[tor-talk] Another security program

Paul Syverson syverson at itd.nrl.navy.mil
Fri Apr 1 15:14:25 UTC 2011

On Fri, Apr 01, 2011 at 02:10:26AM -0400, Commence Without Illusions wrote:
> This program sounds like 100% snake oil. Even if it did all the things
> it says it does and somehow magically works with Tor, the user's
> anonymity is already broken by logging into a bank associated with their
> real name.
> Commence

Not quite. We created onion routing to separate identification from
routing. Whether you want to be anonymous from the server you
connect to or (mutually) authenticated with it is an important though
distinct issue from Tor's central function.

You might want to authenticate to your bank (you don't want someone
else able to access your accounts!) but hide that you are connecting
to it from anyone observing the connection. Maybe you don't want
people to know where you have a bank account to reduce chances of
identity theft or similar problems. Maybe you don't want someone
watching your internet connection to know that you are logging in to
your bank at that time, etc. Whether the bank has your "real name"
associated with the account or a pseudonym has other choices and
motivations (and potential legal implications depending on
jurisdiction and whether by "real name" you mean legal name in that
jurisdiction). For a significant fraction of their connections, most
Tor users will want to be anonymous to the server they're contacting
as well as any network observers. But this is not always the case.

Note: This is responsive to to the comment about anonymity being
broken if you identify yourself using your "real name" to a server you
access.  I don't have any comments about the original question. Sorry.


More information about the tor-talk mailing list