Some legal trouble with TOR in France

Eugen Leitl eugen at
Mon May 15 14:48:59 UTC 2006

On Sat, May 13, 2006 at 10:02:41AM -0700, Eric H. Jung wrote:

> Given the recent enlightenments about the US National Security Agency's
> illegal activities (gathering millions of telephone records from
> average citizens, etc), what is the technical feasibility of the NSA or
> other governmentt organizations establishing modified tor nodes/servers
> which track activity and use?

Why do you have to modify anything if you tap upstream, and do
full traffic analysis? Or install a rootkit which phones home,
though that is detectable in principle (not something I could
detect, but again: remember the threat model Tor was designed

If your node runs outside your control (and not even
on tamper-proof hardware) clearly anyone who cares enough
can get at the data. But this comes at a cost, and if someone
spends a lot of effort to decipher what turns out perfectly
legitimate traffic then Tor's already fully validated in my book.
Eugen* Leitl <a href="">leitl</a>
ICBM: 48.07100, 11.36820  
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
URL: <>

More information about the tor-talk mailing list