[tor-relays] NSA's "Tor Stinks"

Eugen Leitl eugen at leitl.org
Mon Oct 14 02:18:33 PDT 2013


----- Forwarded message from Jesse Victors <jvictors at jessevictors.com> -----

Date: Tue, 08 Oct 2013 13:23:48 -0600
From: Jesse Victors <jvictors at jessevictors.com>
To: tor-relays at lists.torproject.org
Subject: [tor-relays] NSA's "Tor Stinks"
Message-ID: <52545BC4.3020106 at jessevictors.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0
Reply-To: tor-relays at lists.torproject.org


I recently ran across several articles related to the NSA's attempts at
cracking Tor and de-anonymizing its users. They are after terrorists and
other individuals who seek to do harm of course, but their work
obviously has implications into other Tor users, the vast majority of
whom use Tor for legal and proper activities. So far, it appears that
the cryptographic standards and protocols implemented by the Tor devs
appear to be holding, which I find interesting. The NSA has been trying
other methods to figure out Tor, including identifying and then
infecting user machines, trying to control/hijack the Tor network, or by
influencing the network as a whole, and they've had a very small amount
of success, but not much. One thing that was especially interesting to
me (and I expect to everyone on this mailing list) is that they are
trying to control more relays via cooperation or direct access, which
can then be used for timing attacks or disruptions to the users. They
are also trying to shape traffic to friendly exits. For anyone
interested, I would highly recommend these links:
http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
http://www.bbc.co.uk/news/technology-24429332
http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption

Also, from
http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-internet-anonymity
it appears that their opinion of Tails is that it "adds severe CNE
misery to [the] equation". These are all highly informative articles,
and it appears that Tor is remaining resilient to their efforts, as long
as people (including relay/exit operators) use the latest software,
remain aware that Tor doesn't protect them in all aspects, and as long
as there are enough non-NSA relays and exits (we need more!) such that
everything they see still remains encrypted and anonymous. Interesting I
say.

Jesse V.




_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5



More information about the cypherpunks mailing list