How The NSA Targets Tor 234
The Guardian has released new documents from Edward Snowden showing how the U.S. National Security Agency targets internet anonymity tool Tor to gather intelligence. One of the documents, a presentation titled "Tor Stinks," bluntly acknowledges how effective the tool is: "We will never be able to de-anonymize all Tor users all the time. With manual analysis we can de-anonymize a very small fraction of Tor users, however, no success de-anonymizing a user in response to a TOPI request/on demand." (Other documents: presentation 1, presentation 2.) The NSA is able to extract information sometimes, though, and Bruce Schneier details what we know of that process in an article of his own. "The NSA creates 'fingerprints' that detect http requests from the Tor network to particular servers. These fingerprints are loaded into NSA database systems like XKeyscore, a bespoke collection and analysis tool which NSA boasts allows its analysts to see "almost everything" a target does on the internet. ... After identifying an individual Tor user on the internet, the NSA uses its network of secret internet servers to redirect those users to another set of secret internet servers, with the codename FoxAcid, to infect the user's computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems." Schneier explains in a related article why it's important that we figure out exactly what the NSA is doing. "Given how inept the NSA was at protecting its own secrets, it's extremely unlikely that Edward Snowden was the first sysadmin contractor to walk out the door with a boatload of them. And the previous leakers could have easily been working for a foreign government."
TAILS (Score:2, Informative)
And this is exactly why you use TAILS. No fingerprints. Heck I have an exclusive machine for TAILS.
Re:TAILS (Score:5, Insightful)
This quote from TFA was particularly insightful:
Other efforts mounted by the agencies include attempting to direct traffic toward NSA-operated servers, or attacking other software used by Tor users. One presentation, titled 'Tor: Overview of Existing Techniques', also refers to making efforts to "shape", or influence, the future development of Tor, in conjunction with GCHQ.
What that says is "hang on to old copies of TAILS and Tor, and don't 'upgrade' them." Sure, they're going to keep trying to attack them, but for right now this is as close to evidence as we'll ever get that says they're effective.
Re: (Score:2)
Nah, it's just disinformation to keep the paranoid using certain versions of certain software so that they feel secure... and the spooks can concentrate on cracking them (and know who the really paranoid people are) if they haven't already.
Now, if you'll excuse me, Phil and Liz are about to revert to 12-foot blood-drinking lizard form (it's that time of night) and I'm scheduled to pilot their saucer craft to zeta Reticuli for the conference with the Masters this evening. I need to look out my spare elemen
Re: (Score:2)
Re: (Score:2)
I was thinking the same thing (FoxAcid, does it run Linux?). Why ANYONE doing anything online a government thinks they shouldn't, would do so running MS Windows is a mystery. The only way I would even consider it is if the machine was completely blocked from internet access with the exception of the TOR proxy ports.
Re:TAILS (Score:4, Interesting)
I think you've misunderstood the attack.
1. They can identify anyone using TOR by looking at the encrypted traffic. Doesn't matter what you're running.
2. Using their privileged position on the internet backbone, they can perform MitM attacks by responding faster than the real servers, so they server you their malware package while serving the original content. Doesn't matter what you're running.
3. The NSA has 0-days for everything, so now you're rooted. Doesn't matter what you're running. And likely de-anonymized at this point.
4. If you're using a live CD, you might stop being rooted when you power down. Unless the NSA has a 0-day for your BIOS, which is certainly possible, in which case even that didn't help.
This is the full financial power of a Cold War military intelligence branch being directed against individual citizens. Doesn't matter what you're running, you brought a knife to a gun fight, and they brought an armor division.
Re:TAILS (Score:5, Informative)
This is absurd.
Listen, I've read the analysis and I've read all the available documentation. I agree with Schneider's analysis, but you're exaggerating.
1. They can identify anyone using TOR by looking at the encrypted traffic. Doesn't matter what you're running.
Maybe. But they do this by injecting cookies and then trying to find those cookies later on the unencrypted Internet, once you've turned off Tor. This doesn't work so well if you're using the browser bundle, or some sort of Live CD, but it may work on
2. Using their privileged position on the internet backbone, they can perform MitM attacks by responding faster than the real servers, so they server you their malware package while serving the original content. Doesn't matter what you're running.
