[tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

Joe Btfsplk joebtfsplk at gmx.com
Sun Jun 29 14:51:05 UTC 2014 

On 6/29/2014 1:22 AM, Roger Dingledine wrote:
> On Sat, Jun 28, 2014 at 09:38:05PM +0000, williamwinkle at openmailbox.org wrote:
>> I don't understand what Schneier means by this:
>>
>> "After identifying an individual Tor user on the internet, the NSA
>> uses its network of secret internet servers to redirect those users
>> to another set of secret internet servers, with the codename
>> FoxAcid, to infect the user's computer."
> /Right. This is why Bruce's choice of phrase "identifying an individual
> Tor user" is a poor one. Probably the better phrase would be "seeing a
> flow on the Internet that they decide they'd like to attack"./
>
> /One of the big issues I'm still unhappy about is that they say they
> never attack Americans, yet something like 13% of Tor users are coming
> from America, and if you attack 1000 Tor users, statistically you can't
> really say that you've never attacked an American./
I'm not addressing whether Tor or anything else, or the people involved 
are good, bad, bullet proof or riddled with holes.  Simply pointing out 
what was widely believed / accepted as fact - before & after Snowden.

Most of what you & others (mentioning same points) about the last 2 
paragraphs is true.  Even some of what various gov'ts say may be true - 
to a point (the U.S. isn't the only one involved) .
But, the *exact* wording of laws, contracts & lies... uh..., speaking 
points of politicians is critical. ~  /"They have never attacked / used 
any gathered email or electronic communication against [fill in country 
name here]."/

Maybe *they* haven't directly used any gathered data against citizens  
(which before Snowden, or B.S., they absolutely denied before Congress, 
any gathering of data on general population, at all).
But that wording, or the questions asked of them, doesn't seem to 
preclude them giving the data to "someone" else, who then might use it.  
Nor rule out retaining the data, for future use.

Or... perhaps everyone should immediately ignore anything they say, if 
it's assumed that, if... they (any gov't agency) _*told bald faced lies 
before_ to the public & respective countries' legislative bodies,* about 
them violating the Constitution & numerous laws (at least, in the U.S.), 
then they certainly *might* lie again... & again...  Which scenario is 
more likely?

And just assume, based on past behavior, that anything they say, whether 
under oath or not, is worthless & meaningless.  That's why James Bond 
was called a *"secret agent," * not a "full public disclosure agent."
> /And as some of the other posts in this thread explain, one of the main
> features of Tor is to make it hard for you to decide *which* Tor user
> you're looking at, if you only see the flow coming out of the exit relay./
Based on the secretive operation & capabilities of various gov't 
agencies (by design), is it even reasonable to say w/ any certainty, 
that they are likely only monitoring the exit traffic?  That in some 
fashion, they don't have the ability to monitor "enough" entering / 
exiting Tor traffic, that they can't identify one person at both ends?  
Not that they're interested in "average" users.

Not that they may NOT be able to do this (yet). But based on revelations 
in Snowden's documents, of mind-blowing operations, abilities that are 
30+ yrs ahead of industry or the public AND staggering monies spent, 
that a real possibility exists that almost nothing developed by humans 
is out of their reach - by any one of many methods, including bribery?

All of that - & more - is exactly what the Snowden documents showed, at 
least for _what those documents covered_.

How can it be ruled out of the realm of realistic possibility,  that 
very likely the Snowden's documents revealed only a fraction of what the 
U.S. (& probably other gov'ts) are doing or their capabilities (or what 
may soon be a capability)?

Those documents showed, that much of what some persons had believed (who 
were previously labeled as serious conspiracy nuts) about many 
countries' gov't programs & capabilities, which had always been written 
off by the general public as futuristic science fiction, *was indeed true. *

There is no arguing with that one fact.  What ELSE the "gov't" can / 
can't do, or may soon be able to do, that the documents don't cover 
(given their budget is astronomical), is another topic.

More information about the tor-talk mailing list