You realize that the NSA could spend a few thousand bucks to just buy a few thousand cheap PCs and different IPs to run thousands of exit nodes, right?
Tell me what's stopping them from doing this.
There is no way that the NSA doesn't control a vast majority of existing exit nodes.
This would cost a few hundred thousand to permanently break tors anonymity, versus spending tens of thousands of man hours trying to find exploits.
What makes ANY of you think that this wasn't the case from the beginning?
Not to mention they have splitters on all cables in the US, probably the world. They can just see the unencrypted traffic at the end of the chain of exit nodes and find you.
Tor is literally useless against someone like the NSA.
How can they find you from the unecnrypted exit exactly?
That only works if you send out personal information that can identify you, they will still only see the IP of the relay before the exit node, not yours.
Tor =/= anonimity
It is a tool that, if propper used, could aid anonimity.
Your anonimity is always based upon your actions: where do you enter the net, does the mail adres link to your identity, is there anything they could match to you?
If you want anonimity read up on OPSEC, compartmentation, tradecraft and indictments.
Because the sudden surge in nodes, especially exit nodes, would tip off those who monitor the Tor metrics. If suddenly there was 8000 nodes instead of 5000 nodes, someone would take notice. I'm sure (hopeful at least) that the Top operators would shut down the network if such a thing happened.
I'm pretty sure they can't find you by just having exit nodes because don't you connect to that through a series of different proxies? I thought that the only way of getting the original IP was is by creating relay nodes and hoping that the origin would connect to that first.
Ok dipshit time to give you a 101 on how tor works and how you use it to stay anonymous.
Tor encrypts your traffic from you, to the exit node. From the exit node the traffic leaves as it would normally from your PC if you made the same request. However, the only difference is it shows the request coming from a different location. It makes your location anonymous.
So, I run an exit node. What can I see?
I CAN'T identify the original source of the traffic. UNLESS the client is using something that sends his original IP address to the end server (Such as bittorrent)
I CAN predict who you are, if you log into your gmail, facebook etc. I know who it is now.
Can I monitor your usage on hidden sites, such as the silkroad2? NO
It's easy to use if your smart about it, even if someone was monitoring 50% of end nodes you can still be anonymous.
if you own guards and hs directories then you can totally deanon
hidden services are insecure by design because all the traffic going to clients is theirs and they have little to no deniability.
i2p does not have this problem (;
There's nothing stopping them. Infact, most exit nodes ARE ran by people hoping to snoop at your data.
1. Hidden services don't use exit nodes. At all.
2. Exit nodes cannot read encrypted data. Encrypt the data between you and the server and the exit node just has to pass it on without tampering.
This is kinda related, I've tried booting Tails from live CD but it asked for the amnesia login, I've tried amnesia and root but nothing works.
The same for the when booting in the fail safe.
How do I solve this?
Maybe when you Tor users were at most 1000.
You view of the system is erratic, is like saying:
Gov could buy a few computers and mine all the bitcoin transactions fees and coins left.
The users are more powerful than a couple of supercomputers, and that's assuming they could actually be exit nodes and not just a layer node.
I am against pedophilia, but you act like a Jew working for JIDF. Posting utter disinformation and propaganda.
Tor is NSA headache because only exit nodes have unencrypted data. Having a non-exit node is useless, you can't relate its origin or destination or connection with other packing.
It's even public Lavabit and Tor were immune to 0days or hackers. It's like trying to kill a torrent, you can confuse or disrupt at most but P2P can relocate its distribution seeds and avoid the wrong ones.
They can crack down if they relate the exit node patterns with two intermediate nodes patterns. Sounds difficult but its not, they are experts at data-mining.
But they need a exit node and two layer nodes. Cost is insane.
Imagine you paid 4 dollars for every user exit node per hour. Multiply it for 3.
>Implying a Onion has a mere 4 layers.
Multiply it for everyone using Tor.
>Implying independently nodes don't grow with users grow
Now you got a hyper expensive program. And that is just for relating IP with cracked data, assuming 4 dollars per hour of successful exit node control. And assuming Tor users wouldn't change identity every 5 minutes.
What he is trying to explain the encryption does not matter.
I controll a first hop relay, and an exit.
I see the users real IP address on the first hop relay. I also see he is sending a request to download "35.6MB of data"
I also own an exit node, I see an anonymous user requesting to download "35.6MB" of data from midgetporn.com while no other identical requests were made.
Obviously, it would take hours of monitoring to get enough evidence but its not impossible.
This is incorrect - the client always encrypts the data before sending it out. Also, the packet is already packaged as onion routing before being received by the first hop, so the first hop doesn't know that it is the first hop, only that it is a hop coming from point X and going to point Y.
Yes you could encrypt it first and also go to Tor using a VPN, and running a USB Tales boot.
But get serious who needs that protection and lag wizard level? I just read Wikileaks and business mail.
