Silk Road forums
Discussion => Security => Topic started by: rockstafarian on March 17, 2012, 07:07 pm
-
Does Tor prevent my ISP from seeing what I'm doing?
I read recently that ISP's will beging patrolling user's data looking for copyright infringement. But I think this opens the door to the possibility of some serious gov't crackdowns on everything from this ( if they can read it despite the use of the tor browser ) to people talking about weed on facebook chat...
Apparently they keep backlogs of user activity on their networks so I feel like there may be a major shit storm forming over the U.S. in regards to LE cracking down on crime using the internet for their tips.
This combined with the speculation on just what the fuck the FEMA camps are going to be used for is all very concerning. I think we are headed to a police state here in America, thoughts? Should I be getting prepared for some serious fucking shit to go down?
-
Someone more knowledgeable correct me if I am wrong, please.
From what I know, your ISP can see that you are connected to TOR but the data is encrypted.
They know you're on TOR, but don't know what you're looking at.
-
You should assume that all ISPs are using deep packet inspection to see what you're up to. This doesn't mean that they are tracking you. Their algorithms would need to optimize their routers based on the type traffic flow for one thing. But yes, they can certainly look at TOR traffic and recognized it as such. But it's encrypted and thus of limited use to them. Remember that ISPs are not policemen in the West, that is LE's job.
*However*
* It is always a red flag to use TOR from the perspective of LE.
* If you are the only person in your area using TOR...
* If few people in your country use TOR...
So, people in different geographical areas, should assume different levels of paranoia about their security situations.
Using TOR in an area of higher population density is always preferable.
By utilizing a bridge, you are able to get around this possibility of TOR use discovery. This is not difficult to do. Read the help files supplied with the TOR package. To take it to the next level, you should use a private bridge. i.e. a bridge you've setup yourself exclusively for you.
TOR traffic, unless you're using FTP (file downloading) or Bittorrent, is absolutely miniscule to the general amount of internet traffic you probably generate. This creates a terrific advantage to those using Steganographic Technologies.
That is why I think people, and vendors in particular, ought to be using obfsproxy and similar concepts.
Lastly; for the truly paranoid/security conscious, you want to be thinking about a USP. A unique trick nobody else uses.
For most people, having a consistent procedure and not doing dumb things like logging into IRC chats on clearnet is enough.
-
TOR traffic, unless you're using FTP (file downloading) or Bittorrent, is absolutely miniscule to the general amount of internet traffic you probably generate.
So if I were downloading a torrents on firefox with utorrent with TOR opened in the background, I'd be in trouble? To clarify I don't use TOR to access torrent sites and initiate downloads, I do this with firefox. However sometimes tor is open while I'm downloading stuff with utorrent.
-
Your ISP can see you use tor if you don't use bridges, but past that they don't know what you're actually using it for.
-
Lastly; for the truly paranoid/security conscious, you want to be thinking about a USP. A unique trick nobody else uses.
USP? Go on....
-
You should assume that all ISPs are using deep packet inspection to see what you're up to. This doesn't mean that they are tracking you. Their algorithms would need to optimize their routers based on the type traffic flow for one thing. But yes, they can certainly look at TOR traffic and recognized it as such. But it's encrypted and thus of limited use to them. Remember that ISPs are not policemen in the West, that is LE's job.
*However*
* It is always a red flag to use TOR from the perspective of LE.
* If you are the only person in your area using TOR...
* If few people in your country use TOR...
So, people in different geographical areas, should assume different levels of paranoia about their security situations.
Using TOR in an area of higher population density is always preferable.
By utilizing a bridge, you are able to get around this possibility of TOR use discovery. This is not difficult to do. Read the help files supplied with the TOR package. To take it to the next level, you should use a private bridge. i.e. a bridge you've setup yourself exclusively for you.
TOR traffic, unless you're using FTP (file downloading) or Bittorrent, is absolutely miniscule to the general amount of internet traffic you probably generate. This creates a terrific advantage to those using Steganographic Technologies.
That is why I think people, and vendors in particular, ought to be using obfsproxy and similar concepts.
Lastly; for the truly paranoid/security conscious, you want to be thinking about a USP. A unique trick nobody else uses.
For most people, having a consistent procedure and not doing dumb things like logging into IRC chats on clearnet is enough.
Hello, Pine, I'm still not clear on how to set up a bridge. I tried to add the bridge lines in settings under network, but as soon as I click OK, a box appears saying
"Vidalia was unable to apply your Network settings to Tor.
Unacceptable option value: Servers must be able to freely connect to the rest of the Internet, so they must not set UseBridges." I don't know what I'm doing wrong. Also, if done correctly, how do you add several bridge IPs to the space? Is it by separating by commas?
And all I see is for example, 212.54.220.145:9001, but I seem to have seen that it should be something like: 212.54.220.145:9001 812593FCC5F4BCDD602F30B8F5852786B5F7E4EA or some such. Could you help?
Thanks!
-
http://www.rt.com/news/utah-data-center-spy-789/
^^^^^^^^^^^
This is the kind of shit that I'm worried about folks
-
I have not read this full paper yet but they seem to think that traffic fingerprinting is pretty serious business
Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail
http://freehaven.net/anonbib/cache/oakland2012-peekaboo.pdf