[tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.
williamwinkle at openmailbox.org
williamwinkle at openmailbox.org
Tue Jul 1 21:47:38 UTC 2014
On 2014-06-29 06:22, Roger Dingledine wrote:
> On Sat, Jun 28, 2014 at 09:38:05PM +0000, williamwinkle at openmailbox.org
> wrote:
>> I don't understand what Schneier means by this:
>>
>> "After identifying an individual Tor user on the internet, the NSA
>> uses its network of secret internet servers to redirect those users
>> to another set of secret internet servers, with the codename
>> FoxAcid, to infect the user's computer."
>
> Right. This is why Bruce's choice of phrase "identifying an individual
> Tor user" is a poor one. Probably the better phrase would be "seeing a
> flow on the Internet that they decide they'd like to attack".
>
> Jake and I talk about the issue more in our 30c3 talk:
> http://media.ccc.de/browse/congress/2013/30C3_-_5423_-_en_-_saal_1_-_201312272030_-_the_tor_network_-_jacob_-_arma.html
>
Thanks for the video link - most illuminating. I suggest that everyone
watches it.
The Freedom Hosting issue was mentioned at 24 minutes in. AIUI, in the
Freedom Hosting case, the host owner was arrested in Ireland which
allowed the FBI to control the sites that he hosted as they had access
to his computer. The FBI used an exploit that fed the IP of vistors to
some or all of the FH sites back to the FBI. The exploit was based on a
patched Firefox vulnerability and required the client to be using
JavaScript. In other words - users that had updated the TBB or those
that did not but did not use JS were uncompromised when they visited any
of the FH sites.
In other words, the weak link (if there ever is one) is not Tor per se
but the Firefox component of the TBB.
Is that correct?
More information about the tor-talk
mailing list