From a stupid simple persec POV Tor buys you time... to make a run for it... or whatever.
That's the best you can ever hope for. Use the time wisely. Revolutionaries are dead men on furlough, and so are whistle-blowers. Rr On 06/06/2016 05:25 PM, Steve Kinney wrote: > > > On 06/06/2016 02:47 PM, juan wrote: > > On Mon, 6 Jun 2016 18:23:17 +0000 (UTC) jim bell > > <jdb10...@yahoo.com> wrote: > > > >> > >> Apparently there are a number of easy-to-describe improvements > >> which could be made to the TOR protocol, such as increasing the > >> number of hops, generating fake extra traffic, etc, which would > >> improve it greatly. TOR is a net positive, > > > Or let's try this : > > > Tor is a crass example of controlled opposition. No doubt > > controlled opposition is a net positive...for the establishment. > > And so it must be a net negative for the opposition. > > Since nobody asked, here's a description of why neither TOR nor any > other existing or presently planned anonymizing protocol I know of can > be relied on to conceal a user's identity from the Five Eyes or any of > several other hostile actors. I surface this concept every year or > so, but so far nobody seems interested in discussing it. Maybe it's > just too discouraging to think about. No matter who created it or > why, TOR and similar mix networks are at best security theater, > relative to top tier State adversaries. > > Quoting myself from an earlier post: > > Anonymized routing protocols are designed to defeat passive > observation and limited traffic manipulation by hostile actors. But > what if an effectively unlimited number of compromised routers, > subject to realtime observation and internal manipulation, were > available to hostile actors? Game over, I think. > > About 15 years ago I used online traceroute utilities and whois > lookups to determine (roughly) where all the high performing Mixmaster > remailers were physically located. Over half of them, including most > with "exotic sounding" TLDs, were apparently in the state of Texas. > > Then I used my data to construct "hard to compromise" chains, routing > Mixmaster messages through national jurisdictions not likely to have > comprehensive data sharing between their security services, and > started sending test messages. None of these test messages ever made > it back to me. > > So I concluded that, despite its major technical superiority to other > anonymized networking protocols, the Mixmaster network was most likely > compromised by passive observation (one owner for a majority of > reliable remailers) and active intervention (traffic between > uncontrolled remailers interrupted in transit). > > Owning enough of the routers in an anonymizing network to negate its > security is largely a question of money: How much budget to you have, > how certain do you want to be that nobody is really anonymous? > > If I had to neutralize an anonymous routing network, my approach would > be to set up a cloud server running thousands of instances of the > router software in question, customized to facilitate monitoring by a > hypervisor. Each of these routers would be connected via VPN to a > unique remote host, which would function as a transparent proxy. The > proxy hosts could be machines owned by "friendly" actors, rooted > consumer grade routers, purpose built appliances, conventional Windows > botnets or some combination of these. > > I have not seen this method of attack described and named; I call it a > "hydra" attack, because one body, many heads. I think this mode of > attack deserves competent attention (i.e., not by me) because realtime > observation and manipulation of any desired quantity of routers would > provide solutions to any distributed anonymous routing protocol. > > The only defense I can think of is to assure that message traffic > passes back and forth between mutually hostile national jurisdictions > before delivery. This would be a bit of a hairball to implement, lots > of slippery variables and potential counter-actions by hostiles would > have to be taken into account. But this approach could increase the > cost and reduce the reliability of Hydra attacks against anonymizing > protocols. Somewhat. Probably not enough for "life safety" application > s. > > Long story short: If you want to be /really/ anonymous in the > presence of hostile State sponsored actors, do not rely on a > software-only approach: Use physical security measures to conceal > your identity from the physical router that connects you to the > Internet, because most or all of the anonymizing routers your traffic > passes through may be owned and controlled by the very people you are > hiding from. > > :o/ > >
signature.asc
Description: OpenPGP digital signature