To Tor or not to Tor?
rysiek
rysiek at hackerspace.pl
Wed Mar 26 02:47:52 PDT 2014
Dnia wtorek, 25 marca 2014 18:49:10 coderman pisze:
> correct, an IP alone insufficient to impersonate a Tor node. you
> would also need key material.
Ok, I was not being very clear what I meant.
I meant a situation in which the NSA can listen-in on any connection in the
clearnet, including connections between Tor nodes. They *can't* break the
encryption nor do they have the keys...
...*But* (esp. if most of these nodes are in the US) they *can* observe that
in sequence there are packets being sent between IP1, IP2, IP3 and IP4, and
that these packets get smaller at each step, in a way that is coherent with
removing layers of Tor encryption.
What they can get from that is information; IP1 is communicating via Tor with
IP4.
So now they know whom to target with QUANTUM when they'd be using clearnet for
something.
Tor encryption gets less relevant if NSA gets access to the endpoints via
other means, and for that they need to know whom to target. Observing packets
flying between Tor nodes can give them that info -- at least that's a
suggestion somebody made elsewhere.
So my question is, does that make sense? Is that a viable threat?
--
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20140326/bd5fb8d0/attachment.sig>
More information about the Testlist
mailing list