Security Basics mailing list archives
RE: -Real- anonymity (was: The ugly side of using disk encryption)
From: "Hagen, Eric" <hagene () DenverNewspaperAgency com>
Date: Fri, 20 Oct 2006 01:51:58 -0600
TOR is a great proxy for web surfing. Technically, it is a fully SOCKS5 compatable proxy, but you will have a hard time finding exit nodes that support anything other than port 80 and port 443, though I hear they do exist and it is possible to do otherthings such as NNTP and even SMTP (though this us rarely usable for obvious SPAM related reasons). I'm not a USENET user so i can't say with any degree of accuracy exactly how often NNTP works over Tor but I know that it CAN work and would be based on the policy of the exit nodes. I don't see a serious security flaw with Tor, the algorithim are open source and well documented and are believed secure, the traffic patterns are remarkably hard to track. If someone owned (or had detailed traffic logs) on all 3 servers in a route, then determining the source, destination and content isn't terribly difficult, but if you have someone after you who is capable of reliably capturing 3 Tor nodes simultaneously, you have bigger problems than online anonymity. The statistical probability that your traffic will be vulnerable is fairly low. Controlling all 3 nodes in a path amongst the hundreds online is a statistical improbability. To obtain a 50% chance of controlling all 3 nodes of a Tor route, the sniffer would need to control 80% of the nodes in the Tor network. If he controls just 10% of the network, your chances of having a route that has at least one hop out of his his control is 99.9%. TCP is fairly difficult to totally secure since it is an end-to-end connection oriented service so two-way communicatoin is essential, but the whole dynamic Onion Router concept that Tor uses is a strong one and may provide the foundation for better services in the future. I don't see anything that's as reliable (strictly for http/s) and secure at this point. Eric -----Original Message----- From: Michael Painter [mailto:tvhawaii () shaka com] Sent: Thursday, October 19, 2006 11:21 PM To: Hagen, Eric; security-basics Subject: -Real- anonymity (was: The ugly side of using disk encryption) ----- Original Message ----- From: "Hagen, Eric" Subject: RE: The ugly side of using disk encryption
So, yes, if you are dedicated, it is possible to communicate anonymously and securely even if ISPs log everything, provided you don't get real-time traffic analysis capabilities across the entirety of the Internet.... <<
Eric
Is TOR the "state-of-the-art" here? How about folks who wish to read or post to Newsgroups? I'd appreciate hearing about the latest developments in staying anonymous. My eyes glaze over when I try to wade through pages like this: http://freehaven.net/anonbib/topic.html Thanks, --Michael --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: -Real- anonymity (was: The ugly side of using disk encryption) Hagen, Eric (Oct 20)
- RE: The ugly side of using disk encryption Will Yonker (Oct 23)
- RE: The ugly side of using disk encryption dave kleiman (Oct 23)
- Re: The ugly side of using disk encryption Saqib Ali (Oct 23)
- RE: The ugly side of using disk encryption dave kleiman (Oct 23)
- Re: The ugly side of using disk encryption Saqib Ali (Oct 23)
- RE: The ugly side of using disk encryption dave kleiman (Oct 23)
- RE: The ugly side of using disk encryption Will Yonker (Oct 23)
- Re: The ugly side of using disk encryption Radu Oprisan (Oct 23)
- Re: The ugly side of using disk encryption Kevin Tunison (Oct 23)