undefined | Better HN

0 pointsdependenttypes6y ago0 comments

> Why do you think it fails as basic security against the government?

Tor connections against normal sites use 3 hops while they use 6 hops against onion sites. Controlling or potentially even analysing the traffic from 2 of the hops is enough to know where the user connects to (it might be 4 hops for the onion case but I am not sure). I am pretty sure that NSA has enough resources for their own nodes. I2P has a better architecture in general but it still does not solve the issue. I am looking into evaluating lokinet at the moment.

In general tor does not have a great track record. For example they took ages to upgrade from an 80-bit sha-1 truncated address scheme with dh1024 and aes128 into something more modern.

0 pointsdependenttypes6y ago0 comments

> Why do you think it fails as basic security against the government?

In general tor does not have a great track record. For example they took ages to upgrade from an 80-bit sha-1 truncated address scheme with dh1024 and aes128 into something more modern.

0 comments

4 comments · 2 top-level

shadowprofile776y ago· 1 in thread

Okay, definitely a bit less practical, but what about using TOR with TAILS on a laptop that's dedicated to nothing else (laptops for TAILS use generally shouldn't run over top of a Windows or regular OS installation). Furthermore, using said machines or TOR alone from an IP address that isn't one's own identifiable address.

That aside, what do you concretely propose as alternatives to TOR for the seriously privacy-conscious (and those, such as activists and dissidents, who need anonymity in a life-or-death way.

dependenttypesOP6y ago

> but what about using TOR with TAILS on a laptop that's dedicated to nothing else

This does not really help regarding what I mentioned.

> using said machines or TOR alone from an IP address that isn't one's own identifiable address

Slightly better I guess but in most cases you can still be identified.

> what do you concretely propose as alternatives to TOR for the seriously privacy-conscious

Honestly, no idea. I would keep using tor for the time being but we really need an alternative.

pfundstein6y ago· 1 in thread

You could've just said that you have a hunch.

dependenttypesOP6y ago

Are you kidding? What part of "Tor connections against normal sites use 3 hops while they use 6 hops against onion sites. Controlling or potentially even analysing the traffic from 2 of the hops is enough to know where the user connects to (it might be 4 hops for the onion case but I am not sure). I am pretty sure that NSA has enough resources for their own nodes" seems like a hunch?

Do you have something that you disagree with? If so just say it.

j / k navigate · click thread line to collapse