Is it compromised?

Is it compromised?

Attached: 1295789031.png (1200x725, 74K)

Other urls found in this thread:

gitweb.torproject.org/torspec.git/tree/tor-spec.txt
arxiv.org/abs/1704.00792
murdoch.is/papers/oakland05torta.pdf
gnunet.org/sites/default/files/10.1.1.5.2005.pdf
cs.kau.se/philwint/spoiled_onions/pets2014.pdf
surveillancevalley.com/blog/claim-tor-does-not-provide-backdoors-to-the-u-s-government
twitter.com/NSFWRedditGif

it always has been, but it has only gotten worse.
if youre at all security conscious you will have to do a TON of modifications to it that paradoxically will make you even more fingerprintable

It always was. You’re literally using an NSA program

It's honeypot.
(((compromised))) since day one.

Sure it is, but 99.9% of activity on there is not what they're looking for.

stop making this thread

Brought to you by the intelligence agencies in every nation, the megacorps, and the Illuminininiati. YES, STAY ON THE CLEARNET GOYIM

The source is open. Show the compromise, fluorescent niggers. No, federal funding does not equal compromised. Also explain how the 2013 leaks were allowed to slip through the cracks.

glowing nigger.

Your ISP will know when you're using TOR so most likely they will keep all your current session logged for undetermined time in case you were doing something shady. An exit node's traffic analyzed and compared to an entry node's (You) traffic can reveal your identity. The owners of the TOR relays can use RAM dumps to see what's passing through their servers, although it's not easy to do so because of the way TOR distributes the traffic, it can be done if you've multiple relays at your disposal, which is what LizardSquad was doing a couple years ago hosting hundreds of fake relays, whether they actually managed to find anything I don't remember but it's not impossible to use this to track the original IP.

Since anyone can run relays, it's almost impossible to tell which ones are honeypots. I would assume all TOR relays keep logs and just never try doing something shady with TOR. Some people go out of their way to use TOR with VPN and other proxy networks but it sounds like a huge pain and not worth the effort when you could use a public wi-fi in any major town's center, with a bogus device and TOR. Sure the TOR flaws are still there but the worst that can happen is exposing the wi-fi's IP which isn't linked to your identity.

>Show the compromise, fluorescent niggers
nothing much
gitweb.torproject.org/torspec.git/tree/tor-spec.txt
>For a public-key cipher, unless otherwise specified, we use RSA with 1024-bit keys and a fixed exponent of 65537.
>1024-bit key
>2k18
arxiv.org/abs/1704.00792
>We further discovered 122 relays that used non-standard RSA exponents, presumably in an attempt to attack onion services
oupsie
NSA or whatever triple letters can factorize way more than low-budget researchers.

murdoch.is/papers/oakland05torta.pdf
gnunet.org/sites/default/files/10.1.1.5.2005.pdf
this was more than 10 years ago, imagine what we can do today if you control lots of nodes (or have acces to hardware, hum hum intel me hum hum)

cs.kau.se/philwint/spoiled_onions/pets2014.pdf
>just sniffing your traffic, nothing personal there

If you can't catch the red flag then there is nothing we can do for you.
Also js is designed to develop tracking tools (cursor, webcam, micro, etc) it would be a shame if this language was riddled with security breaches.
Modern browsers are also utter trashes concerning security.

just using tor put you on some lists and you traffic is spied on more often than the average citizen.

I'm glad you're the only one here that isn't completely autistic and provided a thoughtful answer.

Tor isn't "compromised". It's just a P2P network. And honestly 99% of people using it are just bypassing country specific blacklists for websites they want to use. Only retards think the Tor Network is the "dark" net and nothing but child porn and drug trafficking. Tor isn't the "hidden web" it's just a P2P network.

And I'm glad you mentioned ISP. No matter what you do, everything still goes to your ISP first. Buying a VPN, using Tor, using proxies. It may shield you from the websites you're trying to disguise yourself from but it doesn't make you anonymous.

