Author Topic: Yes, the NSA is watching you! (Read 3990 times)

Jehanne · « **Reply #15 on:** September 15, 2013, 02:41:46 PM »

I am not an expert in Tor, although, like many open-source programs, Tor is written in C and I can read C. What Tor (and Tails) will do for you is to anonymize your IP address to a very high probability. In other words, if you visit CathInfo via Tor, Matthew cannot tell what your true IP address is, only that you are coming from a Tor exit node. Now, if he wants, he can block all of the Tor exit nodes (they're public), but if he does, he'll risk blocking someone in Saudi Arabia, Iran, or some teenager in some wacko Protestant fundamentalist home here in the US whose nutty parents are spying on him/her to see if they are visiting some of the "Cathlick" websites. If "junior" is reading this post and decides to use Tails, then Mom & Dad (and, for that matter, the US government) will have no idea that Junior is learning all about the One True Faith or that he/she is posting messages to "Cathlicks" like us.

On the other hand, if you use Tor to make a bomb threat to your school and include your name, address, and phone number, then, no, Tor will not provide you with any anonymity whatsoever. When the FBI and police show-up, you could, of course, claim ignorance.

Iuvenalis · « **Reply #16 on:** September 15, 2013, 03:19:27 PM »

You just don't read about this stuff, do you?

Again, don't understand something, run the risk of false confidence:

http://www.theregister.co.uk/2013/09/01/tor_correlation_follows_the_breadcrumbs_back_to_the_users/

Jehanne · « **Reply #17 on:** September 15, 2013, 03:51:28 PM »

Quote from: Iuvenalis

You just don't read about this stuff, do you?

Again, don't understand something, run the risk of false confidence:

http://www.theregister.co.uk/2013/09/01/tor_correlation_follows_the_breadcrumbs_back_to_the_users/

Did you read the article:

Quote

The compromise isn't something available to the trivial attacker.

Quote

“An adversary that provides no more bandwidth than some volunteers do today can deanonymize any given user within three months of regular Tor use (edit -- "what's that?") with over 50 percent probability and within six months with over 80 percent probability. We observe that use of BitTorrent is particularly unsafe, and we show that long-lived ports bear a large security cost for their performance needs. We also observe that the Congestion-Aware Tor proposal exacerbates these vulnerabilities,” the paper states.

Besides, who said anything about using Tor alone? Why not "proxy" to Tor via an open Wi-Fi connection:

http://www.wififreespot.com/

So, the FBI spent three months trying to find-out that someone was using a laundry mat open Wi-Fi? ("Go get 'em!") Even if the article which you cite is true, I can still stay secure simply by staying mobile. And, the article does nothing to address the use of Tor Bridges":

https://www.torproject.org/docs/bridges

If I vary my bridges, I bet that I can add another "3 months" onto the timescale of those not-so-savy Internet sleuths. You can ask them, if you wish and post here; I'm too busy right now. But, it gets even better! How about using Tor as a proxy to JonDonym or vice-a-versa?

https://anonymous-proxy-servers.net/en/help/services_tor.html

In addition, I can go to another "open proxy" from a Tor exit node:

http://www.xroxy.com/proxylist.htm

Nothing about hidden services, by the way, in the article:

https://www.torproject.org/docs/tor-hidden-service.html.en

It took the FBI several years to shut Freedom Hosting down and they were one of the big ones:

http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/

And, the FBI's exploit only impacted Windows users who had not upgraded their Tor Browser with the June 26 update, as the FBI "posted" their exploit on August 4, which was discovered within a few hours. The code which they used for their hack is now in the public domain for every virus and malware writer to now pursue!!

Tails was not at all impacted by the FBI's exploit, nor Linux in general, which is what most Tor users are using.

Iuvenalis · « **Reply #18 on:** September 15, 2013, 03:57:05 PM »

You said gov't, the thread topic is NSA. They have a lot more resources than the casual internet sleuth (about whom I never worry)

Jehanne · « **Reply #19 on:** September 15, 2013, 04:14:21 PM »

The NSA may be able to read encrypted Tor traffic:

http://techcrunch.com/2013/09/07/the-nsa-can-read-some-encrypted-tor-traffic/

However, the largest RSA key (a single key out of a very large number) to be cracked to date was RSA-768:

https://en.wikipedia.org/wiki/RSA_Factoring_Challenge
https://en.wikipedia.org/wiki/RSA_numbers#RSA-768

which took a long time:

http://www.bit-tech.net/news/bits/2010/01/13/researchers-crack-768-bit-rsa/1

which means that it is going to be very expensive for the NSA to read Tor traffic which is still using 1024-bit keys. Besides, you could always add another layer of encryption on top of that:

http://danielpocock.com/rsa-key-sizes-2048-or-4096-bits

So, if the NSA does crack your Tor traffic, all that they are going to find is more encrypted traffic!

Iuvenalis · « **Reply #20 on:** September 15, 2013, 04:20:18 PM »

This will be my last reply because it is clear to me I am talking to someone who doesnt know what they are talking about, but I am not talking about 'cracking' encrypted TOR traffic, which is unecessary, I am talking about identifying the client identity, that is 'who they are'.

