To Tor or not to Tor?
Nathan Loofbourrow
njloof at gmail.com
Fri Mar 21 04:06:53 PDT 2014
Can't speak to the 2nd part, but to the first: in the US, for example, the number of active Tor users is in the hundreds of thousands, so you stand out but not much.
On the other hand, even at the height of the protests in Egypt there were at most 1500 Tor users in the whole country. That's a lot of doors to knock on but not prohibitively many.
n
> On Mar 21, 2014, at 3:04, rysiek <rysiek at hackerspace.pl> wrote:
>
> Hi there,
>
> As I am running a local cryptoparty and do a lot of basic encryption/privacy
> talks and workshops, I am often recommending Tor as one of the means of
> protecting one's privacy and yes, even security (for example, by running a
> hidden service and making it possible for users not to leave the darknet).
>
> Of course it's far from being enough, and I make that very clear.
>
> But lately I got to wonder if using Tor does more harm than good? If the NSA
> can impersonate any IP on the planet, they can impersonate any Tor node; tis
> has two important consequences:
>
> 1. they know when you're using Tor, and can flag you accordingly, and (for
> example) deliver some nastiness when (not "if"!) they get the chance,
> because "when you have something to hide..."
>
> 2. they can guess with high probability whom are you communicating with; they
> don't have to break encryption, it's enough they listen-in and see that a
> Tor packet from your IP to Node A is x bytes; a packet from Node A to Node
> B is x-( header + Tor encryption layer size ) bytes, and so on.
>
> So, is using Tor today doing more harm than good? Would ordinary Joe Schmoes
> be far better of not using Tor? How about more high-profile targets, like
> activists/hacktivists, etc?
>
> --
> Pozdr
> rysiek
More information about the cypherpunks
mailing list