Ask HN: Does using TOR make you a target?

8 pointsautonomy7711y ago4 comments

Just wondering what the community here felt about the potential risk of "guilt by association" - no matter how tenuous - of using the TOR network. Does the mere use of this technology give users an automatic red flag in the eyes of the authorities? Thoughts?

4 comments

mattkrea11y ago

It was previously disclosed[0] that yes, even just visiting torproject.org would mark you as a target and all your subsequent traffic would be funneled into NSA systems.

[0] http://daserste.ndr.de/panorama/aktuell/NSA-targets-the-priv...

mo11y ago

That is not the case. The disclosures show some rules to match requests to Tor directory authorities (which most clients connect to to bootstrap) and the Tor website, amongst others (like some article at linuxjournal). It is unknown whether these are actual rules in deployment or just example rules from some demo slides, who can add or select rules for collection on what networks, how many rulesets there are and, maybe most importantly, how many rules your traffic has to match before it gets "flagged", and whether that results in full collection of the traffic or for a subset of the (meta)data.

mattkrea11y ago

While, in looking at the docs again (I Googled them just now having not seen them since the initial leak) you are mostly correct if you've seen the rest of their systems that have so far been made public I can't help but assume that you are flagged on these rules alone.

The most protective their systems got seems to be:

1) Login to Active Directory 2) Explain why you are targeting this person using a dropdown or <select> 3) Enter email or user ID 4) Wait for results?

This is is why, while you are correct, I would just like to say that it is safer to err on the side of caution and assume that you are targeted.

Edit: Here is the source that fingerprinted the torproject address I referred to meaning they fingerprint and then search for these requests. There are similar definitions for Tails.

// START_DEFINITION /* The fingerprint identifies sessions visiting the Tor Project website from non-fvey countries. */ fingerprint('anonymizer/tor/torpoject_visit')=http_host('www.torproject.org') and not(xff_cc('US' OR 'GB' OR 'CA' OR 'AU' OR 'NZ')); // END_DEFINITION

bediger400011y ago

Do we know how long ago this was put in place? I installed tor browser maybe 6 or 8 years ago, used it for an afternoon, then never again.

Was I made a collection subject then? Am I still a collection subject? If so, how can I petition the government for redress of this obvious violation of my civil rights?

j / k navigate · click thread line to collapse

4 comments

mattkrea11y ago

It was previously disclosed[0] that yes, even just visiting torproject.org would mark you as a target and all your subsequent traffic would be funneled into NSA systems.

[0] http://daserste.ndr.de/panorama/aktuell/NSA-targets-the-priv...

mo11y ago

mattkrea11y ago

The most protective their systems got seems to be:

1) Login to Active Directory 2) Explain why you are targeting this person using a dropdown or <select> 3) Enter email or user ID 4) Wait for results?

This is is why, while you are correct, I would just like to say that it is safer to err on the side of caution and assume that you are targeted.

Edit: Here is the source that fingerprinted the torproject address I referred to meaning they fingerprint and then search for these requests. There are similar definitions for Tails.

bediger400011y ago

Do we know how long ago this was put in place? I installed tor browser maybe 6 or 8 years ago, used it for an afternoon, then never again.

Was I made a collection subject then? Am I still a collection subject? If so, how can I petition the government for redress of this obvious violation of my civil rights?

j / k navigate · click thread line to collapse