After the Snowden revelations regarding FOXACID and QUANTUM going largely undressed in the tor project, people have every right to feel sketched out with using ToR for anything. "We're still helping people" just isn't a good enough argument for most people.
Wonder what has replaced “Xkeyscore” given the wide adoption of TLS. I know ISPs, especially national ISPs like AT&T (see: titanpointe - 33 thomas st, nyc) would feed data to NSA since traffic at the time was mostly via http (rather than https). I suppose the unencrypted dns queries are still useful (although DNSSEC is supposed to defend against snooping/deep packet inspection)
>Wonder what has replaced “Xkeyscore” given the wide adoption of TLS.
Cloudflare is a US-based company that does MITM attacks on all traffic of the websites that it protects. It's part of how their DDoS mitigation works.
Many people still use large US-based mail providers such as Outlook or Gmail.
Many large services use AWS, GCP or Azure. Perhaps there are ways for the NSA to access customers' virtual storage or MITM attack traffic between app backends and the load balancer where TLS is not used.
It is MITM, but is it an attack? Literally the website owner hires Cloudflare explicity to decrypt and filter the traffic. Attack implies that it's unwanted behavior, yet the reality seems to imply that its wanted behavior by the site owner at a minimum, although continued use of the site by visitors also suggests that they want that behavior (or they'd go elsewhere).
Isn’t the attack assuming that NSA/FBI/TLO has full access to the MITM connection at will? I mean that doesn’t seem too far fetched does it give various revelations over the years and things like The Patriot Act actually passing when it’s obviously unconstitutional
Load Balancing && WAF or CDN enablement usually suggests at least a decrypt step or two in the HTTP(s) chain. WAF for layer7 payload inspection, or the default wildcard cert'ing your Cloudflare site for instance.
There's also significant aggregation of traffic at handfuls of service providers amongst service categories, all generally HTTP(s) type services too ... Mail, CDN, Video, Voice, Chat, Social, etc. Each of these are still likely to employ Load Balancing & WAF.
Most WAF/Load Balancing providers have documentation about when/where to perform decrypt in your architecture.
How many Cloudflare sites are just using the Cloudflare wildcard cert?
From there, plenty of 3 letter agency space to start whiteboarding how they might continue to evolve their attack chain.
Often the connection between the load balancer and app backend also uses TLS. I've operated a large / complex service on AWS and all internal communications at each level were encrypted.
Of course, in principle, a cloud provider could tap in anywhere you're using their services – ELB (load balancer), S3, etc. I presume they could even provide backdoors into EC2 instances if they were willing to take the reputational risk. But even if you assume the NSA or whoever is able to tap into internal network links within a data center, that alone wouldn't necessarily accomplish much (depending on the target).
Lots of juicy Internet protocols are still running in cleartext. OCSP, for example, and DNS, as you noted. And the IP-level metadata of TLS connections is still enough to uniquely identify which entities are communicating with each other in many situations. I very much doubt XKeyscore has been retired.
>> Wonder what has replaced “Xkeyscore” given the wide adoption of TLS.
A nationwide invisible firewall, with man in the middle decryption and permanent storage of all unencrypted data. All run by the major backbones and ISPs.
Start an NSA cutout called Cloudflare. Configure sites to use an SSL/TLS connection to Cloudflare, then a separate SSL/TLS connection from Cloudflare to your actual machine. Then have the marketing team call it "Strict" encryption. Make it free so everyone uses it.
It is also a lot easier since ceetificate pinning has fallen out of favor. Many sites use LetsEncrypt. The Certificate Authority system itself is not reliable.
In a way it is the perfect solution from a Govt perspective. Other countries have systems at this scale and larger. China for example.
What makes the CA system reliable is browsers insisting on Certificate Transparency before trusting a cert. If an attacker creates an evil cert by stealing the ACME verification traffic, there's a permanent record of it. Big corps can monitor the ledger to see what certs have been handed out to their domains.
> If anyone tries to convince you Tor is not safe, ask yourself: cui bono?
It could be for insidious reasons, or because the speaker legitimately believes it. "If anyone tries to convince you you shouldn't use Rot13 as an encryption scheme, ask yourself- cui bono?" Silly example, but the point is, just about *everything* could be explained equally by either evil lies or honest warnings.
IIRC there were a lot more options by the time of the Truecrypt-Veracrypt shift. Truecrypt was around when drive encryption was otherwise an expensive enterprise software thing, but I think Bitlocker was included with Pro versions of Windows by the time of Veracrypt so that probably became the easiest free option - and probably with better compatibility as well.
Being able to sniff a key as it transits a local bus is a very different kind of compromise of "trust" than believing that something is preemptively backdoored by a threat actor. It is deeply mysterious that Microsoft don't simply use TPM encrypted sessions to prevent this, though.
No? Any modern disk encryption system with a strong passphrase (basically, anything but default-BitLocker) is very effective against "they have your physical machine and it's off" for any known, current adversary. And, the basic cryptography in use is common, robust, and proven enough that this is probably true even if your tinfoil hat is balled quite tightly.
