It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Originally posted by tomatoevine
i never use TOR or anything to block my I.P theres no point in the UK.
but if a hacker wanted to get into your computer its easily done no matter what software you where running.
some of the best hackers in the world have done work for the government
just google kevin poulsen he could hack your computer in 10 minutes
Originally posted by makeitso
TOR is not secure. It never has been.
Originally posted by metamagic
By using Tor, we remove the ability of anyone monitoring to identify the path or who is taking to who -- we make the message anonymous.
"I would not use or recommend the tool to hide from people between you and your endpoint. It's really purely a tool to hide from the endpoint," he says.
Tor encrypts messages between nodes, but at each node, the received messages are decrypted and then re-encrypted for the hop to the next node. The node itself has access to the raw message payload.
[edit on 11-7-2008 by metamagic]
Dan E's story exposed that there is neither full security nor full anonymity in TOR. It can be a useful tool, but not the silver bullet people think it is.
The other thing we have to keep in mind is that no system can be totally secure.
I think you meant to say the node itself and anyone monitoring that node has access to the raw data.
This is especially true of the exit node, where the data is decrypted so that the next non-TOR router/server can read it . In doing so it gives anyone monitoring the node access to the data. Thus the lack of security I mentioned,
Any confidential data that is sent over Tor must be secured via encryption or other means.
The discovery that sensitive, government emails were passing through Tor exit nodes as unencrypted, readable data was only mildly surprising to Egerstad. ..."People think they're protected just because they use Tor. Not only do they think it's encrypted, but they also think 'no one can find me'," Egerstad says. "But if you've configured your computer wrong, which probably more than 50 per cent of the people using Tor have, you can still find the person (on) the other side."
Initially it seemed that government, embassy, NGO and corporate staffers were using Tor but had misconfigured their systems, allowing Egerstad to sniff sensitive information off the wire.
Anyone between you and the place your sending the data to has the potential to access the data, and identify the origin/endpoint. It also shares the same issue of being subjected to subpoena.
Tor was developed by the US Navy to allow personnel to conceal their locations from websites and online services they would access while overseas. By downloading the simple software, personnel could hide the internet protocol address of their computers - the tell-tale number that allows website operators or intelligence services to determine a user's location.
In addition to hackers using Tor to hide their origins, it's plausible that intelligence services had set up rogue exit nodes to sniff data from the Tor network.
"Domestic, or international . . . if you want to do intelligence gathering, there's definitely data to be had there," says Stover. "(When using Tor) you have no idea if some guy in China is watching all your traffic, or some guy in Germany, or a guy in Illinois. You don't know."
Egerstad is circumspect about the possible subversion of Tor by intelligence agencies. "If you actually look in to where these Tor nodes are hosted and how big they are, some of these nodes cost thousands of dollars each month just to host because they're using lots of bandwidth, they're heavy-duty servers and so on," Egerstad says. "Who would pay for this and be anonymous?"
However, Dmitri Vitaliev, a Russian-born, Australian-educated computer security professional who lives in Canada, says Tor is a vital tool in the fight for democracy. Vitaliev trains human-rights campaigners on how to stay safe when online in oppressive regimes. "It's incredibly important," he said in a Skype chat from the unrecognised state of Transnistria, a breakaway region in Moldova where he's assisting a local group working to stop the trafficking of women. "Anonymity is a high advantage in countries that perform targeted surveillance on activists."
It's also used to bypass website censorship in more than 20 countries that censor political and human rights sites, he says.
Originally posted by metamagic
I think that we are actually in agreement on all the substantative points