You realize that the NSA could spend a few thousand bucks to just buy a few thousand cheap PCs and different IPs to run thousands of exit nodes, right?
Tell me what's stopping them from doing this.
There is no way that the NSA doesn't control a vast majority of existing exit nodes.
This would cost a few hundred thousand to permanently break tors anonymity, versus spending tens of thousands of man hours trying to find exploits.
What makes ANY of you think that this wasn't the case from the beginning?
>>42950875
Not to mention they have splitters on all cables in the US, probably the world. They can just see the unencrypted traffic at the end of the chain of exit nodes and find you.
Tor is literally useless against someone like the NSA.
Lets just use unencrypted internet then ;^)
>>42950875
This still doesn't make the hidden services insecure since they don't go through exit nodes.
the gchq did do that using the aws cloud.
they still cant decrypt all users all the time however
>>42951090
This
>>42950875
>a few thousand bucks to just buy a few thousand cheap PCs and different IPs
I, too, enjoy my $1 computers with $1 monthly internet connection
>>42951165
Although op worded it poorly, the NSA does have the equip to pull it off
>>42950875
Thanks for the idea, friend. I'll forward it to my boss and see what he thinks. Oh, by the way, I think your porn habits are a bit strange.
>>42951241
controlling exit nodes =/= knowing the origin of the packet
>>42951050
How can they find you from the unecnrypted exit exactly?
That only works if you send out personal information that can identify you, they will still only see the IP of the relay before the exit node, not yours.
Tor =/= anonimity
It is a tool that, if propper used, could aid anonimity.
Your anonimity is always based upon your actions: where do you enter the net, does the mail adres link to your identity, is there anything they could match to you?
If you want anonimity read up on OPSEC, compartmentation, tradecraft and indictments.
I thought they already do.
>>42951338
Well they just have to control enough of them.
>>42950875
Because the sudden surge in nodes, especially exit nodes, would tip off those who monitor the Tor metrics. If suddenly there was 8000 nodes instead of 5000 nodes, someone would take notice. I'm sure (hopeful at least) that the Top operators would shut down the network if such a thing happened.
>>42950875
they are already doing it, they have lots of exit nodes, and the last NSA release had something to do with those important-tor-servers-or-something
I'm pretty sure they can't find you by just having exit nodes because don't you connect to that through a series of different proxies? I thought that the only way of getting the original IP was is by creating relay nodes and hoping that the origin would connect to that first.
Ok dipshit time to give you a 101 on how tor works and how you use it to stay anonymous.
Tor encrypts your traffic from you, to the exit node. From the exit node the traffic leaves as it would normally from your PC if you made the same request. However, the only difference is it shows the request coming from a different location. It makes your location anonymous.
So, I run an exit node. What can I see?
I CAN'T identify the original source of the traffic. UNLESS the client is using something that sends his original IP address to the end server (Such as bittorrent)
I CAN predict who you are, if you log into your gmail, facebook etc. I know who it is now.
Can I monitor your usage on hidden sites, such as the silkroad2? NO
It's easy to use if your smart about it, even if someone was monitoring 50% of end nodes you can still be anonymous.
The most famous attacks on the tor network came from hidden service takeovers by the FBI and injecting javascript exploits to get visitors real IPs. Another was to release a fake tor browser
>>42951090
>>42951155
if you own guards and hs directories then you can totally deanon
hidden services are insecure by design because all the traffic going to clients is theirs and they have little to no deniability.
i2p does not have this problem (;
There's nothing stopping them. Infact, most exit nodes ARE ran by people hoping to snoop at your data.
However,
1. Hidden services don't use exit nodes. At all.
2. Exit nodes cannot read encrypted data. Encrypt the data between you and the server and the exit node just has to pass it on without tampering.
>>42952135
May I add, they can only read the facebook, gmail data presuming they have SSL backdoors
>>42950875
infographic 4 u
This is kinda related, I've tried booting Tails from live CD but it asked for the amnesia login, I've tried amnesia and root but nothing works.
The same for the when booting in the fail safe.
How do I solve this?
>>42950875
Maybe when you Tor users were at most 1000.
You view of the system is erratic, is like saying:
Gov could buy a few computers and mine all the bitcoin transactions fees and coins left.
The users are more powerful than a couple of supercomputers, and that's assuming they could actually be exit nodes and not just a layer node.
>>42952336
> Gov could buy a few computers and mine all the bitcoin transactions fees and coins left.
except they could now that asics are dirt cheap
>>42952283
I am against pedophilia, but you act like a Jew working for JIDF. Posting utter disinformation and propaganda.
Tor is NSA headache because only exit nodes have unencrypted data. Having a non-exit node is useless, you can't relate its origin or destination or connection with other packing.
It's even public Lavabit and Tor were immune to 0days or hackers. It's like trying to kill a torrent, you can confuse or disrupt at most but P2P can relocate its distribution seeds and avoid the wrong ones.