The race-condition man-on-the-side capability of the NSA was never doubted, though nobody was really sure until recently how/where/if it was deployed and how often it was used. It looks like it's a rather common thing they use these days. In that vein, they can probably intercept the traffic between the exit node and the hosted content, unless, of course, you're using a .onion site, in which case, they most certainly cannot (unless they own the exit node, which they will only sometimes do).
3. The NSA has 0-days for everything, so now you're rooted. Doesn't matter what you're running. And likely de-anonymized at this point.
If you're rooted, you are also de-anonymized. That's almost a sure bet. Avoiding getting rooted is the key.
4. If you're using a live CD, you might stop being rooted when you power down. Unless the NSA has a 0-day for your BIOS, which is certainly possible, in which case even that didn't help.
Doing a blind root on a BIOS is pretty unlikely. In fact, rooting someone who doesn't have a browser/OS combination that has a pre-built exploit make is much less likely. Especially even moreso if you spoof the user agent.
Regardless, the tone of your post is a bit over the top, and doesn't match the evidence- just figured I would point that out.
Re:TAILS (Score:4, Interesting)
1. They can identify anyone using TOR by looking at the encrypted traffic. Doesn't matter what you're running.
Maybe. But they do this by injecting cookies and then trying to find those cookies later on the unencrypted Internet, once you've turned off Tor. This doesn't work so well if you're using the browser bundle, or some sort of Live CD, but it may work on
Sorry, I was unclear. They can easily identify TOR traffic as TOR traffic - they can identify that you are a user of TOR. Governments with far less resources can do this, and block all TOR traffic. There was a /. story about this some years back, on the TOR team trying to respond but admitting it would always be an arms race.
Doing a blind root on a BIOS is pretty unlikely. In fact, rooting someone who doesn't have a browser/OS combination that has a pre-built exploit make is much less likely. Especially even moreso if you spoof the user agent.
Yes - this is the one area where I do doubt even the NSAs capabilities. But the user agent has nothing to do with it - TOR tries to make everyone's browser fingerprint look the same anyhow - if you changed it in some way there are attacks based on having that unique fingerprint (no clue how real such attacks are). Regardless, most TOR users are running a recent browser bundle on a very limited choice of OSs, and this is one case where Windows likely isn't the biggest target.
Re: (Score:2)
I was reading that the TOR attacks against the browser bundle executed by the FBI recently were specifically targeted at Windows users, because not enough people doing illegal crap are sophisticated (or paranoid) enough to run something other than what was pre-installed on their system. That may change now, but it probably wasn't the case before these leaks and other events.
Re:TAILS (Score:4, Funny)
Re: (Score:3)
Remember that these are with respect to targeted attacks. The techniques described are only put into use against you if they think you're doing something wrong. They can target anyone but they can't target everyone at once. But the attacks apply to everyone.
And really, running off a live CD isn't the way to defeat this. It is to simplify the renderer (cut the JS/CSS crap, go back to plain HTML), overhaul the browser security structure, and keep the playing field diverse. The more products are out there, the
Re: (Score:2)
The solution to this is to run Tor (specifically the Tor bundle) in a combination VM (or container, such as Docker) and AppArmor/SELinux profile. So no changes are stored; it reverts to the original image each time it's run. Furthermore, you can the restrict access of everything other than the tor daemon to only be able to access the tor SOCKS port on localhost, and block all UDP (no DNS).
That way even if rooted with a 0-day, it can't really give up your identity and it won't persist. Sure, they could proba
Re: (Score:3)
Remind me who sponsored SELinux in the first place please ...
Cheers
Jon
Re:TAILS (Score:5, Insightful)
This is the full financial power of a Cold War military intelligence branch being directed against individual citizens. Doesn't matter what you're running, you brought a knife to a gun fight, and they brought an armor division.
Yeah, I agree. We're pretty fucked, but I do think there's hope, however. The common man is disposed to do nothing until they feel the jack-boot at their own throat. The founding fathers knew of this:
Prudence, indeed, will dictate that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn, that mankind are more disposed to suffer, while evils are sufferable, than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security.
USA Declaration of Independence.
The important thing to note is that they also gave us tools such that we would not have to throw off our government in order to fix it. We actually can fire congress. We actually can hold accountable the traitors to the constitution they swore to uphold. They keep this shit up, and more folks will come around to the idea of using them. They may have an armor division, but note that it's actually on our side. The pen is mightier than the sword, and the Army is not the NSA or CIA or individual sessions of congress.