>how the 2013 leaks were allowed
limited hangout

It's compromised insofar as the government is all over it. But, ironically enough, you can trust it because the government is all over it.

your isp knows that you yous tor, but not what you do.
its still a net advantage.
the threat model for tor usage is corporate surveillance/private intelligence shenanigans, not governments.

it is still far from perfect because there are few nodes/people willing to operate them and traffic as a result can be easily correlated, made wore by the fact that tor now use fewer intermediate layers of nodes to speed up traffic a part of its effort to appeal to normal noncriminal folks.

This , everything you just posted is retarded. You're saying Tor is compromised because there's agencies out there attempting to compromise it. Tor isn't bulletproof but guess what, nothing is. The point is it provides security by design instead of security by trust so anyone trying to spy on what you're doing will need to spend good money instead of just sending a warrant. This means taking the time to run corrupt nodes and correlating traffic to the target. If you attract that attention it's not Tor's fault, it's your own.

>logged for undetermined time in case you were doing something shady
i think that a good use case for tor is for purposely innocuous traffic.
that way you've baited people into wasting resources, time, electricity, and effort archiving and attempting to decrypt perfectly worthless information.
tor browser enables js, which is horrifically bad for anything sensitive, but makes it ideal for this sort of strategy of flooding the surveillance industrial complex with garbage data.

The only way to stay free from spying is to not use the internet, because the internet standard was made with centralization at its base, always relying on some kind of backbone owned by corporations that can do whatever they want with it. There're some projects for self-hosted backbones that look promising, I'm looking forward to that, if any of those projects succeeds then internet will finally be free, in every sense of the word.

Always use a one-time pad user, just like your gf

>tor
Not thanks. Iam not pedo.

Who would have compromised it? You?

>1024-bit keys
Yikes. Not using Tor anymore.

Attached: 1453389940570.jpg (250x250, 14K)

what's the alternative to share c￸hi￸￸l￸￸￸d p￸￸or￸n nowadays?

The majority of nodes that take logs are likely government owned exit nodes. Regular people running through residential ISP's can't exit nodes without getting swatted. As such it's worth mentioning your defence against correlation attacks drastically increases when you stay within the onion network and never leave an exit node to get to the clearnet.
I'm not familiar with all this stuff about RAM dumps in relay nodes, though. Everything that goes through a relay is encrypted so how does that make sense?

Freenet. Too bad it's such a heavy application, otherwise it would make perfect composite network with TOR. TOR as the live service part and Freenet as the static content part.

Attached: Freenet.png (450x253, 20K)

Why don't you have a seat over there?

nobody fuckin uses freenet the correct answer was i2p

Tor + pedo = torpedo
Made by the Navy

Tor is clearly designed as a containment zone for pedos , so feds can go after the worst ones while letting the rest go free because police forces can't arrest the massive numbers of them

Are you serial Deep Web pedophile?

Ask Tadeus, I bet he got up to date very quickly since released

It really sucks privacy conscious people can't use such services without being flagged as potential pe￸￸d￸￸￸os.

Is tor a way for chinks to bypass their firewall?

I'm sure it was the original intent. Let numerous small curious pedos flock around and have the big content makers (the actual dangerous people) come forward to share it and catch them.

Probably analyzing the packet sizes and performing a triangular analysis between dumps from various relays. Within the TOR network it is indeed safer but I haven't looked up all details about it yet so I imagine the same risks of SSL apply there too (keys leakage). In order for the traffic to get dencrypted at the destination address, there has to be a decryption key somewhere within the TOR network, probably on some "trusted" TOR servers just like there're SSL "authorities" on the clearnet, if not even self-hosted on the relays themselves.

The USA and allied governments own most of the TOR nodes in existence. If the start node and exit node are owned by the USA/Allied governments they can know where you're going to and what you're doing.

Then there's also a ton of side channel attacks that they have used successfully to shut down pedo rings and drug traffickers.

TOR is great if you live in some shithole govenrment that blocks parts of the internet and shit, but if you live in any first world nation don't expect it to protect your ass 100%.

Damn, well I guess that's a good reason to interlace a VPN with Tor - to the VPN and from it.

p2p helps this issue a little bit so its common sense really to use a network designed as a darknet to some extent like i2p or anonet

youre not safe from sybil attacks until >lokinet

It's safe. I use it everyday and I haven't seen any CIA, NSA or FBI agent yet.

