Information Security
tls anonymity tor nsa deanonymization
Updated Fri, 29 Jul 2022 17:29:20 GMT

Why it bothers if someone can de-anonymize anonymous network (like Tor)?


So we all know that NSA has the ability to track down Tor, I2P and all those anonymous networks. I know it's a piece of old news, but the question always shows up in my mind. Which is why bother it? I mean all your communication is encrypted through public key cryptography even through the simplest HTTPS connection, so apparently, they can't see what you're sending through the network. So unless you're visiting know illegal website, they shouldn't be able to track you down isn't it.

Like if you're talking with your friend through FB's Messenger, let's say. There's so much traffic in and out through FB's servers, how would they be possible to identify that this traffic is between you and server and then track you down to your location by the IP exploit from the connection (as it's one of the few stuff that isn't encrypted).

If that's true, then why bother if NSA has the ability to de-anonymize Tor network. Or even simpler, why should you use Tor network there isn't any difference between standard HTTPS anymore? Plus, they still can't identify you out from that pool of connection through FB server and with a Tor it might even standout from theirs view.

Solution

So we all know that NSA has the ability to track down Tor, I2P and all those anonymous networks.

Actually we know nothing of the kind. Tor was originally TOR (The Onion Network) and was developed by U.S. Naval Research Labs (NRL) specifically to provide a mechanism that was both secure and anonymous against nation state level threats. Since then it has been maintained and enhanced by The Tor Project, Inc, a nonprofit since 2006.

Which is why bother it? I mean all your communication is encrypted through public key cryptography even through the simplest HTTPS connection, ...

In the modern digital world, secure encryption is easy but protecting content is not the primary threat mechanism. The main problem and the hard problem is protecting attribution. Knowing that A talked to B is powerful information, even though its commonly disparaged as merely meta-data. Examples are legion and include political activists, whistle blowers, or merely private information such as contacting for information on HIV or abortion or the hot topic of your choice.

There's so much traffic in and out through FB's servers, how would they be possible to identify that this traffic is between you and server and then track you down to your location by the IP exploit from the connection...

Traffic volume means nothing, this is exactly what computers do really well! Ask yourself how FB tracks and links all those individual connections? Every connection has a TO and FROM identifier. Tracking it requires nothing more that speed, its the very essence of how everything works.

Or even simpler, why should you use Tor network there isn't any difference between standard HTTPS anymore?

There is a huge difference! Without going into a lot of detail, Tor uses multiple relays in multiple countries, changing TO and FROM wrappers at each relay. Unlike a VPN, at no point does an individual Tor node know both endpoints of a connection. The server doesnt know your IP address, only that of the last (exit) Tor Node.

Its important to note that Tor provides a secure and anonymous transport mechanism. If you use it to log into a known entity like FB, you are announcing your identity. Tor is not magic, if you provide identifiers (cookies), the anonymity of transport becomes irrelevant.

Comments (2)


References