93% Of User ISP Data Including Full Capture (PCAP) Sold To Corporations Military For Deanonymizing. My Analysis And More, In Today's Video. 💎 THANKS FOR SUPPORTING THIS (SHARE THE VIDEO!) 🔗 ☕ BUY ME A COFFEE (if you like): https://buymeacoffee.com/politictech (blog at link above: click "posts")

93% Of User ISP Data Including Full Capture (PCAP) Sold To Corporations Military For Deanonymizing. My Analysis And More, In Today’s Video.

💎 THANKS FOR SUPPORTING THIS (SHARE THE VIDEO!)

🔗 ☕ BUY ME A COFFEE (if you like): https://buymeacoffee.com/politictech

(blog at link above: click “posts”)

Arthur Besse
link
fedilink
2
edit-2
2M

As with the Vice article it is based on, this video correctly observes that netflow data can deanonymize VPNs, but neither of them actually say what it can do to Tor.

But this video suggests using bridges and/or other proxies to access Tor, and implies that will help… somehow.

If you think about it logically, though, someone with access to netflow data probably has a good shot at defeating Tor whether you’re using a proxy or not. It doesn’t require netflow visibility of any of the Tor relays you’re using - all that is needed is to be able to see the source and the destination and be able to correlate flows. Or, in the common case of attributing an image or video published somewhere, adversaries don’t even need netflow data at the destination server, because the amount of data and the timestamp is already public - they just need netflow data of a population that includes the uploader.

In other words, Tor can be broken not only by a powerful “Global Passive Adversary” like the NSA, or a customer of Team Cymru’s with data from vantage points all over the world - if your adversary is just your employer or university or someone at your local ISP, Tor can also be defeated in many cases, even if you use a proxy or VPN to access it.

Netflow data is collected by most corporate and university networks today.

Despite all of that, I’m still using Tor for many things because there isn’t really a better alternative today. Tor prevents websites from knowing where I am and otherwise tracking my browsing, and unlike a VPN it doesn’t require me to record my location with an entity I maintain a persistent relationship with. But it is important to realize that Tor is not a silver bullet. Videos like this often give the impression that Tor is much stronger than it is.

N.B. because I am using Tor right now, I see that the tor-recommending author of the linked video hosts their blog on a platform that appears to block Tor (or at least is blocking the several exits i just tried…), which is unfortunate.

(edit: editing this comment in hopes that the edit causes it to federate from lemmy where i’m writing to peertube where the video is posted… oh well.)

Arthur Besse
link
fedilink
1
edit-2
2M

deleted by creator

Here to share experience in Tech, Linux & Privacy/OSINT. Our privacy is our power. Our data in others hands becomes power over us. Privacy is the singular Human Right with the power to protect all other Rights. I put focus on *Free Open Source Software*, and hardware (where it exists). I believe in the power to know what our devices are doing. Even if we never look at the sourcecode, we should have that right… Subscribe now and let’s talk about it. :)

  • 0 users online
  • 1 user / day
  • 1 user / week
  • 1 user / month
  • 2 users / 6 months
  • 4 subscribers
  • 30 Posts
  • 1 Comment
  • Modlog
  • mods: