
How to encrypt your entire life in less than an hour - quincyla
https://medium.freecodecamp.com/tor-signal-and-beyond-a-law-abiding-citizens-guide-to-privacy-1a593f2104c3#.z03mlolhz
======
schoen
I appreciate how practical these tips are and I hope people will follow them.

I have two quarrels with this:

> Andy Grove was a Hungarian refugee who escaped communism [... and]
> encourages us to be paranoid.

I'm pretty sure that Grove was referring to business strategy, not
communications security.

> Congratulations — you can now use the internet with peace of mind that it’s
> virtually impossible for you to be tracked.

Something I've seen over and over again is that Tor users tend to have a poor
understanding of what Tor protects and doesn't protect. The original Tor paper
said that Tor (or any technology of its kind) can't protect you against
someone who can see both sides of the connection -- including just their
_timing_. Sometimes, some adversaries can see both sides of a person's
connection. As The Grugq and others have documented, Tor users like Eldo Kim
and Jeremy Hammond were caught by law enforcement because someone was
monitoring the home and university networks from which they connected to Tor
and saw that they used Tor at exactly the same time or times as the suspects
did. (In Hammond's case, recurrently, confirming law enforcement's hypothesis
about his identity; in Kim's case, only once, but apparently he was the only
person at the university who used Tor at that specific time.)

As law enforcement has _actually identified Tor users_ in these cases, I think
people need to understand that Tor is not magic and it protects certain things
and not other things. In fact, I helped to make a chart about this a few years
ago:

[https://www.eff.org/pages/tor-and-https](https://www.eff.org/pages/tor-and-
https)

This chart was meant to show why using HTTPS is important when you use Tor,
but it also points to other possible attacks (including an end-to-end timing
correlation attack, represented in the chart by NSA observing the connection
at two different places on the network) because many people in the picture
know _something_ about what the user is doing.

I've been a fan of Tor for many years, but I think we have to do a lot better
at communicating about its limitations.

~~~
quincyla
Thanks for the clarification on TOR. I guess I should change "virtually
impossible" to something more moderate like "extremely difficult" as colluding
with a network to gain access to the network.

How reliable would this approach be if, say, 100x the number of people who
currently use TOR start using it?

~~~
schoen
Thanks for being willing to edit it.

It depends a lot on who the attacker is and what they already know about the
user.

Tor's best-case is when someone sees only one side of the connection and has
no prior knowledge: the guard node (entry) side sees "who" and the exit side
to some extent sees "what", but these pieces of information can't be
connected. "Oh, this person's using Tor; no idea why!" or "Oh, somebody's
reading French Wikipedia; no idea who!" And that's certainly a huge win for
privacy and applies in practice matter to many Tor users every day.

If you have a suspicion about the "who" and you can perform some kind of
surveillance against that specific person, or you have visibility into
activity on a network where some potential "whos" might be or where the guard
node they used is located, the picture gets a lot worse, and it's probably
still bad if Tor activity grows a hundredfold. But there are other models
where increased use of Tor is just what the doctor ordered, like a government
that wants to scrutinize every Tor user.

One paper analyzing how bad some kinds of practical attacks are is

[https://dl.acm.org/citation.cfm?id=2516651](https://dl.acm.org/citation.cfm?id=2516651)

but that doesn't necessarily cover the whole landscape for how Tor users'
privacy might be compromised.

I'm starting to think about writing a "How Tor Fails FAQ" or something (with
an emphasis on the fact that I'm a big supporter, have done outreach on behalf
of the Tor Project, presented them with an award, and think the technology is
the best in its class). The Tor developers will be the first to tell you that
anonymity technology is difficult and fragile.