No, it's still safe to use. The issue arises with retards who don't use it correctly and/or have shit OpSec.

The sheer fact three letter agencies rely on custom malware/exploits, manipulative social engineering, and dumb luck to take sites down should tell you enough.

That explains why the feds dropped a bunch of charges against pedos because they refused to reveal the exploit they used to track them down.

By the way, is there tor analogs aside i2p?

Why are these cp threads never deleted?

Mods, start doing your f*cking job!!

Depends on how you use it. I've had a run in with DEA FBI and Homeland Security but, zero evidence was found at my home!! case dropped bitch

It was never secure. However, the feds will not admit that they have it backdoored so use it. Just make sure that you only browse in the default window size and don't ever input anything to any websites so that the feds don't have a reason to pretend its not backdoored when they fuck you.

you're projecting hard here.

>open source
>backdoored
yikers

>have it backdoored
Source code is online. Please show me this backdoor and I'll switch genders and leave this site forever. Posts like yours makes me embarrassed to be part of this board.

Attached: 1431910501147.jpg (1019x720, 131K)

>Please show me this backdoor and I'll switch genders and leave this site forever.
kek

No

>(or have acces to hardware, hum hum intel me hum hum)
Oh noes! Intel cab brick my pc if I use windows 10 and installed the ime controller, oh noes!

Also yeah tor nodes sniff everything you do on them but that's to be expected, If you think you can use personal infl on tor you're fucking stupid.You're supposed to stay anonymous on tor

nope they use free/paid vpns

Nice try, NSA.

based. fuckin/g/ retards I swear. This board is so stupid they are not even able to tell if an open source project like ubuntu can track you regardless of the source being fucking online

You're a moron. user is talking about a backdoor in Tor and I'm telling him if there was, it would be in the source code and the whole world would eventually learn about it making Tor completely useless. user clearly doesn't know the difference between a backdoor and running corrupt nodes for traffic correlation. By design Tor makes it nearly impossible for a single node to do this. The point is that instead of putting all your trust in a single party you now have to perform analysis on multiple nodes. So yes, if there was a backdoor in Tor it would be fucked. Ubuntu sending data to Canonical servers and relaying that data to Amazon has nothing to do with backdoors.

Attached: 1523920899410.jpg (902x960, 86K)

too many people use TOR for ISPs to hound individual users. it's not 2012

names/links?

/thread

until today, the only people that got busted despite using tor did so because they were loggin on some email, on some account system on some forum, or using the goddam javascript, which is enabled by default now it seems

Just share it on social media websites like Facebook with your mates user. Or stop seeking that shit out. Pedos are ruining anonymization services by making them huge targets for the Federalis and making people think only pedos use them. You're gonna get caught eventually no matter what you do. It could be a family member catching you and reporting you, or it could be a massive 0 day that comes out of nowhere and fucks your shit up. Just don't do it faggit.

Were you running an exit node ?

surveillancevalley.com/blog/claim-tor-does-not-provide-backdoors-to-the-u-s-government

NO

you fucking zoomer
/thread

People who care about security are on freenet anyways

>People who care about security are on freenet anyways
What about jondynym? Does this project still exist?
Adults will know what I am talking about

the issue is that if it is comped the people wouldn't know. most vulns seem to only come from developers for the project itself or independent researchers. the bigger issue is the way that websites filter, block, or log known tor nodes that send traffic to their sites which can be used in traffic pattern analysis which could be used to narrow the spectrum as to who the tor user is.
is it safe, maybe
should you do stupid shit on it, probably not

>animeposter

Lets be real here. You already switched genders.

Yes, since 2013

Freenet is the worst of them all.
i2p>Tor>Freenet

I have no problem with this. Again it's not a backdoor and he did the most responsible thing. Don't forget it's funded by the DoD and anyone funding the project deserves to know if it was compromised. There's a reason why vulnerabilities are privately disclosed.

>anime website

Attached: 1384568011879.gif (500x263, 530K)