can someone tell me how exactly tor is compromised?
Can someone tell me how exactly tor is compromised?
Nathan Walker
Andrew Torres
it was created by the government so it has a backdoor.
Xavier Edwards
Search up your request on youtube defcon tor.
Jeremiah Perez
Most of our encryption algorithms are either made or trusted by the government? Should we not trust them as well?
'muh gobermint project' is not an argument.
Jonathan Young
It's not 'compromised'.
However in the design docs, it specifically warns against an adversary who has a 'global overview'. This means some super spy agency like the 5 Eyes Alliance, which can monitor all networks at the same time and then use statistics to find you (should you be doing something that attracts the attention of the 5 Eyes Alliance).
A good example of attracting their attention was that 'Shadow Brokers' leak and blackmail attempt where they arrested yet another NSA contractor. Another good example of controlling the overview of an entire network would be the great firewall of China, where they can analyze traffic inside China and match it to events outside, like say a post that wasn't time delayed critical of the regime. Again they can use stats to narrow down the likelihood it was Chang Chow, some dissident living in China that they just need to pick up for torture until he confesses.
Otherwise if you set up Tor so A) your traffic is always confined within the Tor network, so a seperate router or VPS within a VPS, or B), you are not using a browser which can be exploited and grab local files giving away your ID.... then you're pretty much not compromised.
Camden Torres
I can't stand the cringe in that video.
Noah Myers
>algorithm
user... An algorithm is just that, an algorithm.
Do you also think that quicksort has a backdoor or what?
Tyler Murphy
...
Nicholas Morgan
Honestly I dont know, but if nodes of the network cant read the package sent through them I dont see any flaw
Brayden Brown
You could watch every connection to every node on the network and correlate based on request size. Would be hard, but not impossible for someone like the NSA.
Charles Campbell
any attack that can occur without tor can occur between the tor exit node and the destination server.
everyone can see that your connection is coming from a tor exit node.
tor does not encrypt data, end-to-end encryption is the user's responsibility.
tor does hide where you are coming from, which was all it was intended to do in the first place. all tor users will appear virtually the same on the clear net. you can still be traced but it is very difficult and requires an active connection. as far as i know, once you end the connection any activity you performed cannot be traced back to the source. don't take my word on any of this, be sure to do your own reading on the subject.
David Morris
all exit nodes are public anyways. And the govt owns some of it. Why should I care if theres an attack between an exit node and the destination server?
Jason Harris
Most exit nodes are owned by rhe FBI
Bentley Nguyen
like gchq and nsa own 95% exit nodes
so duh
Anthony Stewart
This poster is correct.
Additionally, the Tor network can't protect you from Firefox 0-days or bad opsec.
Carson Perez
my point was that it doesn't protect you from man in the middle attacks, in fact, exit nodes are often the man in the middle. tor has very few real world uses.
Ryan Bell
you can stay inside the network and remain virtually untraceable
Brandon White
you can, but there's nothing within the network of interest. unless you're making a "look what i found on the dark web" youtube video then tor is only really good for hiding your ip. most interesting crime happens through human networks, which are far harder to trace.
Anthony Jackson
You can use your Tor config to exclude nodes based in Five Eyes and/or your own country if you're that paranoid.
Luis Bell
so why aren't privacy concerned people hosting their ( speed independent) services on the tor network? For one that would de-stigmatize the network and would encourage more and more people to start exclusively using the tor network.
Connor Campbell
>why aren't privacy concerned people hosting their ( speed independent) services on the tor network?
There are no "speed independent" services that people would care to use.
Sites are trying to shave milliseconds off their loading time to avoid people closing the tab when the site "lags", and you're suggesting that those people use sites that take seconds to respond.
Justin Rodriguez
>'muh gobermint project' is not an argument.
It is the only one ever needed.
Benjamin Hill
Citation please
You too, dickhead
Austin Johnson
It isn't. There are possible vulnerabilities, but they require an enormous amount of resources and luck and it's just not worth it unless you're a very high profile target. The biggest threat will always be your OPSEC and Javascript.
Thomas Sanders
It's literally funded by the CIA. and people involved are current/former NSA.
it's a massive honeytrap for retards.
Jason Walker
Dominic Torres
>literally
Kids do not belong on the internet. You are proof.
Elijah Ortiz
see If you don't like security systems made or supported by government agencies, you must not use AES, SHA hashes, or Linux Mandatory Access Controls (SELinux) either, right?
Jayden Cox
/thread
OP, I hope you know that Tor was originally a product of the United States government, but they had to release to remain truly anonymous.
Tyler Howard
Zachary Baker
Retards detected.
surveillancevalley.com
It's literally funded by CIA's disinformation division and State Department. And Roger Dingledine literally worked for the NSA.
All of you are fucking morons. And if you use Tor, your ass is gonna get v&.
Isaiah Bell
here's how it works:
>your ISP or VPN sees you connecting to Tor and starts delaying your packets by different amounts, slowing down and speeding up your bandwidth, etc., and informs the NSA of how they're modifying the traffic
>the exit node, website or hidden service you connect to through Tor is under surveillance by NSA either directly on the server or through their ISP
>your traffic can be detected by correlating the flow of traffic on both ends
>feds kick down your door and shoot your dog
Gabriel Hughes
>plebbit spacing
Ethan Walker
>was
It still is. They still fund it and people in charge are their assets.
Anthony Clark
Thank you for the correction user, my bad.
Connor Kelly
Correspondence between the head of Tor with U.S. Agency for Global Media (USAGM), formerly the Broadcasting Board of Governors (BBG) aka "propaganda arm fo the US government".
documentcloud.org