I know the odds are hugely slim. But the NSA has a lot of dollar dollar and for the targets they get ; terrorist group leaders, Pedophiles etc these routes will lead to doors being knocked down regardless of how the data was obtained for the lead. The court convitions will come from the data on siezed computers
There is no password by default. Just press enter at the login screen. If you want a root password so you can install stuff or whatever, select Yes first.
You know as well as I do the muh pedos argument is a cover-all for anyone who upsets the governing classes power.
Not to mention they are all paedophiles anyway, as shown in the UK.
You didn't get me.
After I put the live CD, restart the computer, I get Tails boot menu, I choose live CD , and then it stuck.
I get a bunch of writing something that couldn't load, and it ask for amnesia login.
Thanks for replying
If the NSA controlled the majority of relays / hop-servers and exit nodes tor would essentially be broken, right? If all nodes in your tor circuit are controlled by the same entity tor is essentially useless? Isn't that security by obscurity?
It would only be partially broken. The number of nodes they control relates to the probability that they can deanonymise someone.
If they only own 50% of the nodes, then this wouldn't give them a 50% chance to find someone, since there are 3 hops in a typical connection. It'd give them a 33% chance to find someone- every single hop would have to be in their domain. (the 33% number might be wrong, I didn't think about the math in detail, but the point is that it's less). If one hop leaves controlled space, they cannot break anonymity. Well I guess they could go to the one they haven't broken and just bully it but then what if there are no logs? They'd be stuck.
The NSA concluded this and in their internal documents they realise that tor is effective when it comes to nodes.
Their goals are to get people to stop using tor, and to disrupt the network by doing things.
Like adding slow nodes that advertise themselves as fast nodes, so they slow down people's connections. Shit like that. Pissing in the pool rather than sitting under the water waiting for someone to use it.
To answer your question; you need a vast majority. And then you're still stuck on probability streak, although there are advanced methods to bring the amount you need to control down to more sensible levels like only 60% control. Tor is pretty fucking good.
One more relay node increases the security of the whole network by more than just one node. It increases the shuffling power, like how longer passwords are better by exponential amounts.
The NSA probably and GCHQ definately (using AWS (REMATION II) did run a load of nodes and we can assume that they still do.
Attacks to identify users are far more achievable to such organisations though and have already been successful.
- Seeding ads around access points http://www.cnet.com/uk/news/nsa-tracks-google-ads-to-find-tor-users/
- Traffic Analysis and vulnerability exploitation https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html
- Latency/clock slew http://www.cl.cam.ac.uk/~sjm217/papers/usenix08clockskew.pdf http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf
>the Tor network has only 3000 nodes, of which 1000 are exit nodes. Over a 24hr time period a connection will use approximately 10% of those exit nodes (under the default settings). If I were a gambling man, I’d wager money that there are at least 100 malicious Tor exit nodes doing passive monitoring. A nation state could double the number of Tor exit nodes for less than the cost of a smart bomb. A nation state can compromise enough ISPs to have monitoring capability over the majority of Tor entrance and exit nodes.
>all I am trying to say is that the surveillance capability of the adversary (if you pick a nationstate for an adversary) exceeds the evasion capability of the existing public tools. And we don’t even know what we should be doing to evade their surveillance.
>If you just want to “stay anonymous from the NSA”, or whomeever… good luck with that. My advice? Pick different adversaries.
Because they use their own form of it. Why pay expensive contractors to maintain your software when you can throw some free software developers a couple hundred grand to do it for you?
I think one of the aspects of Tor is secure communication for diplomats and governments that's why it's also interesting for the military.
But I mean Tor doesn't even obfuscate Tor packets, I doubt that it's hard for an organization like NSA to utilize traffic analysis.
Well China seems to have Tor largely under control anyway
>Well China seems to have Tor largely under control anyway
Not really. They're still fighting it. They've done the most, but most of what they're doing is fighting to keep people from even knowing about tor.
The FBI isn't a secret organisation. It's for fucking domestic crimes. They're given more powers than local law enforcement to tackle serious crimes.
The NSA is for domestic technological espionage, the CIA is for foreign intelligence, and the Secret Service is a secret. No-one knows what it does.
The FBI aren't a secret intelligence organisation, they just conduct criminal investigations on a federal level.
The CIA do international security, i.e. spying on other countries and terrorists.
The NSA do information security.
The Secret Service investigate financial crimes like counterfeiting, and provide security to the president and ambassadors.
CIA: covert/clandestine foreign HUMINT and intelligence analysis
FBI: domestic crimes and counterintelligence
NSA: foreign SIGINT and information assurance
Secret Service: financial crimes and protecting POTUS, VPOTUS, etc.
DIA: MASINT and defense-related HUMINT
It correct, I can boot mint,puppy, ubuntu and flavor , Debian.
It's just stuck in the middle of the boot, it say something about can't load a specific something and ask for amnesia login.
In a BIOS /ms-dos like interference ?
Is this a compatibility issue? Or a corruption ?