Where modern research effort goes is into protecting against "they HAD your physical machine and they gave it back to you" or "they got your machine while it was on/running" - these are much more difficult problems to solve, and are where TEE, TPM, Secure Boot, memory encryption, DMA hardening, etc. come into play.
Disagree. If one has physical access to your machine, they also have physical access to you. Practically everyone is vulnerable to rubber hose cryptanalysis.
Right, because every stolen laptop automatically comes with an abduction of the owner? No, getting "hardware access" to a human is much harder (more expensive in the best case and riskier in terms of drastic punishment) than for a laptop, even more so if you want to go undetected.
How's it free if it's not available in the Home edition of Windows?
In fact it's pretty much the only difference between Home and Professional editions of Windows these days, so I'd price it as the difference between the two (about $60).
IIRC the Home editions of Windows now do have drive encryption at least if signed into with a Microsoft account, but they have almost no features for managing that encryption beyond turning it off or getting the recovery key from the MS account.
At the time I was talking about, Bitlocker drive encryption on Windows 7 required either Enterprise or Ultimate, and for a 2-5 person office with no domain and a couple laptops they wanted encrypted outside the office Truecrypt was a perfectly viable option.
This is complete conjecture. Like Truecrypt, Veracrypt is open source, has been audited and has been actively maintained. Could it use another audit? Sure but so could Bitlocker but that isn't happening for even the first time any time soon.
Never heard of any credible reasons to distrust Veracrypt. Don't know who these "people" are either, none of the comments named anything more concrete than what sounds like online rumors.
The best attack against Tor is creating entrance and exit nodes that monitor traffic. That was the biggest risk factor when Tor was invented and it still is today.
How does that work technically, if I am connecting with SSL?
The only thing I see is seeing which IP addresses are using Tor, when, and how much traffic exchanged, but mostly it will be a bunch of reused residential IPs? If you know who you are looking for anyway better to work with their ISP?
With the exit nodes, you know which IP addresses are being looked up. You might get an exit node IP when investigating a crime say. Raid that person, but can you find anything more?
They don't use encrypted data. They look at the metadata like packet size and timing and perform traffic correlation, which defeats Tor's primary purpose: hiding the connection between the source and destination of traffic.
Someone tries to convince you a room totally isn't bugged and that you should have private conversations in it. (A room designed by the US military, incidentally...)
In that case we're talking at cross-purposes, so I'll reserve judgment.
I'm concerned with what let's call Gorhill's Web-- that is, the experience glued together by gorhill's Ublock Origin that is viewed by the vast majority of HN commenters on a day to day basis.
What you're describing is the Web-based Wasteland that is experienced by the vast majority of non-technical users who view the web without an ad blocker.
Encouraging Wasteland users to use TBB may well be an overall improvement for them. But there are more and more popular parts of the web that are practically unusable without an ad blocker-- e.g., fake download buttons, myriad other ad-based shenanigans, multiple ads squeezed into short pieces youtube content that ruins the music, etc. And there's an older segment of the population who at I cannot in good conscience move away from Gorhill's Web.
If Tor uptake somehow spikes to the point that some services can no longer get away with discriminating against exit nodes, then great! But in the meantime, I and many others have solid reasons for encouraging more and more Ublock Origin use among a wide variety of users.
And as you point out, there are technical reasons why the ad blocker lists are at odds with TBB design goals. Thus, I find the top poster's "cui bono" comment low effort and unhelpful.
Politicians and the powers-that-be benefit from slowly adding to the existing pile of what's considered illegal and immoral. They build that pile as a levee against threats to their power; to maintain the status quo.
Immoral is as subjective as it gets and is therefore an awful yardstick.
There definitely are legit use cases for it and in an ideal world, I think all traffic should go over onion routing by default to protect them.
But in reality today besides a handful of idealists (like me some years ago), and legitimate users, like protestors under oppressive regimes - I would assume the biggest group with a concrete interest to hide would be indeed pedophiles and other dark net members and therefore use it.
I'm pretty sure many people use Tor for other things than journalism and CP.
Tor is a privacy tool. Much of what we do in our lives is on the internet, and privacy is important. Tor helps people enjoy privacy in a medium that they are increasingly dependant on.
Tor also helps you to increase your average loading time of a webpage to 10x. That's a very good deterrent against using it if you don't need it for some reason
are you implying that Tor is not used for illegal or immoral purposes? (I took out the primarily that you threw in to make your argument stronger because that made my argument stronger, and I took out your scare quotes because morality doesn't scare me)
I have no idea who is using Tor other than that I heard it can be used by people requiring privacy from governments, e.g. whistleblowers. It also seems to have broad support from the tech industry so I'd be surprised if it was in fact primarily used for illegal or "immoral" purposes. That's why I'm asking.
If anyone tries to convince you Tor is not safe, ask yourself: cui bono?