RT: TOR is NOT PRISM Proof

Never a dull moment.

Malone says that both the National Security Agency and its UK counterpart, GCHQ, are monitoring "hundreds of Tor relays"

And:

"You can get people on Tor in a variety of ways. You could do a time attack, which involves catching traffic between relays. You could also do entry and exit node monitoring, which involves dropping a zero-day on the actual machine accessing Tor or hosting an exit node and monitoring what's going in or out of it."

And:

the dark web is heavily monitored. The NSA and GCHQ are already monitoring hundreds of Tor relays and exit nodes and trying to find ways to break the network down," he said.

And:

He further warned that users should be aware that the NSA and GCHQ are installing hundreds of onion routers in order to capture and analyze traffic.

Etc...

Shorter Version:

http://www.deepdotweb.com/2014/05/18/rt-tor-prism-proof/

Original:

http://rt.com/news/159396-nsa-tor-ineffective-microsoft/


Comments


[18 Points] None:

[removed]


[16 Points] filetmenot:

TL;DR; They are working on it but they still suck at actually breaking tor's anonymity with any reliability. That is, unless you are a dipshit and let yourself be infected by a browser plugin or some shit.

I still have not seen one example of "authorities found person X who had great opsec and proved they used darknets illegally by using only tor attacks and data analysis".

Unless your hidden service is a honey pot or you have allowed your computer/browser to be infected with something that compromises your security... maintain standard levels of paranoia, do not escalate.

It continues to be the case that your clearnet and IRL interactions will 99.99% of the time be the reason you get caught, if you do.


[6 Points] enterathrowaway:

For all my /r/dnm tech friends. Will TAILS help mitigate or even flat-out prevent these security holes?


[2 Points] Xerxero:

So it is imported that as many people as possible install a tor server ( exit node configuration is not mandatory ) to keep the NSA from taking over the network.


[2 Points] HappyShibe-:

T his is old news, tor was effectivley broken back in 2013 when the NSA reportedly controlled more than 50% of the relays.


[2 Points] munstersiunc:

Will this affect i2p?

For example if you use i2p to browse onion links?


[2 Points] loolwut:

so they hosting alot of routes to make the dark net faster? thanks gubbament


[1 Points] asrenos:

Doesn't that enhance bandwidth without being for sure effective ?


[1 Points] kiji00o0o0o:

FUD written by nsa funded microshill psyops


[1 Points] LightsNoir:

as a whole, remember: you may be good. but they're better funded. a skilled driver in a ford focus will always be a step behind a rich kid in a ferrari.

So, don't rely on TOR alone. Use an OS geared towards privacy as well. When possible, "borrow" an internet connection. Starbucks is a good friend of mine. When you do borrow, don't make a habit of using the same location. Also, if you live in an area where an ID is required to purchase a computer from a store, consider using craigslist. Yes, it won't be the fastest, newest computer... but it won't have your name associated with the serial#s, which are in turn associated with the MAC address. Alternately, there's a number of MAC Address generators...