• 🇬🇧󠁿 🇸🇪 🇿🇦 🇮🇪 🇬🇭 🇩🇪 🇪🇺
    European & African
    Drug Discussion

    Welcome Guest!
    Posting Rules Bluelight Rules
  • EADD Moderators: Shambles

NSA targeted Tor users via Firefox flaw, reports say

I don't think TOR is inherently any more vulnerable than any other open-source crypto; so SSL, SSH, TLS and OpenPGP would all be broken.

It's possible that they have done that already and are sitting on it; but if they used it in earnest, everyone would know straight away. Also remember the phenomenon of parallel invention. Ideas just seem to have a Time. Besides the well-known case of the light bulb, the RSA crypto algorithm was invented more or less simultaneously here (where it was kept under wraps for years) and the USA; and even the transistor was invented around the same time in several countries. So if The Authorities do crack common crypto and use it stealthily, trying not to give away the fact that they have done so, there's nothing stopping some other hacker from cracking it and revealing it. And it wouldn't take too long.

You can capture traffic over TOR if you control enough exit nodes, since then you can see the "last hop" -- which is always going to be vulnerable to a person-in-the middle attack. If you owned a large number of exit nodes, and targeted a DDoS attack against as many others as you could manage, then you would probably be able to catch a few complete conversations. And you might find something that would give you a bit of leverage against someone.

The only people with the resources to conduct such an attack would be by definition above the law .....
 
BecomingJulie said:
there's nothing stopping some other hacker from cracking it and revealing it. And it wouldn't take too long.
Click to expand...

Some other hacker doesn't have the NSA's budget.

I doubt the transistor was simultaneously invented by one guy in a bedroom somewhere and a massive, multi-billion dollar funded agency tasked with inventing a transistor.

BecomingJulie said:
The only people with the resources to conduct such an attack would be by definition above the law .....
Click to expand...

The NSA
 
parttime crackhead said:
I doubt the transistor was simultaneously invented by one guy in a bedroom somewhere and a massive, multi-billion dollar funded agency tasked with inventing a transistor.
Click to expand...
But Bell Labs weren't trying specifically to invent the transistor. Others were experimenting with semiconductor materials around the same time, and nobody knew the specific techniques that would eventually be required; so everyone started with the same primitive equipment. Experimenters in France and Russia were achieving usable gain in the 1930s.

Anyway, with abstract maths, you don't need specialist equipment. You can prove a formula holds using a piece of chalk. The actual number-crunching might require a supercomputer, but the algebra doesn't need much in the way of resources except the right mind. And ideas have this weirdy habit of popping into several minds at about the same time.
parttime crackhead said:
The NSA
Click to expand...
Indeed; government snooping agencies were the ones to whom I was alluding.
 
BecomingJulie said:
And ideas have this weirdy habit of popping into several minds at about the same time
Click to expand...


Not weird at all really, the things that go on in all of our heads are only what they are thanks to the time we happen to have been born in. As Newton said, "if I have seen further it is by standing on the shoulders of giants"; and those "giants" are only giants because they stood on the shoulders of those who came before them. There are no giants. Just people standing on others' shoulders.
 
I never had this problem with my new tor download it doesn't use firefox.

For anyone who's struggling with PGP it cannot get any simpler than this for you. Put the vendors key in box 1, your message / address in box 2, then click encrypt, and the scramble appears in box 3, copy and paste that to your order..

http://www.igolder.com/PGP/encryption/ that is the simplest version of PGP I've ever seen and for small time purchases i'd think still perfectly fine.
 
BecomingJulie said:
I don't think TOR is inherently any more vulnerable than any other open-source crypto; so SSL, SSH, TLS and OpenPGP would all be broken.

It's possible that they have done that already and are sitting on it but if they used it in earnest, everyone would know straight away. Also remember the phenomenon of parallel invention. Ideas just seem to have a Time. Besides the well-known case of the light bulb, the RSA crypto algorithm was invented more or less simultaneously here (where it was kept under wraps for years) and the USA; and even the transistor was invented around the same time in several countries. So if The Authorities do crack common crypto and use it stealthily, trying not to give away the fact that they have done so, there's nothing stopping some other hacker from cracking it and revealing it. And it wouldn't take too long.

You can capture traffic over TOR if you control enough exit nodes, since then you can see the "last hop" -- which is always going to be vulnerable to a person-in-the middle attack. If you owned a large number of exit nodes, and targeted a DDoS attack against as many others as you could manage, then you would probably be able to catch a few complete conversations. And you might find something that would give you a bit of leverage against someone.

The only people with the resources to conduct such an attack would be by definition above the law .....
Click to expand...

chipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayochipsandmayo
 
You must log in or register to reply here.
Top