[tor-talk] "If you have access to certain tools, you can completely ignore Tor."
Joe Btfsplk
joebtfsplk at gmx.com
Mon Dec 19 03:02:37 UTC 2011
On 12/18/2011 5:33 PM, Matthew R wrote:
> From:
> http://www.wired.com/vanish/2009/09/interview-with-pi-steve-rambam-evan-can-be-found/
>
> Wired: How much can one do with IP addresses that have been run through Tor?
>
> SR: If you have access to certain tools, you can completely ignore Tor. You
> can trap your subject’s IP address without wasting your time busting
> through Tor. Without revealing too many tricks, for example, it’s easy
> enough to send someone an e-mail that broadcasts location info back to a
> server. Someone operating a trap website can grab Evan’s cookies and see
> his entire browser history and his current IP address. With only a minimal
> amount of work, you can determine where Evan is viewing a website from.
>
> Does this make any sense? I assume that what the PI means is that if you
> send an e-mail to a non-webmail client (like Thunderbird) which does not go
> via Tor, then the IP can be determined when it loads the 1x1 HTML pixel
> from the website. However, if the victim uses webmail then surely all
> responses would go via Tor?
>
> Or does he mean something else?
I didn't read the entire article yet, but have read of some similar
claims like
> Someone operating a trap website can grab Evan’s cookies and see
> his entire browser history
Even if partly true, this is one reason I don't understand why TBB has
default settings to allow all cookies, seeing as how its main goal is
anonymity. Devs are very concerned about not writing anything to cache,
but not concerned about cookies.
Tor wasn't developed for constant, everyday use by millions w/ the idea
that anonymity could be provided for the masses. It probably never will
achieve that. Authorities & hackers will always be looking for holes.
People much smarter than me say if you're that concerned about true
anonymity, you'd better encrypt everything. Cookies & browsing history
are another matter.
Under current US & other nations' laws, it's possible that gov'ts have
already forced developers of any software - incl. Tor - to put in
backdoors. And in fact, say it's illegal for the devs of any software
to outright disclose such. In general, most gov'ts aren't going to
allow devising ways that criminals can easily & completely avoid
detection. (No, Tor isn't only used by criminals - but gov'ts don't
care). And if they determine such software / networks could provide
99.9% anonymity, w/ no way for them to crack it or no backdoors, they'd
probably outlaw it.
I don't know that it has happened w/ Tor, but it certainly has in other
cases. If you want true anonymity, don't use the internet, unless
you're very well educated in all things related to internet anonymity
(hard for one person to do), and taking extreme, well founded measures
to thwart those seeking to identify you or your location, gather info,
etc. Plus, it would be a full time job constantly testing your methods
& keeping up w/ newest ways others could crack your system. A handful
of people might have the ability (& almost none the time) to do this.
> if you send an e-mail to a non-webmail client (like Thunderbird) which does not go
> via Tor, then the IP can be determined when it loads the 1x1 HTML pixel
> from the website
Could you clarify the question? As Phillip mentioned, Tbird can be
Torrified, but I've never been impressed or convinced that the methods
are fool proof by any means.
Web beacons (web bugs) can be stopped in a few ways, that is probably
more reliable than any overall anonymity on the web.
More information about the tor-talk
mailing list