[Cryptography] Updates on Durov charges in France
Peter Fairbrother
peter at tsto.co.uk
Fri Sep 13 14:12:13 EDT 2024
On 13/09/2024 06:10, Ray Dillinger wrote:
> Their attacks on Tor as far as I understand them are basically a mix of
> running Tor servers and timing/metadata attacks where they monitor ISP
> traffic for Tor's routing protocol.
To be clear, when I said that the NSA can break Tor almost at will, I
meant breaking the anonymity, not providing plaintext. But as anonymity
is the only reason for using Tor ...
And while the NSA have semi-publicly whined about the difficulties of
detecting the TOR routing protocol in mass internet traffic, they don't
mention one obvious thing - all they need to do to break anonymity is to
filter out traffic to: and from: enough of the published IPs of the Tor
exit nodes; for this they don't need to detect the Tor protocol at all.
And filtering for known IPs is kinda obviously a prime requirement for
any web monitoring filtering, if they want to know what traffic a target
is sending. Here in the UK the hardware is in place to do just that. All
they need to do is update the filters on their web-traffic-watching
equipment. I suspect it is similar over much of the globe, especially
the Tor globe.
> While mass plaintext harvesting is believed to be hard,
I would agree with that. Even when they run the exit nodes, or even all
the nodes, that doesn't make getting Tor plaintext any easier than it is
for ordinary encrypted web traffic.
However hard that might be... probably not easy enough for mass
plaintext harvesting though.
Peter Fairbrother
More information about the cryptography
mailing list