I developed a fairly weak encryption system with hash based CBC, and a simple substitution cipher prior to XOR to reduce effectiveness of chosen plain text attacks (random throw-away nonce initialization vector also helps). It's going to be part of the reverse-DRM system for my games (give the users the power: They can ensure game updates and mods can be trusted / signed), but since it's for games and the mods are scripts not native code, and will distribute online (thus internationally), I don't need anything super secure, or copyright encumbered (so I can open & close source as needed to mitigate cheaters in online games).
I was looking at my router bandwidth log a few days ago and there was an upload of about 375 megabytes in the middle of the night, over an hour and a half 11pm to 12:30ish. No one was uploading anything here, I know for a fact. I recall a few days prior to that my Firefox browser had oddly glitched and crashed on adobe flash content (this rarely ever happens, since I don't consume much flash). The next day I noticed on my private game dev forum that a post I had made somehow got duplicated and glitched up, marking it as a global sticky announcement, and quite tellingly, none of the BBCode markup was parsed into the board's internal format -- My post somehow made it into the SQL database twice, and one copy apparently didn't go through the board's posting filter -- The posts are transactional, if the forum had glitched the DB wouldn't have been populated, let alone twice, and it would have been filtered for markup PRIOR to even touching the DB... This post was a list of all the improvements I recently made to my custom cipher. Coincidence? Yeah, right.
In addition to being a cryptographer, I frequently make politically inciteful comments (see above), and since I make games as a hobby research some crazy stuff for plot ideas, sometimes I post in-character as a machine mastermind; And am also writing a novel about machines holding the government for ransom. (Spoiler: the machines autopiloted airplanes into bulidings as a show of force on 9/11 to get the government to expand the world wide neural network... you can imagine red flags everywhere doing research and collaborative writing for that, eh?) I also tinker with electronics hardware and hobby OSs coded in ASM and my own toy languages. Being that I email enc@nsa.gov directly to comply with encryption export regulations, and also follow the protests going on around the world, I'm pretty sure they know all about me and have every delusional reason to be all up in my shit... Even though I run Linux primarily I have a few Win boxes for testing cross platform game code, and even though I use custom router firmware, and don't use Tor or really have anything to hide, not even sex stuff...
My bumper sticker says, "It's only kinky the first time". Good luck finding blackmail material, I have no shame... Hell, I wear clothes only for the benefit of others, so they don't have to see my junk. However, there are times when I do want a little privacy. And sometimes I just want to use my machines in private, but that's gotten so hard to do I feel bad for others who have no idea where to start.
I used to use my router's remote logging feature to post logs to my syslogd on another server, but forgot to set it up when I upgraded the OS. Interestingly now when I try to enable that feature, it disables itself. Now, think about this: If it's the NSA cracking my shit, then they were so fucking inept that they forgot to turn off the aggregate bandwidth logging, or at least subtract their bandwidth from the log; And left a trail of red-flags all clustered around a single date instead of spread out where I wouldn't notice. For fuck's sake, you can SSH into the damn router from this very (probably compromised) system, and a key-logger would show them how. It supports running chron scripts so they could have AT LEAST chopped the activity from the log (or erased it) afterwards. I'm not 100% sure, or even 99% sure my stuff's been compromised, but that means I can't be 100% sure I can write my memoirs in private, on most of my own hardware.
My concern is that the NSA really is equal parts intelligent and daft. In the cyber-world that means Strong and Stupid -- A dangerous combination. I mean, they ported Carnivore to MS Windows AWAY from Unix... Knowing full well Windows has FAR MORE of an attack surface and 0-day exploits. It's no wonder PRISM data was leaked, they use windows. Fortunately, I anticipated this crap when the whole ISP NSA-room debacle surfaced (and ECHELON before that, Omnivore/Carnivore, etc before that). So, I have hardware I don't connect to the networks, running OSs that I built myself from scratch using only a bootable hex editor, bootstrapped by writing raw machine code in live executing memory. So, at least I can still use some of my hardware in private -- If Ken Thompson Microcode hacked, the systems can't report home. I'm sure that scares the shit out of those cowards. If they came knocking at my door, I'd gladly hand them a homebrewed beer and show them everything, but since they want to play covert spy BS, then I've made some computing systems they can't get into and spy on (even though it's otherwise worthless to me except for teaching / learning / writing private thoughts...). I'm sure it's like telling a teen they can't do something. I'm fully prepared to be black-vanned. It's sad, really. What a waste of tax payers money, and what a disgusting lack of freedom I feel.
