can we be sure tor still works?
- Anmelden oder Registrieren um Kommentare zu schreiben
i have heard that the nsa could deanonymise tor users if they have control over all the exit nodes
and although theres quite a few exit nodes if the nsa can find a bug in gnu/linux or open/liberty bsd
like the recent bash bug they could remotely control just about all exit nodes
is there anyone checking that at least some of the exit nodes are rely rely rely secure?
i may be misinformed though
Malicious tor nodes is the reason you should make sure you use HTTPS.
so even if the nsa had ever tor node on the network your fine if you use https?
Yes, if the NSA can't break the encryption
I must admit I don't know the technical details of how Tor works, but I do know that since Tor nodes are communicating with each other, they must know which Tor node they're sending a particular request to and which Tor node they're receiving a request from, and the Tor node that requests the actual data must know the location of that data (the URL) even if it doesn't know the data itself. I don't see how HTTPS has anything at all to do with Tor's attempt to mask your identity. The EFF recommends using HTTPS with Tor to avoid leaking data to all third parties, including the final Tor relay, which would otherwise be able to see that data.
I'm not entirely sure if Tor is set up so that you appear to be an exit node, or if the first node you talk to just knows your location. I think the latter is the case, in which case control over all involved Tor exit nodes would negate Tor's anonymity entirely, because your request can simply be traced through all the nodes in this case. Even if the former is the case, it wouldn't help much anyway, though. To achieve anonymity from a party, your request must be routed through at least one node that isn't controlled by that party (at which point it's impossible to figure out your identity by following the route). Of course, the chance of picking a series of Tor nodes all controlled by one party is slim, and becomes more slim when more Tor nodes are available, and even more slim if you increase the number of Tor nodes you route your requests through.
One more important thing to note: in addition to knowing the entirety of the path taken destroying Tor's anonymity, it's possible to use statistical data to correlate a Tor user with a final exit node by monitoring both of these points at the same time. The chance of this occurring is already quite low and can be decreased further both by increasing the number of available Tor exit nodes and by increasing the number of Tor users. But it's always a possibility, and as far as I'm aware it's the greatest weakness of Tor.
Sorry, I wasn't talking about anonymity (which I guess tomlukeywood was talking about)
But if the NSA controls all exit nodes, that doesn't mean they control all nodes, so I don't think they can trace you back even in that case.
I don't know how secure Tor is because it is a complex topic and because I am inexperienced. But I do know one thing: for many years Tor was considered top notch secure and completely anonymous. Suddenly, two years ago, a lot (I mean, really a lot) of hidden services were taken down and a lot of people are in jail for illegal activities they were doing on the Tor network. If I understood the thing correctly - for many years no hidden service was seized and no criminal incarcerated and then two years ago it started to change and many services are no more and a lot of dudes are staring at the ceiling in a 2*2 m cell. I guess the NSA found something at some point..
Again, I don't know really, it's just a guess, I may be wrong.
Actually, with silk road, it was because the guy revealed his email address. I don't think the NSA has really broken Tor, they are just good at using other data to deanonymize users.
I read several articles some time ago about this. Nobody knows how the FBI/NSA managed to get at those services and people behind those services. The matter is that it is not just silk road. Some of this articles like this one talk about 400 and more services taken down..
If that is indeed the case the question arises: "Are all these people dumb and don't know how to protect a fairly lucrative business or is FBI/NSA getting better at what they do?"
btw would it be a bad idea to be a tor exit node?
is there any legal issue?
so has anyone actually been prosecuted for running a tor relay?
:(
How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID
https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html
Measuring and mitigating AS-level adversaries against Tor
http://arxiv.org/pdf/1505.05173.pdf
and what about torchat?! Do you have some informations about dangers using torchat?
Yeah I'd like to know about this.
Ciao Cantor! Ti è arrivata la risposta alla tua mail? Te lo chiedo perchè avevo risposto quel giorno che me l'hai mandata ma oggi quando ho aperto icedove mi è arrivato un messaggio "avviso mail non ricevuta dal destinatario"..
Strano. Solo dopo 3 o 4 giorni mi arriva l'avviso.
ciao!
No, non mi è arrivata infatti
strano.. ora te la rimando. ciao!
- Anmelden oder Registrieren um Kommentare zu schreiben