To Tor or not to Tor?

rysiek rysiek at hackerspace.pl
Sat Mar 22 02:52:05 PDT 2014 

Dnia sobota, 22 marca 2014 01:04:28 Scott Blaydes pisze:
> On Mar 21, 2014, at 5:04 AM, rysiek <rysiek at hackerspace.pl> wrote:
> > 1. they know when you're using Tor, and can flag you accordingly, and (for
> > 
> >   example) deliver some nastiness when (not "if"!) they get the chance,
> >   because "when you have something to hide…”
> 
> The old argument for convincing people to use crypto when they “have nothing
> to hide” was the postal analogy. Do you send your snail mail in an
> envelope? If you have nothing to hide why not use postcards? The idea is
> that if you are sending everything encrypted, when you do have something to
> hide it doesn’t stand out. Now people use envelopes for privacy and out of
> convention. If everyone did the same thing with crypto,used it for privacy
> and out of convention, intelligence agencies wouldn’t be able flag
> suspicious communications easily.
> 
> Sorry, not really a “to Tor or not to Tor” answer, but something I remember
> using in the past.

I am well aware of this argument, and I use it often. My question here is 
different: with all the info we have about Snowden, QUANTUM, etc, and with the 
number of Tor users today, AND with some Tor design choices (like: not padding 
the packets so that each packet, regardless of between which nodes it is sent 
and how many encryption layers have already beed removed -- has the same 
length, which would make it that much harder to do traffic analysis), is it 
PRACTICALLY REALLY better to use Tor, OR does it get people flagged and 
exploited in other ways?

For Joe Schmoe, is it better to use Tor, or to hide in the noise?

I guess one part of the question is the fact that NSA probably doesn't really 
have to break encryption, they just need info on who is communicating with 
whom, exploit one of these endpoints and get all the unencrypted logs, data, 
etc they want.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140322/0bef1665/attachment-0002.sig>

More information about the cypherpunks mailing list