Read up on some Nietzsche (not the Nihlist crap, the other stuff about living for yourself vs the other) -- I think we really can't be fully human unless we have some assured privacy to just be ourselves in. I just can't believe the greatest and most powerful nation feels so threatened by those ineffectual terrorists, who stand no chance of ever really harming us significantly. More folks die in car accidents in a year than a hundred 9/11s, that's how great we are. They're so fucking scared they'd strip away our freedom to have privacy.
I keep resisting the urge to self-censor, against my better judgement. I think of my friends serving in the armed forces, my neighbors who have served, and those that gave their lives for my freedom... Even though I know it wrongfully paints me a target, if I don't hold up my end of the deal and exercise my freedom then those brave men sacrificed for nothing.
Re: (Score:2)
The NSA is like a "covert spy" wearing a Tee Shirt that reads: "I'm from the NSA, I'm here to help." For fuck's sake they FAIL at being covert. We might as well not have them in that case. You think a terrorist is too dumb to notice such egregious failures to keep their cracks from being noticed? Seriously, if you're reading this, NSA. Fire that fool who cracked me. You might want to hire some ACTUAL hackers, because you look like morons.
Re: (Score:2)
Re: (Score:2)
Firefox has bugs in the Firefox part of Firefox. 0-day attacks on the browsers themselves are perhaps the most valuable and rare attacks these days, moreso than OS privilege escalation bugs I'd guess, but the NSA has effectively infinite money and manpower to find or buy exploits.
Do they actually have a 0-day for every version of every browser? I don't think that extreme has been confirmed, but we know they have lots, and it's unreasonable to assume any of the major browsers is bug-free.
Re: (Score:2)
I don't understand how they could root you if you're not running any plugin and have Javascript disabled, could you explain ?
By exploiting vulnerabilities in the browser. Being a piece of software it's no more secure [exploit-db.com] than any other out there. Spoofing user-agent might help, but the dilemma runs like this:
Re: (Score:3)
Uhhhmmmm - a number of people are clueless. That's ONE reason to commit nefarious deeds on the internet using Windows.
Other people think they are smarter than you, me, or the government, and they believe they can actually "secure" Windows against attack.
I have "met" one guy, who actually, seriously believes that Win98 was the last secure version of Windows. He won't trust any more modern version of Windows - and never did trust anything else. The guy is weird, what can I say? But, he's probably not uni
Re: (Score:2)
I was thinking the same thing (FoxAcid, does it run Linux?). Why ANYONE doing anything online a government thinks they shouldn't, would do so running MS Windows is a mystery. The only way I would even consider it is if the machine was completely blocked from internet access with the exception of the TOR proxy ports.
I do ALL my nefarious deeds while running Windows.
Technically, they're compromised machines belonging to someone else who have no idea who I am or what I'm doing, but -- mere technicalities -- they still run Windows!
Re: (Score:3)
The guy on Linux is MORE LIKELY to be secure than the guy running Windows.
Not because it's LInux - but because the guy on Linux is PROBABLY more savvy than the Windows guy. You will note please, that I said PROBABLY. A truly tech savvy Windows administrator can give the best Linux guy a run for his money. But, hundreds of millions of Windows users are truly clueless.
Re: (Score:2)
Yeah right, except quite a few of us post on Slashdot and other tech sites - we are a gated community. Nearly all sysadmins are a piece of piss to find on t'interwebs.
Perhaps those site's web log files might not be as well protected as you might want - I doubt that our host's web masters are the only viewers.
Perhaps you describe some aspect of your home/work/cloudy system, perhaps over many posts over several months/years (your modus operandus) on these tech sites.
Perhaps there is someone who has a system
Govt. won't be happy (Score:2, Insightful)
Re:Govt. won't be happy (Score:5, Funny)
You call them "Smart TVs." I call them "telescreens."
