2598
« on: December 31, 2012, 12:12 am »
Theoretically this attack could work, but it seems impractical. Telecoms turn over location data quite easily, usually without a warrant, but then LE would have to work with ISPs to watch thousands of internet connections (most don't log your browsing history).
Further, you can mask your Tor activity by connecting to bridges and using pluggable transports such as obfsproxy, which make your encrypted connection look like something other than a Tor connection. Well, Tor already tries to look like Firefox talking to Apache over SSL, but the hand shake is different and a Tor connection can be recognized from that. Pluggable transports try to make the connection look like something else, such a Skype call, and they're working on obfuscating the handshake even more (in Tor 0.2.4).
More on pluggable transports: https://www.torproject.org/docs/pluggable-transports.html.en
Or you could use a VPN, but then you should get something overseas that isn't subject to US laws.