[panarky]

It's not like your anonymity is one in a billion. In fact, your security habits make you stick out like a flashing red light.

Perfect anonymity: 1 in 7e9

Fluent English speaker: 1 in 7e8

Tor user: 1 in 3e6

Tor user today: 1 in 1e5

Fluent English speaker and Tor user today: 2 in 10,000

Fluent English speaker and Tor user today and accessed both Google Translate and Outlook.com outside Tor today (because Google and Microsoft block Tor exit nodes): 1 in 1,000

All of the above and purchased a Kingston Digital DataTraveler from Amazon in the last year: 1 in 10

[jgalt212]

sure, there may only be 5,000 fluent English speakers who used Tor today (number seems low, btw), but you and the NSA have no idea (per NSA docs--away from Firefox users) who those people are.

Your logic may have found that needle in the haystack, but we don't even know which haystacks to look in.

And probably bad analogy, b/c not a heavy computer user, but if it took so long to find bin Laden, I'm sure many others (even heavy computer users) could hide for much, much longer.

The real risk, like others have said on this board, is one slip up can ruin you.

[panarky]

Your ISP and law enforcement know what IP addresses are using Tor.

https://www.eff.org/pages/tor-and-https

That's how the Harvard bomb threat guy got busted, because his Tor usage was a big flashing red light among non-Tor users.

http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/18...

That's how law enforcement knows what haystacks to search.

And since the OP used his own IP address (didn't go to a coffee shop), that narrows the search by 3 or 4 orders of magnitude.

[jgalt212]

> Your ISP and law enforcement know what IP addresses are using Tor.

Does anyone have a reasonable estimate on what per cent of Tor entry nodes are known to ISP's, law enforcement, and the NSA?

[aaron42net]

Around 100% for anyone using the normal Tor browser bundle.

Tor is designed to hide who you are talking to, not the fact that you are using Tor. IPs and other metadata about normal Tor relays are published publicly by the network and are used by the client to build circuits through the network.

There is a special form of hidden entry node called a bridge that is designed for use in censorship-happy countries like China, but using them is a manual process that isn't the default. Traffic through bridges is a very low percentage of overall Tor usage.

[eob]

Really interesting conversation.

The "one slip up" does appear to be the more common risk today, but I think the reason the NSA wants to archive everything for later analysis is precisely panarky's scenario.

You are right that today it remains a bit difficult, but as time goes on, sheer engineering effort will give us a better set of tools to do this kind of "show me TOR + Outlook + Kingston buyers + Mozilla user agent" queries.

[nobbyclark]

Perhaps we're looking at this problem the wrong way. What if, instead of trying to hide our activity online we drown our signal in noise; make activity logs worthless.

For example instead of everyone having a unique email address, why not have shared email accounts with many hundreds of thousands of people, but where messages meant for you are encrypted with your public key. Your email client will attempt to decrypt all messages the account receives but will only succeed with yours.

Or for making a blog post, rather than publishing on one single server / blog domain, why not post to hundreds or thousands of different blogs at once, using all kinds of different IP addresses. Perhaps even have other people that blindly post for you (mechanical turk/crowd sourcing)

Perhaps the meta level idea here is if we want to restore privacy, we need to sacrifice our individual identity (my email address, my blog, my phone) and lose ourselves in the crowd

[untraceableblog]

I did not have any problems accessing Google Translate and Outlook.com while connected to Tor.

But yes, I fucked up and posted a USB drive similar to the one that I've ordered from Amazon in the last year.

[cbr]

You're calculating as if these are independent.