If you guys keep thinking you are safe.
81% of Tor users can be de-anonymised by analysing router information, research indicates
If you guys keep thinking you are safe.
[99 Points] None:
[47 Points] None:
[removed]
[42 Points] youtakesally:
Whenever I read this articles I realize there are hundreds of vendors on the darknet and they don't catch them, so it can't be that easy.
[20 Points] ApricockApecot:
I think I am (relatively) safe because I am not a big fish nor anywhere close. So Tails/tumbling is good enough OPSEC for me in addition to this fact
[19 Points] None:
I just had time to skim through this - will do a proper read when I have more time, but one thing that comes to mind immediately is that this attack is feasible when clients are receiving large amounts of traffic in a continuous flow. For their setup they had clients downloading large files from a server and were thus able to inject detectable traffic patterns into the flow of TCP packets. This is not the case for DNM users.
[15 Points] None:
[deleted]
[13 Points] egcthree:
There is a reason other countries are not buying Cisco equipment.
[8 Points] None:
[deleted]
[5 Points] Xeeroy:
Just to be sure I understand this method right? But could it be oversimplified but still technically kind of correct to say that what they are doing is basically slapping a red sticker on traffic before it enters the tor network and then see where it comes out in the other end?
Or am I way off?
[6 Points] Alex132:
I'm hiding behind seven proxies tho
[3 Points] None:
This is a fantastic read! thanks for posting
[3 Points] Caleb323:
So what? Should we all stop using Tor now ?
[4 Points] None:
[deleted]
[2 Points] shady_varchar:
No matter what they do, it's gonna be a lot of work. Lmao
[2 Points] morphinedreams:
Given that the bulk of us probably live in countries where NSA spying has been a recent revelation, there's very little we could do if LE really wanted to chuck us in prison. Very little. There's a reason some of the eastern countries are switching to typewriters and such occasionally for really sensitive documents, it can't be compromised as easily if it's not digital.
Really, all we do is make it enough of a bother to get us that in terms of budget, LE is better off chasing the big players rather than the smaller players, because the effort to reward ratio is a lot nicer to them as organisations. Not to mention the problem you'd have with prisons or court rooms if you decided to launch such a massive operation as to arrest more than 50% of drug users in your country at once.
[2 Points] woobpac:
To add to this, just because they deanonymised your IP address doesn't mean anything. Open up your wireless and you have automatic plausible deniability, unless you did something unencrypted, that proved your identity on the site (which would be stupid), you're fine. Just because an IP address looks up to be your name and account, doesn't automatically mean you were the one using the computer. Remember that folks.
[2 Points] ABETTERUNIVERSE:
I am amazed at how people will go to almost any lengths to continue to delude themselves that Tor is safe. The Sambuddo post was absolutely a false post. Tor is spinning to keep its users there. Tor is way out of control. So many people that think they understand tor do not think that mac addresses are traceable on Tor.
Do your research people. You can get key loggers from tor, you can get man in the middle, you can get honey potted, you can get a LE website, you can get a criminalized exit node or a LE enforcement node.
Tor, and those that believe they are safe, have not considered multitudes of super computers operating in tandem or sequentially tracking your every move. http://dissidentvoice.org/2014/07/should-you-trust-tor/
[1 Points] farmer1wastaken:
This attack does not apply to hidden services. When using a hidden service you are not passing through an exit node.
[1 Points] None:
One more note: The title of thestack.com's article, as well as this post - is hugely misleading. As the author himself admits:
https://blog.torproject.org/blog/traffic-correlation-using-netflows
Hi I am here to myself clarify all misconceptions. Firslty, they have blow it a bit out of proportion by saying that "81% of Tor traffic", which is not true. It was only 81.4% of our experiments, and we have spoken about this upfront in our paper. Secondly, its only a case of experimental validation and the challenges involved in it that is the highlight of the paper. In my thesis I have also tried to address how to solve this particular attack, which might work for other attacks as well... Regards Sambuddho
[1 Points] ABETTERUNIVERSE:
http://securelist.com/blog/incidents/58192/chewbacca-a-new-episode-of-tor-based-malware/
Many vendors are honey pots, men in the middles, fake websites.
A criminalized exit node will destroy you.
It is beyond me why any person will trust tor in any manner
https://www.reddit.com/r/TOR/comments/2m5ovl/tor_hides_this_from_operators/
[-2 Points] beVERYcareful:
[-4 Points] beVERYcareful:
https://www.reddit.com/r/TOR/comments/2m5ovl/tor_hides_this_from_operators/
They get your mac addresses, especially at child rape sites. Child rape has, and will continue, to ruin tor
[-5 Points] Circ-Le-Jerk:
So basically they find you by identifying your router's unique fingerprint on Tor and then looks for that unique fingerprint in the wild -- something the NSA probably has the capacity to do.
I guess the only defense for hosts, and priority targets is to connect through Tor through a router that is ONLY used for Tor which has never touched the clearnet.
Well, this is definitely all making the network all more safe. If current market owners were smart, they'd start really locking down and taking massive defensive steps from relocating and restructuring their operation.
Good thing I'm in the McDonalds parking lot, stealing their wifi on a burner laptop using Tails all the while doing fat lines of blow I bought off the internet.