Comment by DabbyDabberson 10 months ago
Its important to realize that TOR is primarily funded and controlled by the US Navy. The US benefits from the TOR being private.
It provides a channel for operatives to exfiltrate data out of non-NATO countries very easily.
It’s a little silly to say “for example” and then intentionally pick what is widely known as the most sophisticated and pervasive system for controlling Internet traffic ever created.
The parent said “non-NATO countries”… there are 162 of those that are not China.
(It’s also a little silly to specify “non-NATO” since U.S. intelligence services have to exfiltrate data from NATO countries too…)
To get data out of China, the U.S. undoubtedly has special systems, which are worth the special investment because it’s China.
If weight it by population and importance then China is probably in the top though.
I bet western spies spend more time on China than some micro island in the middle of the ocean. Same for Chinese spies probably focus on USA first.
Also realistically probably everyone spies everyone and they spy on those micro islands too. But priorities are clear...
If you can find TOR nodes, so can the Chinese government. They can then just block these addresses.
Furthermore, the great firewall is quite advanced, they use machine learning techniques to detect patterns, so even if it is TLS on port 443, they may be able to detect it after they have gathered enough traffic. There are workarounds of course, but it is not as simple as just using a TLS tunnel.
> the US Navy
For Tor to be effective for hiding spies it has to be used by the public. Even if it's only nefarious actors (say spies + drug dealers + terrorists) it adds noise that the adversary needs to sort through.
What I fucking hate about many of these conspiracies is how silly it is once you ever work with or for any government entities. You can't get two police agencies in neighboring cities to communicate with one another. The bureaucrats are fucking slow as shit and egotistical as fuck.
It's important to remember that the government and even a single agency (like the NSA) is just as chaotic, disconnected, and full of competing entities as any big tech company has (if not worse). Yeah, most of the NSA is focused offense, but there's groups working on defense. Those groups are 100% at odds. This is true for the 18 intelligence agencies. They have different objectives and many times they are at odds with one another and you bet each one wants to be getting credit for anything.
The US involvement should warrant suspicion and with any technology like Tor you should always be paranoid. But it's not proof. Because guess what, the US wants people in other countries to use high levels of encryption to hide from their authoritarian governments while the US can promote democracy movements and help put a friendly leader into a position of power. AT THE SAME TIME they also want to spy on their own people (and there are plenty of people in the gov that don't want this). Inconsistency is the default because it's a bunch of different people with different objectives. So the US gov both wants Tor to be secure and broken at the same time.
> It's important to remember that the government and even a single agency (like the NSA) is just as chaotic, disconnected, and full of competing entities as any big tech company has (if not worse).
And yet even as early as 2003 they were taking a copy of every single bit that ran over the AT&T backbone (https://en.wikipedia.org/wiki/Room_641A). It's amazing how effective these "chaotic, disconnected, and full of competing entities" can be. We're entirely dependent on whistleblowers willing to risk their lives and freedom to learn about what they're doing to us.
...You must be working for a different government than I've experienced. Government orgs will initially suffer from siloing problems, but once a synergy is uncovered it tends to get leveraged hard after a while. Remember: when it comes down to it, the difference between government reach, and everyone else, is really just who you can communicate with smoothly.
Now things like SCI are things; but there are ways to handle that too. It's more a slowing force than a stopper.
> The US benefits from the TOR being private.
Slight correction: The US benefits from TOR being private to _everyone but the US_
everybody does such shenanigans, bro.
you don't have to be a major power to do such stunts.
everybody and their uncle are already doing it. look into your life to see the truth of this.
I dont see how TOR is better than just spinning up a server on the public cloud for each asset. Since each asset would have a different IP they couldnt use one assets knowledge to catch the others. Non-NATO countries tend to monitor internet traffic and so would know if you access TOR.
Servers in the public cloud are a lot easier to do traffic analysis on.
Each server is only used by a single operative though, how do you even find which IP to analyze? The story with Tor and espionage is that if an asset connected to cia website the gov which monitors internet access would know they went to the site. Even if its not a public site they just need to have one operative defect and tell them the site and they can catch all the other operatives who use it. But if everyone connects to a different IP I dont see how traffic analysis helps you discover you is connecting with the cia.
> But if everyone connects to a different IP I dont see how traffic analysis helps you discover you is connecting with the cia.
I assume that they're connecting multiple times with the CIA - it's not just a one and done drop. That's trivial to look at - if you see someone connecting repeatedly to an IP address that doesn't associate with any known website/service and you see them do it consistently then that's suspicious.
Maybe if the IP addresses rotated it wouldn't be as noticeable, but if you're going over the clearnet then you can't disguise the IP address you're connecting to (short of proxies but then you're giving up the IP address of the proxies).
If the government is going after anyone who connects to an unknown IP Tor isn’t safe either
You know what else was funded by the US government? Computers, the Internet and GPS. Also Signal (via OTF funded by Congress).
> It provides a channel for operatives to exfiltrate data out of non-NATO countries very easily.
I'm not convinced this is the case. For example China's gfw has been very effective at blocking TOR traffic, and any TOR connection in other countries is like announcing to the government that you are suspicious.