Re:Govt. won't be happy (Score:5, Insightful)
Here's how I see it: Government agencies tend to take the path of least resistance to accomplish their assigned goals. Spy agencies goals are to monitor and identify threats. It's much easier to monitor everyone online rather than the comparatively difficult task of getting a proper subpoena for each individual being monitored.
The reason this is easier is because it's allowed by the government and tolerated by the people (at least enough to let it stand, we're not taking to the streets with torches and rope). Due process has not been updated to cover this in a way most of us feel would be appropriate. There are probably other barriers against this type of behavior that more knowledgeable people could come up with. They should be there, but they're not.
The officials in charge likely know that there is only so much they can abuse that power before it's taken away from them. If it came out that the NSA had found a way to listen in on every conversation and track you at the moment, and the public understood it and wasn't successfully distracted from it, the NSA would have it's powers trimmed. And then their job would be harder again.
So it's not that they're just voyeurs who will stop at nothing to have a live feed on your sphincter. It's more that we want to have our cake and eat it too. We want the NSA to protect us from the boogeymen terrorists, and we don't want them to spy on us either. But we're more flexible on the latter, so there you have it.
We'd need to keep limiting the NSA from taking the easiest paths we don't want them to take, but we're also lazy and apathetic as a nation.
Re: (Score:3)
Dichotomy (Score:3)
People often claim that the NSA is watching exit nodes, and can tie Tor traffic back to the users. This apparently claims the opposite.
So do we know for sure if this a real leak, or was this "leaked"?
Re: (Score:2)
Of course they are watching exit nodes. Everybody should assume they do (also the person running the node will watch, and that person's ISP).
However, I have never heard anyone claiming they can tie the traffic back by watching the traffic, other by the well know timing attacks that they *do* talk about in the article. Basically, they see some traffic exit the node at the same time as they see similar traffic at some completely unrelated place in the network, building up statistics which can identify a susp
Re: (Score:3)
No, this article states directly what most people are really saying. People say that NSA controls quite a few exit nodes, but we're not really sure how many. If they controlled a lot, they could deanonymize Tor traffic. According to TFA, NSA knows full well exactly this and tried it, but couldn't gain control of a sufficient number of exit nodes. That's not surprising, it really would take controlling quite a lot of exit nodes.
The more real danger is mentioned in the article, also. Your computer and the con
Re: (Score:2)
Are we sure they didn't just root the botnet [torproject.org] around mid-August/early September?
http://www.infosecurity-magazine.com/view/34453/massive-botnet-is-behind-tor-usage-spike-/ [infosecuri...gazine.com]
Can we be absolutely certain that the botnet itself, and every single node, is 100% secure and non-rootable from the NSA's 0-day too
Tor site says so (Score:2)
Insufficient data to draw useful conclusions (Score:5, Interesting)
A few days ago a well known Tor developer was getting angry on Twitter because he thought the Guardian was holding back a story on Tor due to redacting requests and pressure from governments.
The presentations cited date from 2007. That's 6 years ago and tells us diddly squat about their current capabilities. All it tells us, really, is that in 2007 they had developed some working techniques in the lab, and were talking about the same kinds of attacks that were being discussed in public. It also tells us they use custom malware - but that was already revealed previously.
The Snowden files contain a complete copy of GCHQ's internal wiki. It seems highly unlikely that there is no further information on Tor after 2007. Rather, it feels like the British and American governments treat their capabilities against Tor as one of their most valuable secrets and applied significant pressure, the resulting compromise being "you can make a story about Tor, as long as it's based on old information that is no longer relevant".
Re: (Score:2)
He did claim early on that he did this because he didn't want any personal information about any NSA agents getting out, and I bet the papers are full of them.
It is, however, a pretty lame excuse IMHO. But I'm not the one with a government agency after me.
Re:a related question (Score:5, Interesting)
Because he knew that if there was an indiscriminate data dump, governments would use that to distract from the real meat. By getting professional journalists to digest the data into understandable stories, he ensured that would not happen. Also he feels details about specific operations or sites or whatever isn't really important to the debate, which is what he cares about the most.
Now that said, we'll have to see if he is happy with the current level of disclosures. My impression so far is that he has been very happy with how things worked out. But this is a guy who had EFF and Tor stickers on his laptop. If he knows Tor is broken and the Guardian do stories implying that it's not, it'll be interesting to see if he has any reaction to that. Right now he's lying low because he wanted to fade away so the stories focus on the material - and that's something he has done amazingly well.
