[tor-talk] access sites

[Maxim Kammerer]

On Thu, Apr 5, 2012 at 04:14, Roger Dingledine <arma at mit.edu> wrote:
> For what it's worth, it's the phrasing of assertions like this that make
> people call your posts here trolling.

Perhaps I should have been more specific: the “Militaries” section on
the “Tor users page”, as it is formulated, looks unrealistic and
artificial to me:

1. Field agents — who exactly are those? I these are regular soldiers,
then tools such as LiPoSe [1] make no provisions for Tor — if they are
using Tor on their own, then good for them, but I wouldn't call that
“military use”. If these are special agents and the like, then Tor is
most likely too unreliable and experimental for their purpose — they
have their own expensive toys.

2. Hidden services — too vague. In any case, a military C&C as a Tor
hidden service? This must be a joke.

3. Intelligence gathering — only for low-profile targets, perhaps.
Even for such targets, what is usually done is establishing civilian
network accounts, and proxying everything via them (or proxying
directly via some ISP gateway proxy). That way you don't run into the
possibility of rogue exit node intercepting unencrypted traffic, and
don't expose yourself as a Tor user, which might be quite unusual
(“revealing the surveillance” in the section).

[1] http://www.spi.dod.mil/lipose.htm

> I am periodically invited to do talks for law enforcement about Tor,
> and at basically every talk somebody there tells me they use Tor every
> day for their work.

Law enforcement is no military intelligence — these people would do
anything, since the most they risk is a failed investigation.

-- 
Maxim Kammerer
Liberté Linux (discussion / support: http://dee.su/liberte-contribute)