Just because they control the exit node, doesn't mean they can jump all the way back through the network path to the source.
Fucking casuals.
>>42952418
They can crack down if they relate the exit node patterns with two intermediate nodes patterns. Sounds difficult but its not, they are experts at data-mining.
But they need a exit node and two layer nodes. Cost is insane.
Imagine you paid 4 dollars for every user exit node per hour. Multiply it for 3.
>Implying a Onion has a mere 4 layers.
Multiply it for everyone using Tor.
>Implying independently nodes don't grow with users grow
Now you got a hyper expensive program. And that is just for relating IP with cracked data, assuming 4 dollars per hour of successful exit node control. And assuming Tor users wouldn't change identity every 5 minutes.
Top Kek
>>42952502
not even taking into consideration the encryption inside the network.
Basically, the only way Tor is unsafe is if you as a person fuck up by logging into something of yours.
>>42952195
They basically own the CA's. What's the fucking point?
>>42952284
Guys?
>>42952526
What he is trying to explain the encryption does not matter.
I controll a first hop relay, and an exit.
I see the users real IP address on the first hop relay. I also see he is sending a request to download "35.6MB of data"
I also own an exit node, I see an anonymous user requesting to download "35.6MB" of data from midgetporn.com while no other identical requests were made.
Obviously, it would take hours of monitoring to get enough evidence but its not impossible.
>>42952565
This is incorrect - the client always encrypts the data before sending it out. Also, the packet is already packaged as onion routing before being received by the first hop, so the first hop doesn't know that it is the first hop, only that it is a hop coming from point X and going to point Y.
https://lists.torproject.org/pipermail/tor-talk/2007-November/015394.html
>>42952565
plus the odds of which are crazily slim. Not to mention, that is not direct proof, only conjecture, which is dismissive in court.
Encryption saves the day once again
>>42952668
Yes you could encrypt it first and also go to Tor using a VPN, and running a USB Tales boot.
But get serious who needs that protection and lag wizard level? I just read Wikileaks and business mail.
>>42952708
What? The point I was making was that Tor already has accounted for that type of association and implemented measured to combat it.
>>42952694
I know the odds are hugely slim. But the NSA has a lot of dollar dollar and for the targets they get ; terrorist group leaders, Pedophiles etc these routes will lead to doors being knocked down regardless of how the data was obtained for the lead. The court convitions will come from the data on siezed computers
>>42952284
>>42952554
There is no password by default. Just press enter at the login screen. If you want a root password so you can install stuff or whatever, select Yes first.
>>42952720
NSA hunts pedos?
Since when do pedos endanger the national security.
>>42952731
Paedophilia promotes Russian mobsters who promote terrorism, Anon :^)
>>42952731
You know as well as I do the muh pedos argument is a cover-all for anyone who upsets the governing classes power.
Not to mention they are all paedophiles anyway, as shown in the UK.
>>42952722
You didn't get me.
After I put the live CD, restart the computer, I get Tails boot menu, I choose live CD , and then it stuck.
I get a bunch of writing something that couldn't load, and it ask for amnesia login.
Thanks for replying
>>42952765
use USB not a CD
>>42951939
Not if they own the tor router it starts with
>>42952765
The Tails iso is 950MB large, you can't put it on a CD
If you did, it means you're missing the end 250MB
>>42952777
What's wrong with the live CD? Well it's a DVD .
But if I can't boot from DVD how USB can solve it?
>>42952824
Theoretical question
If the NSA controlled the majority of relays / hop-servers and exit nodes tor would essentially be broken, right? If all nodes in your tor circuit are controlled by the same entity tor is essentially useless? Isn't that security by obscurity?
>>42952922
It would only be partially broken. The number of nodes they control relates to the probability that they can deanonymise someone.
If they only own 50% of the nodes, then this wouldn't give them a 50% chance to find someone, since there are 3 hops in a typical connection. It'd give them a 33% chance to find someone- every single hop would have to be in their domain. (the 33% number might be wrong, I didn't think about the math in detail, but the point is that it's less). If one hop leaves controlled space, they cannot break anonymity. Well I guess they could go to the one they haven't broken and just bully it but then what if there are no logs? They'd be stuck.
The NSA concluded this and in their internal documents they realise that tor is effective when it comes to nodes.
Their goals are to get people to stop using tor, and to disrupt the network by doing things.
Like adding slow nodes that advertise themselves as fast nodes, so they slow down people's connections. Shit like that. Pissing in the pool rather than sitting under the water waiting for someone to use it.
To answer your question; you need a vast majority. And then you're still stuck on probability streak, although there are advanced methods to bring the amount you need to control down to more sensible levels like only 60% control. Tor is pretty fucking good.
One more relay node increases the security of the whole network by more than just one node. It increases the shuffling power, like how longer passwords are better by exponential amounts.