Re: (Score:2)
For non-geeks, the slow release by the Guardian has been the best approach - much as we'd like to know everything all at once, it would be a 1-week story that way. This way the NSA is constantly in the news, every week a new outrage, and it might just possibly make people care.
duh.. (Score:3)
For Tor browsing you should use a different browser and OS, in a VM, than the one you normally use.
Re: (Score:2)
Re: (Score:2)
Uhm, heh...
No. Sorry.
From the look of that website, you probably have some nice tracking installed now though.
Re: (Score:2)
I'm just judging the book by its cover. It looks like it's design to lure people with flashy but cheap looking animations.
Anyway, changing your browser string won't make you less trackable. They don't use those for tracking individual users.
Dont forget stupid people. (Score:3)
They target Tor via the ISP's (Score:5, Interesting)
Re: (Score:2)
I run a non-exit Tor node, and have not received any letter like this, on FiOS. Although, I DO limit my bandwidth consumption via Tor.
Re: (Score:2)
Re: (Score:2)
Yeah, that was probably your problem. Also, keep a check on any torrents you have running - running those at full tilt can consume an ass-load of bandwidth too.
Tor basically asks "how much bandwidth can I use" and then uses it. I have to keep an eye on it because I run a live stream at HD resolutions, and being conscious of my bandwidth usage is priority #1.
Re: (Score:2)
If you are running a Tor relay AND setup as an exit node, then I get it.
Please clarify.
Re: (Score:2)
Re: (Score:2)
Did you know you can run tor and be a relay without being an exit node? That still helps the Tor network tremendously so you might consider that if you aren't able to be an exit node anymore.
Re: (Score:2)
Re: (Score:2)
I'm not so sure Tor was your problem. Tor is notoriously slow and the amount of bandwidth it would have used probably didn't come close to using 10TB of data. I'm more including to think your systems got owned and you were acting as a spam relay or other such service.
The amount of bandwidth you were using goes far beyond the using Netflix, Hulu, Amazon Prime, downloading all the Linux ISO's and every episode of your favorite show and every game of your favorite sport the last 50 years. Even someone going cr
Re: (Score:2)
I'm not a math whiz when it comes to computing bandwidth, but it appears to me that 10tb per month works out to an average of 4Mbps over 30 days so that's definit
Re: (Score:2)
Re: (Score:2)
Hulu doesn't allow connections for anyone outside the US. They have copyright holders with a gun to their head so they have to be extreme dicks about blocking non-US access, including all proxies they know of...
Re: (Score:2)
Hulu doesn't allow connections for anyone outside the US. They have copyright holders with a gun to their head so they have to be extreme dicks about blocking non-US access, including all proxies they know of...
They don't have copyright holders with a gun to their head, they *are* copyright holders.
"Hulu is a joint venture of NBCUniversal Television Group (Comcast), Fox Broadcasting Company (21st Century Fox) and Disney–ABC Television Group (The Walt Disney Company)"
Re: (Score:2)
Re: (Score:2)
get a new router and get a new IP address (Score:2)
or, if your current router supports changing the MAC address do that and get a new IP. It really isn't that hard to get a new IP from your ISP without calling them up.
Re: (Score:2)
spoofing MAC address to distribute copyrighted content is what leads Aaron Swartz to a death sentence.
Re: (Score:2)
well..they said non-exit, so probably not.
Re: (Score:2)
node-to-node traffic is encrypted, usually on port 9001. At the exit node, it's decrypted and sent to the final destination as standard traffic. Standard trafic with the exit node's IP address, that is.
Start posting goatse and tub girl links on slashdot and see how long it takes for your ip address to get blocked. Bonus points if you can crapflood to the point you get some pink. Then try sending some spam. I'm sure you can imagine how an exit node IP address gets put on a block list.
Tor does let e
Re: (Score:2)
Re: (Score:2)
War against privacy. (Score:3)
This is not about monitoring anymore, probably never [schneier.com] was [reuters.com]
...giving the agency opportunity to launch prepared attacks against their systems
They are actively attacking Tor nodes and clients, be or not outside US, being used for criminal activities or just someone worried about his own privacy.
