Page 5: "Terrorist with Tor client installed"<p>And its a picture of a guy with a bandit mask and an AK-47. I don't know about you guys, but all my Tor activities are performed in my Halloween costume!<p>I honestly can't believe something this tacky would end up in a presentation. Is this supposed to be propaganda?
This should provide clear warning to anyone who might consider themselves a cypherpunk: Even if you don't think that you are at war with the US government, the US government (and likely most other governments) believes it is at war with you.<p>It sounds dramatic because it is.
When will everyone get off the bandwagon of referring to anyone that's willing to actually stand for their beliefs counter to U.S. interests a terrorist? It's gotten to the point where the word terrorist just makes me roll my eyes and say "whatever", I'm becoming desensitized to it, just like most of the UK did growing up in England during the height of IRA campaigns. After a while, it just became a tedious pain in the ass and everyone switched off.
General conclusion from all of the published leaks is that GCHQ punches (in technical capability and general quality of work) way above its weight class (funding and presumed staffing levels); they also seem much more willing than NSA to be completely unbound by any idea of domestic user privacy. Which is fitting for a country with the number of CCTV cameras they have.
They actually saw it as their job to make the experience of anyone using Tor difficult.<p>Isn't that kind of like the police deciding to make the roads full of potholes because that would make it more difficult for bank robbers to get away in a car.<p>Then again, considering the quality of the roads these days, maybe they are way ahead of me on that.
Depressingly, the document talks about plans to make Tor less reliable to dissuade people from using it:<p>> Could we set up a lot of really slow Tor nodes ... to degrade the quality of the network?
> Given CNE access to a web server make it painful for Tor users?<p>At least the document seems to confirm that GCHQ has a really, <i>really</i> hard time de-anonymising Tor users.
Why are these latest NSA stories getting flagged so much?<p>I don't like that PG has relaxed the flagging so much. You can probably flag even tens of stories a day now without having your flagging removed.
Doesn't look like a very ethical/professional presentation. But then again, who said everyone's professional in all agencies. Its a conjecture to think our laws are systematically enforced by ethical folks.
Of course, if they actually have a really easy time de-anonymizing users, they might "leak" a document like this to encourage people to keep using it.<p>Conspiracy theories are fun!
Does anyone know what the QUANTUM attack they refer to is? It doesn't seem like quantum computing on the face of it; It looks like it may be a system used to disrupt traffic on the internet, possibly man in the middle attacks.<p>Edit: I found a reference to something called a "Quantum Insert" in an article related to GCHQ. They state the following:<p><i>According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a "Quantum Insert" ("QI"). It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them</i><p><a href="http://www.spiegel.de/international/europe/british-spy-agency-gchq-hacked-belgian-telecoms-firm-a-923406.html" rel="nofollow">http://www.spiegel.de/international/europe/british-spy-agenc...</a><p>This might be what they are referring to, or a system that was built for targeting specific individuals.
From the Schneier article:<p>"The good news is they [NSA] went for a browser exploit..."
- Roger Dingledine, President of Tor project<p>It seems there are assumptions among parties that employ "browser exploits" against unsuspecting users that the persons targeted will be using "modern", complex, Javascript-enabled, graphical browsers, and that they'll use these browsers to retrieve content from the network and to view that content on machines with writeable permanent storage that can connect to the network. Am I misreading all these tales of browser exploitation?<p>Can these parties accomodate reboots from read-only media, text-only browsers, write-protected storage and offline viewing of content?<p>Maybe the problem isn't so much with Tor as with with the popular browsers and their gratuitous complexity.
The slides were from over a year ago, I'm sure a lot has changed since then. Also the timing of this is very suspect, obviously it's been in the news and the Guardian either want to run with this new line brought on by the Silk Road "bust", or they just want to "soothe" (take as you will) our worries with the network.<p>Would also love to know more about NEWTONS CRADLE, anyone heard of anything more specific?
Some nice recommendations tho for usage.<p>ORBOT / Tor Router Project / Hide-my-ip-address / Tor Project and the bootable OS Tails.<p>Some of the more advanced Obfuscation for the tor project<p>Skype Morph - Hides Tor traffic in Skype packets mmm fun and worth a look<p>Someone better be working on tor Obfuscation with flash packets, no one is going to block those things.<p>/tinhat
It's important to note this is from 2007 and thus things have probably changed immensely since then.<p>Edit: Nevermind, it says it's sourced from a 2007 file but dated 2012.
After reading many of these articles about the NSA I keep wondering if they have an office specifically tasked with thinking up code names for these projects. I personally would find it difficult to keep them all straight—this article, for example, contained a new one to me: ONIONBREATH.<p>Just an odd image in my mind of a group of top-security clearance, extremely well trained, able-minded people who think up silly code names like these.
I also quite like the point "Analytics: Cookie Leakage", like anyone that uses Tor doesn't use it in incognito mode with cookies disabled... or flushes their cookies before they use anything else...<p>... that either says they're stupid, or they're only after stupid terrorists... as if they're the ones they should really be concerned about.
After watching the presentation, I can think in two things to make TOR better, from the point of view of the anonymity of its users:<p>* Better education on how users can browser carefuly (no javascript, no plugins, updated browsers)
* More nodes.
Somehow I find this presentation reassuring. It mainly suggests to me, that the NSA/GHCQ has to do 'honest' traffic analysis, implying that they did not break any of the crypto primitives used in Tor.
So, according to these documents, NSA and GCHQ do have few "owned" exit nodes, but not so many, hence, they want to own more. Interestingly enough, GCHQ set up Tor exit nodes on the AWS cloud.
Given that it says that the NSA and the GCHQ is trying to setup tor nodes.. is it possible for us to identify these nodes? Some sort of trust network perhaps?