>>42952881
That's not a CD.
>>42952096
>suddenly
Probably wouldn't be suddenly
>>42952283
freenet is slow as a bitch
>>42952824
Although I've said CD I used DVD when burning the ISO.
Could it be that my ISO is corrupted? But I've downloaded both of the torrent and ddl iso.
According to Dingledine it's not hard to compromise Tor entirely when you have the resources like government has.
He just says total monitoring is much too expensive
>>42953155
also don't forget that most of the funding comes from the US military.
Why would they fund it if they aren't sure that they are able to control it
The NSA probably and GCHQ definately (using AWS (REMATION II) did run a load of nodes and we can assume that they still do.
Attacks to identify users are far more achievable to such organisations though and have already been successful.
Example attacks:
- Seeding ads around access points http://www.cnet.com/uk/news/nsa-tracks-google-ads-to-find-tor-users/
- Traffic Analysis and vulnerability exploitation https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html
- Latency/clock slew http://www.cl.cam.ac.uk/~sjm217/papers/usenix08clockskew.pdf http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf
From https://grugq.github.io/blog/2013/06/10/good-luck-with-that/
>the Tor network has only 3000 nodes, of which 1000 are exit nodes. Over a 24hr time period a connection will use approximately 10% of those exit nodes (under the default settings). If I were a gambling man, I’d wager money that there are at least 100 malicious Tor exit nodes doing passive monitoring. A nation state could double the number of Tor exit nodes for less than the cost of a smart bomb. A nation state can compromise enough ISPs to have monitoring capability over the majority of Tor entrance and exit nodes.
>all I am trying to say is that the surveillance capability of the adversary (if you pick a nationstate for an adversary) exceeds the evasion capability of the existing public tools. And we don’t even know what we should be doing to evade their surveillance.
>If you just want to “stay anonymous from the NSA”, or whomeever… good luck with that. My advice? Pick different adversaries.
>>42953167
Because they use their own form of it. Why pay expensive contractors to maintain your software when you can throw some free software developers a couple hundred grand to do it for you?
>>42950875
>a few thousand cheap PCs and different IPs to run thousands of exit nodes
I just realized why Tor is so slow
>>42953167
They're funding it because they want something that will help destabilise places like iran and china, dipshit.
If there was a way to easily break it, china would find it.
What does the US need like 4 different secret organisations?
There's like the CIA, FBI, NSA, Secret Service
>>42953229
I think one of the aspects of Tor is secure communication for diplomats and governments that's why it's also interesting for the military.
But I mean Tor doesn't even obfuscate Tor packets, I doubt that it's hard for an organization like NSA to utilize traffic analysis.
>>42953251
Well China seems to have Tor largely under control anyway
>>42952821
And all the nodes inbetween?
also if its a .onion service, the last jump IS the website itself, all IP's look like localhost.
>>42953306
terrorists and communists
>>42953306
To increase bureaucratic inefficiency.
>>42951263
Oh, be quiet, you dirty whore. You know you love it.
>>42953307
>Well China seems to have Tor largely under control anyway
Not really. They're still fighting it. They've done the most, but most of what they're doing is fighting to keep people from even knowing about tor.
>>42953306
The FBI isn't a secret organisation. It's for fucking domestic crimes. They're given more powers than local law enforcement to tackle serious crimes.
The NSA is for domestic technological espionage, the CIA is for foreign intelligence, and the Secret Service is a secret. No-one knows what it does.
>>42950875
Why would you spend thousands if dollars when you could just set up VMs
>>42950875
and that's why you use https
>>42953360
using Tor in China is possible but very (very very very) slow and unreliable
>>42953306
The FBI aren't a secret intelligence organisation, they just conduct criminal investigations on a federal level.
The CIA do international security, i.e. spying on other countries and terrorists.
The NSA do information security.
The Secret Service investigate financial crimes like counterfeiting, and provide security to the president and ambassadors.
>>42953124
Anyone?
>>42953306
CIA: covert/clandestine foreign HUMINT and intelligence analysis
FBI: domestic crimes and counterintelligence
NSA: foreign SIGINT and information assurance
Secret Service: financial crimes and protecting POTUS, VPOTUS, etc.
NGA: GEOINT
DIA: MASINT and defense-related HUMINT
>>42951165
lol'ed hard
>>42953580
NRO: Lobby all of the above
>>42953679
>implying FBI even gets into the parking lot
>>42953576
Try making a liveUSB instead
>>42953746
What's the difference?
Also is it essential to verify the ISO?
>>42953899
No it's not.
Make sure your boot order is correct
It correct, I can boot mint,puppy, ubuntu and flavor , Debian.
It's just stuck in the middle of the boot, it say something about can't load a specific something and ask for amnesia login.
In a BIOS /ms-dos like interference ?
Is this a compatibility issue? Or a corruption ?