This is not about defending against terrorists, they are attacking the US citizens that dares to try to have some privacy. Along with foreing citizens worried about the same.
And they are not just forcing everyone to be unsafe, they are too, so others (foreing countries, private companies wanting to get rid of competitors, hacking groups, old-style criminal organizations, even terrorist groups) can use the same tools/backdoors/exploits as them, being either provided by leaks (not just Snowdens unknown predecessors, there are a lot of private companies with high security clearance with access to all of that that could have their own agenda (Snowden worked for one of them), or just plain hacking (like yesterday's Adobe one that could had leaked where Acrobat or Flash have NSA backdoors).
Re: (Score:2)
This is not about defending against terrorists, they are attacking the US citizens that dares to try to have some privacy.
And these pieces of garbage seem damn smug about it, too; exactly what I'd expect from thugs.
Re: (Score:2)
Why is government spying not merely a glorified form of stalking?
Given the amount of authority the government has, it is much, much worse, and far more dangerous than mere stalking, even if it is similar in some aspects.
Foreign government? (Score:5, Insightful)
What the NSA is doing is unacceptable whether or not a foreign government access any of the data. Unless the US government obtains a warrant, based on probable cause, that specifically describes the places to be searched and things to be siezed, this activity is illegal.
Re: (Score:3)
Re: (Score:3)
Of course it's illegal. The laws that they claim make it legal are unconstitutional, and therefore completely null. Congress has no authority to pass a law that makes generalized surveillance legal.
Re: (Score:2)
The Patriot Act begs to differ...
Re: (Score:2)
Legal doesn't mean morally right, just that's what the 'law' says, and the law clearly does say they can do this crap. Or at least that's what they tell us it says since until very very recently they haven't even let their interpretation of the law be public.
We have the same opinion of their constitutionality but until SCOTUS rules on them, they are the law and are what
Re: (Score:2)
You may be right in principle, but that's not how the system actually works.
A law no matter how blatantly unconstitutional is still a real law, as meaningful as any other, until someone with standing (someone already hurt by that law) gets a case in front of the SCOTUS, and the SCOTUS doesn't invent some rationale why we'll keep the blatantly unconstitutional law anyway. These days there seems to be a trend just to deny standing, instead of invent every more farfetched reasons why blatantly unconstitutiona
Re: (Score:3)
Generalized surveillance is a requirement of government for basic law enforcement. A policeman standing at a corner watching traffic for violations is engaging in generalized surveillance.
As is the collection of financial transactions for enforcement of tax laws a form of generalized surveillance.
What is not legal under the Constitution is generalized collection of data that requires a warrant. Government cannot open all the mail. Nor can it listen to all telephone conversations. There is no power under the
"Tor stinks" (Score:2)
Tor, originally sponsored by the United States Navy.
Any questions?
Gov't infecting your system (Score:2)
How could any evidence collected from an intentionally compromised system be useful to the rule of law? Couldn't a lawyer destroy the shit out a case like this? If a 3 letter agency infects a system, its owned. it is now vulnerable
Re: (Score:2)
NSA 2006 Report on Tor up now. (Score:4, Informative)
"Our goal was to analyse Tor source code and determine any vulnerabilities in the system. We set up an internal Tor network to analyze..." http://apps.washingtonpost.com/g/page/world/nsa-research-report-on-the-tor-encryption-program/501/ [washingtonpost.com]
Re: (Score:2)
Re: (Score:2)
Re:How about the nodes (Score:5, Interesting)
Interesting. If I worked for NSA, I would try to. It would give some more information. Though on the other hand, they may just as well run their own nodes to get that information (oh yes, they do this already), and hacking 'normal' people just for the lulz always increases the chance of information about your operations getting out.
In short: It would be stupid to hack you just because you're running a node, unless you're their target in some other way.
Re:How about the nodes (Score:5, Interesting)
Not according to this latest leak (who knows about future leaks).
As I read this leak, TOR isn't broken (I the sense that the NSA isn't recording all unencrypted TOR traffic, the way some had feared). The NSA doesn't root all nodes. If they're interested in some specific person, they break their anonymity by rooting them specifically. But I still need to go read Bruce's analysis.
