On Wed, 08 Jan 2014 11:25:02 +0000, Mark McCarron wrote: ... > In regards to identifying Tor users, this is more simple than anyone imagines.
No, it isn't. > A simple DB at an ISP recording IP addresses of those connecting to Tor nodes > is all it takes. Not all tor nodes are publicly known. > In fact, the EU mandates that this data be held for 2 years: > http://en.wikipedia.org/wiki/Telecommunications_data_retention#European_Union No, it doesn't. The requirement is for access ISPs to log the association between user and ip addresses over time, and for email/voip providers to log all mail transfer/voip connections. Access providers are not required to log each individual TCP connection, and that would be needed for finding out even regular guard users. > That data can be correlated with access to hidden services and other websites, This, to the extent that it is actually true (namely that you can correlate the times a person is online with the times a given persona seems to interact with a webservice), is valid for any possible anonymization network that provides interactive access to the web. > so we know for a fact that Tor is extensively compromised at present and > provides no anonymity as it fails to deal with traffic analysis. In a fully infiltrated network anonymous communication is impossible. So what are you aiming at? Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds <torvalds@*.org> Date: Fri, 22 Jan 2010 07:29:21 -0800 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
