On Fri, Oct 19, 2012 at 11:25:34AM +0100, Anon Mus wrote: > e.g. lets say a node is in a server in an IBM/US telecoms company based > in France, then that server will almost certainly be routing ALL its > traffic through the USA and back to itself (or another node in the same > company) before sending it on to the next external node. This diversion
While it is no secret that intercontinental fiber taps exist, you would not route the traffic itself over the Atlantic to an intercept and analysis point and then back (you would see that in giant added latency), but to tap the signal not too far from the fiber landing point, since you would need to analyze it in a somewhat big box probably not residing on the seabed. It is probably easier to local intelligence services to co-operate intensively, and intercept data close to exchange points, and share results of analysis (only sharing realtime communication taps on a very small set of high value targets). Such sharing can happen over dedicated channels, or over VPN tunnels over the public Internet. > is NEVER reported as ONLY a single "virtual node ip" is quoted. The only > way you can ever tell its been done is by looking at the time delay, > however this is also often difficult/impossible to spot because these > routes are often the fastest on the internet. OK - I know this goes on > for certain because there are internal tools used within these companies > to trace the TRUE route and I have seen such servers send their traffic > in this manner 24/7 - 365. Having discussed this as "wasted effort" with > a network engineer I was told there is a "payment" made somewhere to > compensate. At the same time all of this is camouflaged in apparently > nice and legitimate reasons for it being that way, but when you pull it > apart you see the lie, but you can't PROVE it. > > As about 70% of Europe's internet traffic passes through an IBM/US > telco's servers then it almost certain that in any one of these Tor node > to Tor node connections there is at least one sub-nodes that passes the > traffic through the USA, who is the global adversary using Total Traffic > Timing Tracking. Passive traffic analysis does not require being part of the Tor network (though operating a noticeable number of compromised Tor nodes would give you additional information which is not easily available with traffic analysis). > > You should be able to work the rest out for yourself. _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
