upvote

points

by bronlund4 hours ago |
comments
upvoteby filup3 hours ago|
next
[-]
Maybe provide sources, or point out a specific claim on the Tor project website that you feel overestimates the capabilities or protections.

BGP attacks are largely defeated by onionservices.

And while governments have the ability to create exit nodes, so does anybody.

reply
upvoteby john_strinlai3 hours ago|
prev|
[-]
>We have seen multiple cases of people getting caught on there

as far as i am aware, no one has been caught due to something technical in relation to tor.

it's always something dumb like logging into an email that has the person's real name in it, using a credit card, leaving javascript on, or otherwise making some opsec failure.

reply
upvoteby j0ej0ej0e1 hours ago|
parent|
next
[-]
There is another angle not a lot of people consider. There was a Defcon video I recall watching from 10-15 years ago where the speaker referenced a case where police managed to arrest someone because the Tor traffic on the network (maybe a university) was so unusual as a one time event at a specific location, the police managed to tie the individual to specific Tor activity. The speaker's conclusion was essentially we should all be using Tor to create and normalise a higher volume of Tor traffic which can in turn help protect other Tor user's anonymity.
reply
upvoteby john_strinlai1 hours ago|
parent|
[-]
i believe that case is this one from 2013: https://www.informationweek.com/cyber-resilience/fbi-traces-...

"Reading the criminal complaint, it seems that the FBI got itself a list of Harvard users that accessed the Tor network, and went through them one by one to find the one who sent the threat, [...]"

"The FBI didn't have to break Tor; they just used conventional police mechanisms to get Kim to confess," Schneier wrote. "Tor didn't break; Kim did.""

reply
upvoteby zahlman2 hours ago|
parent|
prev|
next
[-]
It's increasingly difficult to accomplish much on the Internet without JavaScript, though. This is an era where literal image hosting sites won't show you an image without it; where it's used to reinvent <details> tags, forms, even ordinary hyperlinks.
reply
upvoteby jupr52 minutes ago|
parent|
[-]
On the other hand, it's never been easier to design a place that doesn't need those things, or be confident the javascript is on your side.

javascript, like tor, is powerful in both directions depending on what it's used for.

reply
upvoteby pseudalopex2 hours ago|
parent|
prev|
[-]
This could be true. But law enforcers lied how they found evidence in other cases.[1] They could have lied in Tor cases.

[1] https://en.wikipedia.org/wiki/Parallel_construction

reply