Hacker News new | past | comments | ask | show | jobs | submit login

So from what I've read so far they are trying to deanonymize TOR users by having a large number of relays in the network. This isn't an unknown attack vector. But surely the NSA could easily do the same. What's to say that half the relays aren't already NSA owned?



Does this mean that if agencies from different countries get into an arms-race trying to take control of the network in such a way, it would actually make tor stronger?


But remember that the us, UK, canada, and australia and some other are major cooperators and likely won't compete.


You make me wonder if there is yet another way of compromising TOR, to ask each intelligence service to contribute a small fraction of their capacity to TOR so that the vast majority of the nodes is owned by some agency, who then exchange data through some back channel. Harder to detect and with far more resources than any single agency could provide.

Or is the NSA so large that it dwarfs the resources the rest of the world could contribute?


I don't think its out the realms of possibility for any intelligence agency to set up a LOT of servers at different ISPs with different credit cards and account owners.


The problem with that approach is that it need to be done very quietly, slowly, and secretly, while being large scale.

If a few hundred thousands nodes or a few massive large nodes suddenly popped up, then the admins of the tor directory servers (or some security research) would start asking question. It wasn't that long time ago that a rather large cluster came into discussion because it looked suspicious, and the situation got resolved a few days later.

Then it need to say quiet since nodes require up-time in order to be weighted favorable compare to other nodes. During this time they will generate traffic, noise and like a few abuse letters. That mean the ISP will be in communication with the intelligence agency, which in turn either require lies which could fail or agreements which can leak.

Simply put, it is likely easier, more cost effective and less fragile tap the back bone ISP network and sort out tor chains when needed.


On a good day there are only a few thousand (< 10K) nodes in the tor network as far as I can see so why would you need a few hundred thousand nodes?


Because if you create 3000 TOR relays in an hour it's easy for everyone to notice them and not use them.


True. But if you do it over a long period... TOR has been around a while now. How can you possibly vet all owners? Surely most relay owners would prefer to remain anonymous.


Yes, I'm sure there are relays being run by the NSA and other governments. But people monitor the creation of new relays an attempt to determine who is running them. It's not a simple task to fool everyone.


Since a large part of initial Tor development was funded by the US Navy and then DARPA, I think it's a safe bet that the NSA et al. have been doing this ever since the first public release.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: