[tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

Sun Jun 29 00:34:23 UTC 2014

On 6/28/2014 6:36 PM, Seth David Schoen wrote:
> williamwinkle at openmailbox.org writes:
>
>> I don't understand what Schneier means by this:
>>
>> "After identifying an individual Tor user on the internet, the NSA
>> uses its network of secret internet servers to redirect those users
>> to another set of secret internet servers, with the codename
>> FoxAcid, to infect the user's computer."
>>
>> Surely the whole point of Tor is that the requester of
>> http://www.target_website.com cannot be identified based on the
>> traffic which leaves the exit node. Since the N_S_A would only know
>> the IP address of the exit node and the destination
>> http://www.target_website.com, how can the client be identified even
>> if the traffic is redirected to the FoxAcid servers?
> Tor is preventing the user from being identified by their (true) source
> IP address.  In the hypothesis of the article, there's sometimes another
> way to identify the user, for example because they've logged into a
> (non-TLS) service using a particular username and password, or because
> they sent a particular cookie.
>
> The materials that Schneier is reporting on use a very broad notion of a
> "selector" -- a way of referring to a particular user or device or
> network in order to associate network traffic with them.  One of the
> most fundamental selectors on the Internet is someone's source IP
> address, which Tor obfuscates.  The Tor Browser also tries not to have
> any persistently distinguishable features between one user's traffic
> and another's (unlike a normal desktop web browser!), but a user's
> particular behavior could still provide ways of identifying them and
> distinguishing them from other users.
>
Yes, and then it may become a partly theoretical / partly real world 
discussion of (the "real world," mind-blowing part being based on 
Snowden releases):
* It has to be assumed that the major world gov'ts will not sit idly by, 
while enemies of their states use (any) communication method right under 
their noses and say, "Oh well, the bad guys are too smart for us."

* to what lengths of time & (our) money are world gov't agencies willing 
to go to break encryption - of anything? (the U.S. isn't the only one)

* what else have gov'ts developed to identify users thru fingerprinting 
or methods we haven't dreamed of yet?  Remember how blown away everyone 
was about the Snowden documents.  It would be totally wrong to assume 
that Snowden was able to gather & release *all* methods in use or being 
developed, to "crack the internet."  Likely, for every thing he 
disclosed, there were *many other earth-shattering ones left undisclosed.*

* In many countries, the gov't doesn't care about proving you're an 
enemy of the state, beyond a reasonable doubt.  That's a whole other 
conversation.  In "kinder, gentler," advanced democracies, gov'ts are 
now so powerful (as shown by Snowden documents), that if they have good 
suspicion you're threatening national security or running drug / sex 
slave operations, they may eventually get you, even if you don't use the 
internet at all.

They are willing to spend as much of our money as it takes to infiltrate 
any & every thing, that they perceive to be a real threat or a 
significant tool of powerful enemies.  And up to a point, that may be a 
good thing.  But when has <any> gov't shown wisdom of knowing when some 
action is going too far?

And while Tor or any great organization or company you choose, has 
incredibly talented people, the major world gov'ts have 1000's of people 
*just as talented - working round the clock.*  Long term, it's going to 
be hard to outwit them & completely impossible to outspend them.  That 
doesn't mean people shouldn't try.