[tor-talk] according to leaked XKeyScore source NSA marks all Tor users as extremists, puts them on a surveillance list

grarpamp grarpamp at gmail.com
Fri Jul 4 06:36:22 UTC 2014

On Thu, Jul 3, 2014 at 4:12 PM, coderman <coderman at gmail.com> wrote:
> On Thu, Jul 3, 2014 at 10:47 AM, Seth David Schoen <schoen at eff.org> wrote:
>> http://daserste.ndr.de/panorama/xkeyscorerules100.txt
>> Does anyone have theories about this part right at the bottom? ..
>>    /**
>>     * Placeholder fingerprint for Tor hidden service addresses.
>>     * Real fingerpritns will be fired by the plugins
>>     *   'anonymizer/tor/plugin/onion/*'...
>>    fingerprint('anonymizer/tor/hiddenservice/address') = nil;
> this says to me "we used to directly implement linking processes at
> print "... hiddenservice/address" but now we have improved our
> infrastructure of XKS workflow to abstract plugin interfaces of which
> this functionality is now implemented as "... plugin/onion".

There is more meta about the program to be inferred...
1) Note the formal directory structure /anonymizer/{tor,mixminion}.
Not far to presume /I2P, /RetroShare, /FreeNet, /etc is in operation as well.
2) rules100... this thing likely has more N00 rulesets as well.

> directories and authorities being of interest is interesting ;)

Every institution has some easy and some very hard to
change configurations. So rekey and change the IP's of the
dirauths and hope you get lucky and cause them to scrap
some expensive ASIC's or lookup tables and such ;)

You could also abuse their case sensitivity, lack of port names,
shift around the delimiting and presentation for a while too.
Maybe inject nsa.gov's ip in various places for extra fun.

More information about the tor-talk mailing list