Quote from: msft1 on August 10, 2012, 03:59 amQuote from: BuddhaNature on August 10, 2012, 03:27 amWhat if the pigs are already on to you and somehow intercept unencrypted addresses that are headed towards you.Spot on. I was gonna bring this up in a separate thread. SR website doesn't use SSL. Why the hell not? Thanks to that it's quite trivial to intercept SR traffic for anyone owning a TOR exit router. Of course you'll need to own a lot of exit routers to increase chances of intercepting the traffic you want. I've read somewhere that government(s) own a significant chunk of exit routers just for that purpose - to intercept unencrypted traffic. Whether it's true or not, we don't know. But why wouldn't they? Many governments already go to great lengths to block TOR and I'm sure every government sees TOR as a big danger to itself.You've some misconceptions about the Tor network. I don't know everything about it either, but I do know that:SR doesn't use SSL because SR is a hidden service. SSL is only relevant for webpages on clearnet and SR is not on the web. Inside the Tor network itself everything's already encrypted so using SSL makes no sense.Is it trivial to analyze and intercept regular HTTP traffic at an exit node, yes. Which is why you should prefer SSL when accessing the web from Tor.It is however, very non-trivial to intercept and decode traffic to a hidden service. You can use timing attacks etc to try and figure out where the traffic might be going, but it's not 100% and it doesn't help you on the contents of the packets.A passive adversary who managed to obtain most of the exit nodes/relays is not going to waste all that effort on busting SR, any such entity needs to show that trump card to aid traditional LE like they need a hole in the head.Finally, every last government that has tried to block Tor for good has completely failed. Even the Chinese couldn't do it, and they threw a lot of resources at it in terms of manpower too. They did manage to drop the number of users considerably at one point, but the network lives on in China.I'm not claiming that Tor is invincible by any means, but I think you're overestimating the powers that governments have against strong cryptography. If you have a sufficiently strong cipher or you were using a one time pad, then all the power in the world couldn't decrypt your message. In the case of the one time pad, it's actually theoretically impossible. That is why the cryptoanarchists are so pleased with themselves, because there are things the strong cannot break and the weak can easily use in defense. Strong crypto genuinely takes existing presumptions about power away from the state and puts it in the hands of anybody.All hail to the geeks! :D