If you use tor correctly (https everywhere, don't leak cookies) you can be pretty safe.
I'm fairly sure I know what I'm talking about, but feel free to point to some articles and I will try to explain one by one what Tor can and what it can't do.
Here, some links on Tor operational security, do read them carefully:
And i've read other work that talks about using machine leanring to create realistic attacks, and another by a guy that even deanonimized some anonymous remailers. And let's not forget most implemented protocols like tls have bugs.
A somewhat pessimistic view would probably say that the only protection you get is that the nsa doesn't use this capability too often, because it doesn't want to expose it.
> The Tor design doesn't try to protect against an attacker who can see or measure both traffic going into the Tor network and also traffic coming out of the Tor network. That's because if you can see both flows, some simple statistics let you decide whether they match up. Because we aim to let people browse the web, we can't afford the extra overhead and hours of additional delay that are used in high-latency mix networks like Mixmaster or Mixminion to slow this attack. That's why Tor's security is all about trying to decrease the chances that an adversary will end up in the right positions to see the traffic flows.
Well yeah, that sucks. Correlation attacks are a real threat. If an adversary controls both entry and exit, they can correlate. I personally don't think NSA are doing it (yet!) but that's a speculation. I still claim your statement is incorrect:
> It doesn't mention that the u.s government can in very high likelihood de-anonimize users , sometimes even without cooperation from foreign governments , and sometimes even ISP's can do that.
Correlation attacks are a real threat but if they are "high likelihood" it only depends on your path selection and use case. Rotate your paths, don't use bittorrent, choose entry and exit points wisely.
> A somewhat pessimistic view would probably say ...
A somewhat optimistic view would say: the tools are there, use them, use them wisely! Using tor is still _so much_ better for anonymity than pretty much anything else.
As of the Snowden-leaked documents creation (so at least 2006-2009), the NSA was not, in fact, using that capability at all.
Nor was the FBI or DEA in a recent high-profile case against a certain Tor hidden website. Nor were international LEAs going after Freedom Hosting.
Also note that the final author on the Users Get Routed paper is Paul Syverson, inventor of onion routing and still an active Tor designer. Academic attacks are pretty common against Tor because Tor is the most serious and therefore most well-studied anonymity system. Most of them aren't feasible in the real world regardless of what the abstracts say.
There are numerous problems with anonymizing remailers none of which have anything to do with Tor whatsoever. The two main problems are that there are not enough nodes (between three and six running at any particular time) and their protocol is overly complicated and implementations are bug-ridden, leading to mistakes that leak information.
If you use tor correctly (https everywhere, don't leak cookies) you can be pretty safe.
I'm fairly sure I know what I'm talking about, but feel free to point to some articles and I will try to explain one by one what Tor can and what it can't do.
Here, some links on Tor operational security, do read them carefully:
- https://www.torproject.org/download/download#warning
- http://cryptome.org/0005/tor-opsec.htm
- the server side: https://trac.torproject.org/projects/tor/wiki/doc/Operationa...