Silk Road forums
Discussion => Security => Topic started by: Spunkaroo on August 23, 2012, 09:46 am
-
This is not specifically about Silk Road, and more about TOR in general, and I'm really just looking for some confirmation of something I already think I understand.
Am I correct in saying that with the way TOR traffic is structured and sent around the network, if your ISP is keeping track of your data usage they would at best only know that you are connecting to TOR, and not what you are looking at exactly? I ask because there are proposed laws in at least one western country which will make all ISPs record all users traffic for the purpose of stopping cybercrime. So I guess it does relate back to Silk Road, but I'm more interested in my own privacy in this case.
Sorry if this seems obvious, but I basically want to make sure my understanding is correct (or have it corrected if it isn't already.)
-
This is not specifically about Silk Road, and more about TOR in general, and I'm really just looking for some confirmation of something I already think I understand.
Am I correct in saying that with the way TOR traffic is structured and sent around the network, if your ISP is keeping track of your data usage they would at best only know that you are connecting to TOR, and not what you are looking at exactly? I ask because there are proposed laws in at least one western country which will make all ISPs record all users traffic for the purpose of stopping cybercrime. So I guess it does relate back to Silk Road, but I'm more interested in my own privacy in this case.
Sorry if this seems obvious, but I basically want to make sure my understanding is correct (or have it corrected if it isn't already.)
im pretty sure you are correct,but to make 100% certain just search this forum,theres loads and loads of info at your fingertips,
staysafe
-
Cheers mate. I thought I was on the right track and have been doing some lurking, but it's always good for my piece of mind to ask the direct question and get an answer. Thanks for your input :)
-
Cheers mate. I thought I was on the right track and have been doing some lurking, but it's always good for my piece of mind to ask the direct question and get an answer. Thanks for your input :)
is that a +1 for me then ? :)
-
Sorry, that was rude of me. Yes it is +1 :)
-
This is not specifically about Silk Road, and more about TOR in general, and I'm really just looking for some confirmation of something I already think I understand.
Am I correct in saying that with the way TOR traffic is structured and sent around the network, if your ISP is keeping track of your data usage they would at best only know that you are connecting to TOR, and not what you are looking at exactly? I ask because there are proposed laws in at least one western country which will make all ISPs record all users traffic for the purpose of stopping cybercrime. So I guess it does relate back to Silk Road, but I'm more interested in my own privacy in this case.
Sorry if this seems obvious, but I basically want to make sure my understanding is correct (or have it corrected if it isn't already.)
That is what Tor attempts to achieve, however there are several scenarios in which it may not actually work out like that. For example, if you use Tor to browse a website that is hosted by the same ISP you use, your ISP would be able to tell you are visiting that website, if they have the proper equipment and such installed anyway. Tor is pretty damn good at giving anonymity, but it actually does not prevent an attacker who can see your traffic at two different locations from linking the traffic together as being the same. This is only a huge concern if the attacker can see the traffic originate at you and end at the destination server you are sending it to though. Tor anonymity comes entirely from having a big and widely dispersed network, preventing an attacker from watching enough of the network to have a high probability of seeing your traffic at two different locations on its route from you to the server that you communicate with. However, an attacker who owns enough high bandwidth Tor nodes or who can place a few well positioned wiretaps on networks that have a lot of Tor nodes, can still deanonymize Tor users. So in summary, Tor does an excellent job of providing anonymity from attackers who add a dozen or two high bandwidth nodes to the network, or who watch traffic at a few small ISP's, but as attackers get more powerful than this it does indeed start to increasingly fail in proportion to how much of the network a given attacker can watch.
-
This is not specifically about Silk Road, and more about TOR in general, and I'm really just looking for some confirmation of something I already think I understand.
Am I correct in saying that with the way TOR traffic is structured and sent around the network, if your ISP is keeping track of your data usage they would at best only know that you are connecting to TOR, and not what you are looking at exactly? I ask because there are proposed laws in at least one western country which will make all ISPs record all users traffic for the purpose of stopping cybercrime. So I guess it does relate back to Silk Road, but I'm more interested in my own privacy in this case.
Sorry if this seems obvious, but I basically want to make sure my understanding is correct (or have it corrected if it isn't already.)
That is what Tor attempts to achieve, however there are several scenarios in which it may not actually work out like that. For example, if you use Tor to browse a website that is hosted by the same ISP you use, your ISP would be able to tell you are visiting that website, if they have the proper equipment and such installed anyway. Tor is pretty damn good at giving anonymity, but it actually does not prevent an attacker who can see your traffic at two different locations from linking the traffic together as being the same. This is only a huge concern if the attacker can see the traffic originate at you and end at the destination server you are sending it to though. Tor anonymity comes entirely from having a big and widely dispersed network, preventing an attacker from watching enough of the network to have a high probability of seeing your traffic at two different locations on its route from you to the server that you communicate with. However, an attacker who owns enough high bandwidth Tor nodes or who can place a few well positioned wiretaps on networks that have a lot of Tor nodes, can still deanonymize Tor users. So in summary, Tor does an excellent job of providing anonymity from attackers who add a dozen or two high bandwidth nodes to the network, or who watch traffic at a few small ISP's, but as attackers get more powerful than this it does indeed start to increasingly fail in proportion to how much of the network a given attacker can watch.
Thanks for the detailed response, that helps a lot mate :)
-
Most of the time they won't even know you're on Tor though because of Tor's hidden entry nodes.