[tor-talk] Vodafone DE throttles connections to the Tor network

some_guy123 at Safe-mail.net some_guy123 at Safe-mail.net
Sun Aug 2 14:53:39 UTC 2015

> As we all know, the IP address is no reliable identifier, but the MAC address identifies the device and probably its user. Otherwise it would be needless to disguise the MAC address in Tails. As far as I know the MAC address can be coded in the IP within the ipv6 protocol. So, this makes sense.

I don't think Vodafone is using IPv6. In any case, Vodafone knows who you are, regardless of MAC address. And it's almost certain 5eyes knows who is behind your IP, either by Vodafone cooperating/being hacked or by monitoring you non-Tor Internet traffic (MSFT/Google/Apple logins, persistent cookies, ....).

> Although the entry guards are not changed very often (after 30–60 days) in the standard 
> configuration, there seems to be a little random selection [1].

You just change your threat model a bit. Instead of 'them' being able to possibly monitor all your Tor traffic, they have a higher chance of being able to monitor some. There is a reason, Tor moved to very slowly changing entry guards.

You can be 100% sure that 'they' know all Tor bridges/entries and monitor/store forever all Tor traffic they have access to. At this point 'they' can probably decrypt a lot the older Tor traffic that didn't use the new ntor handshake. There may very well be agreements with ISPs in place to directly forward certain interesting traffic (like Tor stuff) to 'them'.

More information about the tor-talk mailing list