I find it interesting/amusing that when Freedom Hosting was busted, and the FBI left behind a rootkit on the hosted servers to infect users wholesale, that wasn't an NSA payload - it was a 0-day they bought on Silk Road. For all that this spying pisses me off on principle, I love that bit: someone at the FBI has a sense of humor, or at least irony.
Re: (Score:3)
Reading through Bruce Schneier's Guardian article, I could be wrong here. It's unclear whether they root all TOR nodes. I don't see this one on his blog, where he occasionally responds to comments, so it's hard to ask.
Either way, it's (so far) a good sign for TOR users trying to avoid government scrutiny by not-the-US-or-it's-allies, that the NSA has to root nodes in order to break anonymity. The system described is pretty elaborate, and seems unnecessary if they could get the same result from total netwo
Re: (Score:2, Interesting)
It does make a comedy of the TOR groups presentations to the FBI in recent years, though, about why TOR should remain legal.
What, what? Forgive my probable naivete, but shouldn't that be the other way around? It should remain legal unless the FBI has some compelling arguments otherwise. First and Fourth amendments, and all that.
Re: (Score:2, Informative)
He means: will the NSA try to root you for running a tor node?
One of the presentations says "probably not" and cites legal and technical challenges. We all know "legal" isn't really much of a roadblock, probably written in there for plausible deniability while the presenter mentioned with a wink and a sneer while dictating against the powerpoint, but sounds like if you run an exit node and keep it patched up, it might not be worth the squeeze for a full attack.
Keep in mind that if they decide your node IS worthy of being attacked, you won't have the resources to defen
Re: (Score:3)
Keep in mind that if they decide your node IS worthy of being attacked, you won't have the resources to defend against every known and currently-unknown exploit, so you should assume you've already been compromised and mitigate accordingly.
If they think your node is worthy of attack, even a moderate defense will simply cause them to take it down or busy it up, such that users of interest move to another node.
Re: (Score:3)
The powerpoint specifically states that they have considered it but regard it a questionable action both for policy reasons as well as technical ones.
Re: (Score:2)
That means they are aware that wholesale hacking of TOR nodes would be noticed and invite countermeasures.
Re:How about the nodes (Score:5, Informative)
Re:How about the nodes (Score:5, Interesting)
There's a subtle but profound point there. Most warrantless searching of internet stuff has been done under the banner of "no reasonable expectation of privacy". But a TOR user has taken active steps to ensure his privacy - this traffic is as much "not public" as we have the technology to make it. If you don't (legally) have a reasonable expectation of privacy when you go that far, It gives lie to the excuse in the first place.
Re: (Score:3)
There is a lot of overlap between anonymity and privacy but neither is a subset of the other.
http://www.wired.com/politics/security/commentary/securitymatters/2007/09/security_matters_0920 [wired.com]
http://www.concurringopinions.com/archives/2011/01/privacy-vs-security-vs-anonymity.html [concurringopinions.com]
Re: (Score:2)
Re: (Score:2)
IPsec isn't that interesting if the keys are all compromised.
Duh. No form of encryption works if the keys are all compromised.
However, IPSEC supports forward secrecy, which should always be used where available. That means they can't easily decode a recorded IPSEC session even when the keys are compromised, only launch man-in-the-middle attacks.
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
Manning didn't release everything at once. That was a Guardian journalist. Manning gave the lot to Wikileaks, who worked with the newspapers to release little bits at a time. Then some idiot at the Guardian told everyone the key to the encrypted load, and it all got out. But don't blame it on Manning, who did exactly what Snowden did later (i.e. give the stuff to pros, who then went through it and published a little at a time).
Re:Instead of an Arab Spring (Score:5, Insightful)
so will this result in a theocratic christian government run by the bible belt?
Re: (Score:2)
At least then they'd be consistent.
Re: (Score:3)
You're a fucking nutbag.
Re: (Score:2)
Then get off your fat ass and do something rather than expecting others to do all the work.
Re: (Score:2)
Well, when I turn off the PS3 to take a break from GTA V...
Re: (Score:2)
Re: (Score:2, Interesting)
Find FoxAcid related boxes.
Exploit the shit out of said boxes. (win2k3 lol)
Enjoy mayhem.
You approach a military roadblock. You see one guy manning the roadblock, and he's unarmed. Why do you think that is?
When you know an organization cares about security, and you don't see the security, what should you conclude?