Jehanne · « **Reply #21 on:** September 15, 2013, 07:19:51 PM »

Quote from: Iuvenalis

This will be my last reply because it is clear to me I am talking to someone who doesnt know what they are talking about, but I am not talking about 'cracking' encrypted TOR traffic, which is unecessary, I am talking about identifying the client identity, that is 'who they are'.

Well, I have a BA in computer science (summa cuм laude) and a MBA from the University of Iowa (Beta Gamma Sigma) with over 20 years of professional IT experience. With this, I admit (and have admitted) that I am not an expert in computer security; however, using the Tor Browser, if the proper precautions are taken, such as using Tails (which will force all traffic through Tor, which will prevent "IP address leaking"), spoofing one's MAC address and Wi-Fi access points, using varying Tor bridges, using TrueCrypt full system encryption and various file container encryption, disabling Java Script, etc., will offer a high degree of anonymity. If do you not believe this, then consider the case of Daniel Dantas:

https://en.wikipedia.org/wiki/TrueCrypt#Operation_Satyagraha

So, yes, encryption, if used properly, can be most effective!

Gaudium in Space · « **Reply #22 on:** September 16, 2013, 01:05:57 AM »

Quote from: Jehanne

Quote from: Iuvenalis
This will be my last reply because it is clear to me I am talking to someone who doesnt know what they are talking about, but I am not talking about 'cracking' encrypted TOR traffic, which is unecessary, I am talking about identifying the client identity, that is 'who they are'.

Well, I have a BA in computer science (summa cuм laude) and a MBA from the University of Iowa (Beta Gamma Sigma) with over 20 years of professional IT experience. With this, I admit (and have admitted) that I am not an expert in computer security; however, using the Tor Browser, if the proper precautions are taken, such as using Tails (which will force all traffic through Tor, which will prevent "IP address leaking"), spoofing one's MAC address and Wi-Fi access points, using varying Tor bridges, using TrueCrypt full system encryption and various file container encryption, disabling Java Script, etc., will offer a high degree of anonymity. If do you not believe this, then consider the case of Daniel Dantas:

https://en.wikipedia.org/wiki/TrueCrypt#Operation_Satyagraha

So, yes, encryption, if used properly, can be most effective!

What do you use for MAC address spoofing?

I've been using http://www.klcconsulting.net/smac/ for a while. Is there anything better?

For anyone reading this thread who isn't familiar with Media Access Control (MAC) addresses-
https://en.wikipedia.org/wiki/MAC_address

Jehanne · « **Reply #23 on:** September 16, 2013, 07:06:13 AM »

Quote from: Gaudium in Space

What do you use for MAC address spoofing?

I've been using http://www.klcconsulting.net/smac/ for a while. Is there anything better?

For anyone reading this thread who isn't familiar with Media Access Control (MAC) addresses-
https://en.wikipedia.org/wiki/MAC_address

If you're using Windows (ugh!), then use Technitium (which is free):

http://www.technitium.com/

If using Linux, directions can be found here:

https://wiki.archlinux.org/index.php/MAC_Address_Spoofing

P.S. The program which you are using is just fine; verify using 'ipconfig /all' before and after changing.

Gaudium in Space · « **Reply #24 on:** September 16, 2013, 02:11:26 PM »

Quote from: Jehanne

Quote from: Gaudium in Space
What do you use for MAC address spoofing?

I've been using http://www.klcconsulting.net/smac/ for a while. Is there anything better?

For anyone reading this thread who isn't familiar with Media Access Control (MAC) addresses-
https://en.wikipedia.org/wiki/MAC_address

If you're using Windows (ugh!), then use Technitium (which is free):

http://www.technitium.com/

If using Linux, directions can be found here:

https://wiki.archlinux.org/index.php/MAC_Address_Spoofing

P.S. The program which you are using is just fine; verify using 'ipconfig /all' before and after changing.

I'm not very fond of WinDoze, especially after the recent revalation of MS turning over so much access to FedGov, but I need win7 to remote login to work. I use win7 Ultimate because of the ease of using it in Win XP mode (within a VM) so if I interact with Google of Fakebook I can further protect against malicious people on the other end. FB & Google seem to have many employees who like to exploit their privilege and get into customer machines.

I really need to make my machine a dual boot with some flavor of Linux. My skills with Linux are only basic and letting time go by with no use will only make it worse.

What's your opinion on the different varieties of Linux and which version would you recommend for a novice?

Jehanne · « **Reply #25 on:** September 16, 2013, 03:20:00 PM »

Quote from: Gaudium in Space

What's your opinion on the different varieties of Linux and which version would you recommend for a novice?

Just use Tails:

https://tails.boum.org/

Download it to a USB as an ISO and you're done! Keep the USB with you wherever you go!! Verify all digital signatures using OpenPGP; can't hurt and only takes a minute or two.

McPhi · « **Reply #26 on:** October 09, 2013, 09:41:37 AM »

Attacking Tor: how the NSA targets users' online anonymity

http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity

Quote

The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA's application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world.

(continue reading at source)