[tor-talk] Off topic. What's the extent of the spying

grarpamp grarpamp at gmail.com
Tue Jul 9 20:30:57 UTC 2013


> Can they meaningfully browse all the data?

De-anonymizing does not necessarily mean being
able to read the content, only about establishing
the network. Network analysis is powerful on its own.
But without the content or other metrics it could just be chat
about the weather. Tor encrypts the content traversing its
network even while one or both endpoints become known.

Perhaps the next big leak in a few years will be the status of
agency capabilities against RSA and AES.

> - They have already broken tor but dont confess, being happy to gather even all traffic from those who believe they would be anonymous in the net.
>
> - They say: OK, we cant get that network under real control but its useful because we can benefit from that, so keep it up accepting that some are able to hide their activities.

The answer as usual is probably a bit of both depending
on how busy things are and the sort of traffic traversing
and what specific is being attacked against.
In regards to finding a client in course of casual browsing...
that seems hard to de-anon. And it seems pretty clear that
hidden services are not as near as immune to locating as
formerly thought... protocol weaknesses exploited by non-PA's,
or simply a PA repeatedly fetching something and watching
their observation net for the pattern... though we have yet to
see any news of either of these being used in the real world.


More information about the tor-talk mailing list