Dear reader, I’m a Tor user.
My interest in anonymity awoke in response to the European parliament passing the data retention directive in 2005. I did (and still do) not want my ISP to be able to spy on everything I do. I maintain a German web site explaining how Internet communication works, warning against data retention, and advertising anonymity via Tor [1]. I thought that there is not much to lose when using Tor (except for speed). Now, I’m about to include a big warning concerning Tor. Maybe I’m driven by fear, uncertainty, and doubt. But I doubt that. I’d like to see this e-mail as a consensus check ;) I’m only talking about Tor users like me, living in a stable democracy. In my idealistic (or naive?) view, it’s nobody’s business to collect data about me as long as I’m not a suspect of crime. If they do anyways, they violate my (perceived) rights, privacy, and dignity. I’m using Tor as tool to fight that violation. (My reasoning does not apply to people under oppressive regimes who use Tor as protection from their own government when they coordinate and communicate and whose physical freedom and well-being are at risk.) Of course, since Tor’s beginning the threat model has been excluding global passive adversaries (which are able to observe both ends of the torified communication) but I didn’t consider that a real issue. However, now I do. Today, the GCHQ (GB) is running Tempora to spy on all transatlantic data, including three days of full storage for deeper analysis. The NSA (US) is doing all kinds of spying with PRISM, including rumors of tapping directly into the German Internet eXchange DE-CIX [2]. The DGSE (French foreign intelligence agency) is spying massively on the French (so much for *foreign* intelligence). The BND (German foreign intelligence) is allowed to monitor up to 20% of border-crossing Internet traffic; supposedly, they are looking at 5% right now and investing heavily to increase that number [3]. In 2007 Murdoch and Zieliński [4] developed traffic analysis techniques based on sampled data for parties monitoring Internet eXchanges (IXes). Apparently, the parties mentioned above have capabilities that go far beyond the paper’s sampling technique. Thus, I’m assuming that global adversaries are spying on me. As I said, initially I worried about my ISP under data retention and considered Tor to be an excellent protection. Of course, that’s only part of the story as I’d like to restrict who is able to spy on me as much as possible, whether my ISP, the ordinary criminal, or our governments’s spies. Frankly, I only started to think about the last point after seeing the video “Enemies of the State” of last year’s Chaos Communication Congress [5]. There, former NSA officials complained that the NSA is beating US citizens’ constitutional rights into the dust. However, the existence of rights for Non-Americans was not acknowledged, and I wondered how my expectations should look like given that I’m not protected by the US constitution. Now, Tor re-routes traffic on a world-wide basis. I believe that without special precautions (I’m going to write a separate e-mail on that), my communication with the entry node as well as the exit’s with the real communication partner will flow through big pipes and IXes, which are worth the investment of spying facilities; of course, terrorism needs to be fought … Thus, Tor does not anonymize; instead, it turns all my network traffic over to adversaries. Hopefully, Tor makes the adversaries’ lives harder, and they need more compute power to spy on me. Maybe they find torified traffic more interesting and handle it with higher priority. In any case, I assume that torified traffic gets analyzed. In contrast, without Tor I’m *not* certain that all my traffic gets analyzed. Part of my traffic does not need to flow through big pipes and IXes but stays in local, untapped regions of the Internet. Thus, my warning could read as follows: 1. If you are using Tor, you should assume that all your network traffic gets stored, analyzed, and de-anonymized by intelligence agencies. 2. If you do not use Tor, you should be aware that your ISP could spy on all of your network traffic, while part of it (that part passing tapped IXes) gets stored and analyzed by intelligence agencies. Of course, there still is more fun in using Tor. What’s your take on the current situation? Should the Tor FAQ include a similar warning? Best wishes Jens CBP Crash Islamist Nazi Salmonella Mudslide Illegal immigrants Blowpipe Narco banners Afghanistan ASPIC FARC illuminati InfoSec Terror Footnotes: [1] http://www.informationelle-selbstbestimmung-im-internet.de/ [2] http://www.h-online.com/news/item/PRISM-scandal-internet-exchange-points-as-targets-for-surveillance-1909989.html [3] http://www.spiegel.de/politik/deutschland/internet-ueberwachung-bnd-will-100-millionen-investieren-a-905938.html [4] http://www.freehaven.net/anonbib/#murdoch-pet2007 [5] https://media.ccc.de/browse/congress/2012/29c3-5338-en-enemies_of_the_state_h264.html _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
