The NSA has been trying other methods to figure out Tor, including identifying and then infecting user machines, trying to control/hijack the Tor network, or by influencing the network as a whole, and they've had a very small amount of success, but not much. One thing that was especially interesting to me (and I expect to everyone on this mailing list) is that they are trying to control more relays via cooperation or direct access, which can then be used for timing attacks or disruptions to the users. They are also trying to shape traffic to friendly exits. For anyone interested, I would highly recommend these links: http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-pres... http://www.bbc.co.uk/news/technology-24429332 http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-enc... Also, from http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-int... it appears that their opinion of Tails is that it "adds severe CNE misery to [the] equation". These are all highly informative articles, and it appears that Tor is remaining resilient to their efforts, as long as people (including relay/exit operators) use the latest software, remain aware that Tor doesn't protect them in all aspects, and as long as there are enough non-NSA relays and exits (we need more!) such that everything they see still remains encrypted and anonymous. Interesting I say. Jesse V. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5