Hacker News new | ask | show | jobs
by monero-xmr 884 days ago
Whether they can or can’t isn’t really the question. Tor is publicly believed to be private and the government has never tipped its hand that it’s not. In cases where maybe they could compromise Tor, they would have had to use parallel construction, because in court they have never stated they can compromise Tor.

So from an opsec perspective, the question is if the level of your activity rises to the point such that a government entity would take the effort to create parallel construction. If you are not doing something that would anger the government so much, then Tor is a good smoke screen in front of your activity.

Everything is effort and probability. Given enough time and resources you will always be unmasked - always!
1 comments
fbdab103 884 days ago
Even if the government controls all of the Tor exit nodes, that does not give them omniscient knowledge. Presumably the wrapped communication protocols are still going to be encrypted. There would have to be a different information leakage to completely compromise you. So, not great if your interested in maintaining total secrecy, but better than nothing.

That being said, if the government was really interested in correlating timestamps with Tor activity, it is reasonable to assume they have that power. I assume Tor activity stands out, and every ISP might already be logging such connection events.

link
monero-xmr 884 days ago
As a thought experiment, assume the government has perfect knowledge of Tor activity, yet chooses not to reveal this fact. I would say government compromise is the perennial anxiety of Tor enthusiasts.

My point is that even if it’s true that Tor is compromised, the value of Tor as a honeypot is so great that the government has thus far refused to acknowledge they can. Because if they did, Tor would die overnight and something even stronger would replace it.

So even if you operate under the theory that Tor is compromised, it’s still vastly superior to clearnet because the value of Tor as a honeypot means most people using it for anonymity will remain anonymous.

link
kmeisthax 884 days ago
One thing to remember is that Tor was created by the government, specifically to encrypt the communication of CIA spies. They released it to the public specifically to provide plausible deniability to those spies. So backdooring the protocol right out of the gate would be an own goal.

That being said, I have no clue if they still use it. Presumably if the US government found a vulnerability in Tor, they'd either stop using it, or run some other layer of encryption on top.

link
CableNinja 884 days ago
Same reason the US didnt reveal they had an engima machine. If word got out, the Germans wouldve changed the codes or made a new process practically over night.

You just use the information to plan "random" "oopsie we spotted you" missions

link