Is Tor still safe to use? - https://news.ycombinator.com/item?id=41583847 - Sept 2024 (562 comments)
The Nym mixnet[0] seems promising but it's still new and unproven.
I had an idea a while back to make traffic analysis more difficult by building circuits distributed across adversarial countries. Would like to hear thoughts on it.[1]
If you’re interested in seeing what the next generation of this stuff looks like (although AFAIK is not really known outside of defence contracting circles) take a look at this https://github.com/tst-race/race-docs/blob/main/what-is-race...
So he persuaded NRL to give the project up to open source. Good thing, too, because he was a math geek but not a cryptographer. The two cryptology doctoral candidates at MIT who took the project over chucked his code, and rewrote Tor from the ground up.
Since it's open source, this can be documented. Getting spooky about it being designed for spooks is a red herring.
That GitHub doc vaguely mischaracterizes Signal -- all Signal ever sees is the connection negotiation metadata. Past that point there are no "servers" involved, or data to be retained for future discovery.
IIRC it was a US Navy project. But I didn't understand your point.
People think that just because the research came out of the Navy, it was busted or compromised from the start, which it wasn't. Efforts only spun up to wrangle it in from being an academic curiosity once it started being heavily noticed as being a frequent tool/vector in investigations of criminal/adversarial activity.
- Find the "bad guy" server onion address "hidden service"
- Run a tor relay. Ideally many. No exit node shenanigans needed - hidden service, not exiting TOR. This is quite nice from a legalistic perspective since you're not on the hook for hacks coming off the exit node.
- Run a bunch of clients. Instruct to connect to "bad guy" onion.
- Gather data over time for correlation attacks. Correlate your client to relay to endpoint server.
- At some point, you'll find one of your relays is the guy connecting directly to said hidden service.
Very simple lesson here. One needs to encrypt the information, yes, but failing to consider packet timing as "information" is the fallacy.
The safeguards are actually much much better than what the opinions would lead you to believe on here.
People really seem to get off on the idea that they are on the targeting list of an intel service but you actually have to put in some real work to meet that criteria. If you’re buying drugs for example even the relevant LE authorities will at most knock on your door to scare you assuming you live in an English speaking jurisdiction.
Minimally-enforced "random" timeouts to prevent DDoS->outage correlation.
Also mirrors. Lots of mirrors.
Have mirrors tied to reputation tied to invites.
Then the border to entry is time + money + reputation(which is time + money)
Throw in some 0-KPz, and you are 100% chillin in Belize or 100% in Colorado-ADX
(in minecraft, hypothetically, to sell beets, i ♥ us)
It also uses a separate chain in each direction which makes any attack based on observing timing both ways more difficult.
It's also not Sybil resistant at all.
.1% fluff? May as well call em up yourself.
TOR ultimately works like any old relay system; if you control enough nodes, you can effectively decloak people if they happen to connect to only your nodes. Nodes are assigned for connection based on a trust value so all a Nation state would have to do is host enough nodes (relay+exit) and they'd be able to decloak a connection. This kinda inherently gives TOR decloaking abilities to entities with the most infrastructure, which at that scale basically will only be nation states.
TOR works well enough for privacy when your adversaries aren't well-funded state actors. (ie. It's probably enough to mask your traffic if you use TOR to access resources to get out of an abusive relationship or need to circumvent cult-level inspection of your personal interests by religious schools. Most dictatorships also don't really have the resources to mount this sort of attack - it's probably just the US and some European countries.) That rule kinda also goes for VPNs in general however.
Also, these nodes operated by bad actors are constantly identified and excluded.
Does the tor daemon connect automatically? If so, even people who installed tor for fun and forget about may be on the list.
Did the lucky ones have the "Bundestrojaner" (gov surveillance app) installed on their machines?
Good. That reduces the quality of the list.
There probably is a dragnet too.
Most people don't need anonymity most of the time...
https://www.dw.com/de/darknet-missbrauchsplattform-boystown-...
https://www.sueddeutsche.de/panorama/kindesmissbrauch-boysto...
Now we can discuss the actual privacy implications of this news
If a tool does not perform as designed, all users of the tool have an interest in knowing that, and working towards correcting that.
It doesn't matter that there are both good and bad users.
Ergo, users: don't warrant the resources. Your threat model should not be the same as CSAM site operators.
Also, you misspelled asinine.
Tor can't protect you from terrible opsec.
Whoever the engineers are who've worked on the technical aspects of deanonymizing Tor connections, they should feel very proud of their work and the good it's doing in the world.
A fantasy.