[tor-talk] Tor

Juan juan.g71 at gmail.com
Tue Oct 20 12:26:45 PDT 2015 

On Tue, 20 Oct 2015 01:58:18 -0700
coderman <coderman at gmail.com> wrote:

> On 10/20/15, Juan <juan.g71 at gmail.com> wrote:
> > ...
> > 	BY THE WAY, what kind of retard can take the above
> > 	'presentation' seriously ?!
> 
> class time for Juan!


	Yes. And I'm doing the teaching. 


> 
> 
> 
> > 	"use cookies to identify tor users when they are not using
> > tor" what !? the cookie monster?
> 
> See "Transparent Proxy" mode, un-approved third-party browser
> configurations using Tor as SOCKS Proxy without Tor Browser
> protections, etc...


	I know. But that's not how the majority of people use tor. So
	your remark is pretty much irrelevant. 

	Were you trying to teach me something? 



> 
> 
> 
> > 	"How does tor handle dns requests? Are dns requests goin
> > 	through tor? --- current : still investigating".
> 
> this is the SOCKS4 vs. SOCKS4a vs. SOCKS5 w/named connect, question.
> 
> if you are using a non-standard config leaking DNS, you're also
> vulnerable to DNS poisoning for CNE or de-anon.


	Same as above. Your comment is irrelevant and looks like an
	attempt at obfuscation. 

	So, let me reiterate : whoever wrote that is candidly admitting
	that he doesn't know what he's talking about. Which doesn't
	makes sense considering the alleged nature and source of the
	document. 


> 
> 
> > 	"what do we know about hidden services? current : no effort
> > by nsa"
> >
> > 	Sure. None. Nada. Nothing.
> 
> NSA goes where targets are. bet this is no longer true :P


	bla bla bla . Oh and it wasn't true in 2012 either.



> 
> 
> 
> > 	"can we exploit nodes. probably not. legal and technical
> > 	challenges".
> >
> > 	... Well, boys nothing to see here. The government is
> > completly inept AND, of course, they 'respect the law'. Whatever
> > that is.
> 
> relays are the most hardened configuration of Tor. 
> if Tor Browser
> attack surface is one end of spectrum of vuln, Tor the implementation
> on a dedicated server is quite the opposite.


	So? There are only a handful of relays as opposed to clients
	so the payoff for attacking them is way bigger. 

	Regardless, your comment is, again, pretty much meaningless. The
	point is that the claims that they can't exploit relays because
	of technical and LEGAL reasons is pure undilluted bullshit.


> 
> 
> 
> > 	Somebody was talking about moles?
> 
> just diggin' dirt...

More information about the cypherpunks mailing list