[tor-talk] FBI cracked Tor security

Jon Tullett jon.tullett at gmail.com
Tue Jul 19 10:18:36 UTC 2016 

On 19 July 2016 at 12:01, Mirimir <mirimir at riseup.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 07/19/2016 03:50 AM, Jon Tullett wrote:
>> On 19 July 2016 at 08:31, Mirimir <mirimir at riseup.net> wrote:
>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>>
>>> On 07/18/2016 07:08 PM, Jon Tullett wrote:
>>>> On 18 July 2016 at 16:17, Mirimir <mirimir at riseup.net> wrote:
>>>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
>>>>> A few years ago, I wrote
>>>>> <https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me>.
>>>>
>>>> Have you updated it to account for subverted VPN providers?
>>>> Advising people to use VPNs which may have been subject to
>>>> national security letters is arguably bad.
>>>
>>> Which VPNs have received NSLs?
>>
>> I take it that's a no, then?
>
> I account for it by distributing trust, just as Tor does.

But your guide does not. It doesn't even mention them. Why are you
concealing the truth from users?!?11

The point I'm trying to make is that you can't cover every base. Too
often, attempts to do so just end up with unusable rambling essays on
security which no one will read and which still fail to cover a lot of
ground. You're accusing Tor of something that you yourself can't
avoid. That's not a criticism - just a reflection of reality.


>> Point being, not only do we now know which operators have received
>> letters, we _can't_ know. The first rule of NSL club is you don't
>> talk about NSL club. I have yet to see much evidence that warrant
>> canaries help. And that's not the only risk; operators can be
>> coerced, hacked, suborned, or otherwise compromised. Belgacom, for
>> example.
>
> What Tor relays have received NSLs?

Which part of "we can't know" wasn't clear? We don't know - can't know
- which relays are compromised, but we have to assume that at least
some are (MIT et al). Ditto for exit nodes. Again, don't fixate on
NSLs. That's one form of compromise but there are many more. The only
safe assumption is that the environment is hostile - just how hostile
and what is a reasonable response will vary from one user to the next.


>> We mitigate that by layering services, but that's back to the
>> question of how complex an environment suits your risk profile. Not
>> everyone has the same nut; not everyone needs the same size
>> hammer.
>
> The NSA is a pretty big nutcracker ;)

The threat of the NSA is not evenly spread, and does not warrant
identical countermeasures. Some people aren't concerned at all. Some
are concerned about privacy in a theoretical way and use Tor because
they have a vague sense that it's messing with The Man. Some are
active targets and know they need to substantially strengthen their
opsec, and will use Tor as part of a much broader toolset. Different
strokes for different folks, and the advice I'd give them would be
very different in each case.

-J

More information about the tor-talk mailing list