Dear Niels,<div><br></div><div>This was a very interesting topic of discussion at one of our capacity building events. Law enforcement agencies are trying very hard to decode or deanonymoise ToR in Pakistan as they believe most of the violent online political extremism is happening behind it. How they have reached the conclusion remains a mystery. The growing school of thought with in LEAs circle in Pakistan regarding deanonymising ToR is focused on establishing many exit/relay nodes and try to capture traffic from it and than hope to decode it. I believe thats what NSA was also trying to do but on a bigger scale without any success or atleast thats what we know if it.</div><div><br></div><div>Best,</div><div><br></div><div>Arzak</div><div><br></div><div><br>
<br>
<div id="acompli_signature">Sent by <a href="http://taps.io/outlookmobile">Outlook</a> for Android<br></div>
_____________________________<br>
From:Niels ten Oever<br>
Subject:Re: [bestbits] Demystifying the Onion Router: GV Face Tomorrow with Tor (part of a new Advox series)<br>
To:bestbits@lists.bestbits.net<br>
<br><br>
<meta content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Exchange Server">
<style><!-- .EmailQuote { margin-left: 1pt; padding-left: 4pt; border-left: #800000 2px solid; } --></style>
<div class="PlainText">
-----BEGIN PGP SIGNED MESSAGE-----
<br> Hash: SHA256
<br>
<br> Dear Willi,
<br>
<br> To do this kind of timing attack you will need to have the resources
<br> to monitor large parts of the Internet and/or have control of many Tor
<br> relays and exit nodes.
<br>
<br> Even in the NSA slides leaked by Snowden is was confirmed the NSA did
<br> not have the ability to deanonymise Tor traffic.
<br>
<br> Would be great to see the research papers where you are basing your
<br> statements on.
<br>
<br> As you know the traffic between the different hops on the Tor network
<br> are encrypted, and the different hops are unknown. So I don't know how
<br> you think that having access to an IXP would somehow break encryption
<br> (between the hops) or the anonymity in general.
<br>
<br> Best,
<br>
<br> Niels
<br>
<br> On 05/28/2015 03:17 AM, willi uebelherr wrote:
<br> >
<br> > Dear Carolina
<br> >
<br> > "... This makes it nearly impossible for anyone monitoring the
<br> > Internet to understand where the traffic is coming from and where
<br> > it is going..."
<br> >
<br> > This is not true. Its a illusion. We don't have control about our
<br> > physical networks. But all this networks are connected in the
<br> > IXP's (Internet Exchange Points) and give the access to the data to
<br> > the state institutions. And this state institutions work in
<br> > cooperation.
<br> >
<br> > With a simple time based correlation you can see the traffic
<br> > outside of the TOR network. The way from the client to the network
<br> > and from the network to the server and reverse. Then you know, who
<br> > communicate and with what.
<br> >
<br> > Nearly 80% of all this "anonymisation" are open today.
<br> >
<br> > many greetings, willi Buenos Aires, Argentina
<br> >
<br> >
<br> > Am 27/05/2015 um 14:44 schrieb Carolina Rossini:
<br> >> ---------- Forwarded message ---------- From: Mahsa Alimardani
<br> >> Date: Wed, May 27, 2015 at 1:20 PM Subject: [gvadvocacy]
<br> >> Demystifying the Onion Router: GV Face Tomorrow with Tor (part of
<br> >> a new Advox series)
<br> >>
<br> >> Dear All,
<br> >>
<br> >> As part of a new series, Advocacy is starting conversations with
<br> >> technical security and circumvention experts. Our goals is to
<br> >> help the community better understand how these tools work, and
<br> >> how we can use them. The subject on our agenda are the tools
<br> >> associated with the *Tor Project <
<a href="https://www.torproject.org/">https://www.torproject.org/</a>>*.
<br> >>
<br> >> Join us tomorrow at 12pm ET/ 6pm CET. The hangout is happening
<br> >> here
<br> >> <
<a href="https://plus.google.com/events/cnqsccekj03r95a4ehialintv04">https://plus.google.com/events/cnqsccekj03r95a4ehialintv04</a>>, and
<br> >> you are all invited to join, and participate through online
<br> >> questions.
<br> >>
<br> >> Here's a bit about the conversation, and Tor:
<br> >>
<br> >> *What exactly is the Tor network? Tor enables citizens to bypass
<br> >> government censorship and allows dissidents to communicate
<br> >> anonymously. Sometimes however, it has been used by criminals for
<br> >> nefarious activities, such as selling drugs or distributing child
<br> >> pornography. The network also facilitates special sites that
<br> >> allow website owners and their users to remain anonymous through
<br> >> “hidden services”. This has become popularly known as the “dark
<br> >> web”.How does it work? The Tor network is a collection of servers
<br> >> located across the world. The network helps users connect to the
<br> >> Internet anonymously by sending traffic between at least three
<br> >> Tor servers before allowing it to reach its destination. This
<br> >> makes it nearly impossible for anyone monitoring the Internet to
<br> >> understand where the traffic is coming from and where it is
<br> >> going. Tor “exit nodes” are the final set of servers used in the
<br> >> connection process. This is where a user’s traffic exits the Tor
<br> >> network and connects to the world wide web. These nodes are set
<br> >> up by volunteers, with a few organisations who maintain larger
<br> >> exits, including universities and individual activists.In order
<br> >> to better understand the tool, its uses, and its controversies,
<br> >> Global Voices’ Iran editor Mahsa Alimardani will talk with
<br> >> Iranian Tor developer Nima Fatemi and Tor’s head of
<br> >> communications, activist Kate Krauss.*
<br> >>
<br> >> Warmly, Mahsa
<br> >
<br> >
<br> > ____________________________________________________________ You
<br> > received this message as a subscriber on the list:
<br> > bestbits@lists.bestbits.net. To unsubscribe or change your
<br> > settings, visit:
<a href="http://lists.bestbits.net/wws/info/bestbits">http://lists.bestbits.net/wws/info/bestbits</a>
<br> >
<br>
<br> - --
<br> Niels ten Oever
<br> Head of Digital
<br>
<br> Article 19
<br>
<a href="http://www.article19.org">www.article19.org</a>
<br>
<br> PGP fingerprint 8D9F C567 BEE4 A431 56C4
<br> 678B 08B5 A0F2 636D 68E9
<br> -----BEGIN PGP SIGNATURE-----
<br> Version: GnuPG v2
<br>
<br> iQEcBAEBCAAGBQJVacXZAAoJEAi1oPJjbWjpBDMH/iBM4M3UFmbutft0rInh21lM
<br> wp+OOElEgMhZyd9Ai+uaxhYuUvxN8B/LS1xU3KKTo7RllQ0GFYS9mpybnDv3hf6p
<br> gHwHqVWw87noNnPlMSSd9h7lr5sPvK3Dp0HeEJU82m2l1TZh/UH8QyuF9Ywr4og/
<br> rmfiEDXJ2nGTeWWF++dT+bxi43l9X9C0X8ZkOB417txYpZlyLVLOMH0ChUAA655Y
<br> /9znfGw8B3kVeKM2hq8AEU6FPCfrnlIyVfaDFoxbfpesKkEJHx5r5Mt2lbJhaKvJ
<br> vPX+owIal/UJcPqcv/TnY4y4/8U2AVLh3cwaff43OOMBjS32Z27R9VyWVmy8+UI=
<br> =ixIr
<br> -----END PGP SIGNATURE-----
<br>
</div>
<br><br>
</div>