[tor-talk] Please Remove Tor bridge and... from Censorship countries.
mail at parckwart.de
Tue Nov 8 10:07:41 UTC 2016
One thing should be clear:
If one is not using a bridge, it is trivial for any network observer
(University firewall admin, Iran ISP) to see if one is using Tor. However,
with the right bridge setup such a detection can ultimately be prevented. I
guess meek is the best candidate for an undetectable bridge.
On Mon, Nov 07, 2016 at 09:56:01AM -0800, Seth David Schoen wrote:
> Jason Long writes:
> > To be honest, I guess that I must stop using Tor!!!! It is not secure.I can remember that in torproject.org the Tor speaking about some peole that use Tor. For example, reporters, Military soldiers and...But I guess all of them are ads. Consider a soldier in a country that want send a secret letter to his government and he want to use Tor but the country that he is in there can sniff his traffic :(
> That soldier has a potential problem if the government is aggressively
> monitoring Internet traffic, because they can look at the time that the
> message was received and ask "who was using Tor in our country at that
> time?". This happened in 2013 when someone sent a bomb threat using
> Tor on his university campus. Apparently he was the only person using
> Tor on campus at the time the threat was sent.
> The ability to do this doesn't require the government to operate any of
> the nodes and doesn't require them to be operated in the same country.
> For instance, Harvard University was able to identify this person even
> though he was using only Tor nodes that were outside of the university's
> network. (It might have been much harder if he had been using a bridge
> that the university didn't know about, or if he had sent the threat
> from somewhere outside of the campus network.)
> If there are ways of sending the letter that introduce a delay, then it
> might be harder for the government to identify the soldier because then
> there is some amount of Tor use at a time that's not obviously related
> to the sending of the letter. There might still be a concern that the
> amount of data that the soldier transmitted over the Tor network is
> very similar to the size of the letter, which may be a unique profile.
> (That's a concern for systems like SecureDrop because people upload
> large documents with a unique size; the number of people who transmitted
> that exact amount of information on a Tor connection in a particular
> time frame will be very small.)
> There's lots to think about and a good reminder that the Tor technology
> isn't perfect. But I wouldn't agree with the idea that there's no point
> in using Tor. Lots of people are getting an anonymity benefit from
> using it all of the time.
> Seth Schoen <schoen at eff.org>
> Senior Staff Technologist https://www.eff.org/
> Electronic Frontier Foundation https://www.eff.org/join
> 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
More information about the tor-talk