With TOR I thought there was a thing where it was kinda assumed that US intelligence was running enough of the TOR endpoints that the whole network had a false sense of security; has that ever been addressed?
So with the number of hops (i.e layers of the onion), I would say it's unlikely you go over a route where every single entry and exit is controlled by the US govt. If they don't have the whole route, they can't unwrap every layer of encryption, as even a single AES encrypted layer is considered unfeasible right now. From the perspective of a user on the network, there's no way to tell who owns what nodes though. The ability for say the NSA to do a tracing attack is debated among the field but it's possible theoretically.
AFAIK no one has ever been identified by unraveling their whole route. Rather it's always been leaking personal info while on TOR, like using TOR to do something very close to where you are, and well there's not many TOR connections coming from any single area so that narrows it down a lot. I have heard of cases with the FBI at least of them complaining in court and email released via FOIA requests that if someone had not leaked info that way they would never found the person, you can choose to believe that or not.
IIRC it was an attack based around deductive assumptions from controlling a preponderance of the endpoints, definitely not actually stripping encryption or going through all the anonymizing hops. I was looking for anything that might help me remember what it was but all I can find is an attack from this year with 25% of endpoints stripping SSL to rewrite bitcoin transfer addresses lol
With TOR I thought there was a thing where it was kinda assumed that US intelligence was running enough of the TOR endpoints that the whole network had a false sense of security; has that ever been addressed?
deleted by creator
So with the number of hops (i.e layers of the onion), I would say it's unlikely you go over a route where every single entry and exit is controlled by the US govt. If they don't have the whole route, they can't unwrap every layer of encryption, as even a single AES encrypted layer is considered unfeasible right now. From the perspective of a user on the network, there's no way to tell who owns what nodes though. The ability for say the NSA to do a tracing attack is debated among the field but it's possible theoretically.
AFAIK no one has ever been identified by unraveling their whole route. Rather it's always been leaking personal info while on TOR, like using TOR to do something very close to where you are, and well there's not many TOR connections coming from any single area so that narrows it down a lot. I have heard of cases with the FBI at least of them complaining in court and email released via FOIA requests that if someone had not leaked info that way they would never found the person, you can choose to believe that or not.
IIRC it was an attack based around deductive assumptions from controlling a preponderance of the endpoints, definitely not actually stripping encryption or going through all the anonymizing hops. I was looking for anything that might help me remember what it was but all I can find is an attack from this year with 25% of endpoints stripping SSL to rewrite bitcoin transfer addresses lol