To Tor or not to Tor?

APX 808 apx.808 at gmail.com
Tue Mar 25 08:02:33 PDT 2014 

On Mar 21, 2014, at 5:04 AM, rysiek <rysiek at hackerspace.pl> wrote:

> If the NSA can impersonate any IP on the planet, they can impersonate any
Tor node.

Shouldn't they have the node's private key too?
Just having the IP they would receive encrypted traffic, they wouldn't be
able to route it, your communication would fail and another TOR circuit
would be used.


Cheerz
http://apx808.blogspot.com


On Sat, Mar 22, 2014 at 6:52 AM, rysiek <rysiek at hackerspace.pl> wrote:

> Dnia sobota, 22 marca 2014 01:04:28 Scott Blaydes pisze:
> > On Mar 21, 2014, at 5:04 AM, rysiek <rysiek at hackerspace.pl> wrote:
> > > 1. they know when you're using Tor, and can flag you accordingly, and
> (for
> > >
> > >   example) deliver some nastiness when (not "if"!) they get the chance,
> > >   because "when you have something to hide..."
> >
> > The old argument for convincing people to use crypto when they "have
> nothing
> > to hide" was the postal analogy. Do you send your snail mail in an
> > envelope? If you have nothing to hide why not use postcards? The idea is
> > that if you are sending everything encrypted, when you do have something
> to
> > hide it doesn't stand out. Now people use envelopes for privacy and out
> of
> > convention. If everyone did the same thing with crypto,used it for
> privacy
> > and out of convention, intelligence agencies wouldn't be able flag
> > suspicious communications easily.
> >
> > Sorry, not really a "to Tor or not to Tor" answer, but something I
> remember
> > using in the past.
>
> I am well aware of this argument, and I use it often. My question here is
> different: with all the info we have about Snowden, QUANTUM, etc, and with
> the
> number of Tor users today, AND with some Tor design choices (like: not
> padding
> the packets so that each packet, regardless of between which nodes it is
> sent
> and how many encryption layers have already beed removed -- has the same
> length, which would make it that much harder to do traffic analysis), is it
> PRACTICALLY REALLY better to use Tor, OR does it get people flagged and
> exploited in other ways?
>
> For Joe Schmoe, is it better to use Tor, or to hide in the noise?
>
> I guess one part of the question is the fact that NSA probably doesn't
> really
> have to break encryption, they just need info on who is communicating with
> whom, exploit one of these endpoints and get all the unencrypted logs,
> data,
> etc they want.
>
> --
> Pozdr
> rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3316 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140325/6e036272/attachment-0001.txt>

More information about the cypherpunks mailing list