> The Tor design doesn't try to protect against an attacker who can see or measure both traffic going into the Tor network and also traffic coming out of the Tor network. That's because if you can see both flows, some simple statistics let you decide whether they match up. Because we aim to let people browse the web, we can't afford the extra overhead and hours of additional delay that are used in high-latency mix networks like Mixmaster or Mixminion to slow this attack. That's why Tor's security is all about trying to decrease the chances that an adversary will end up in the right positions to see the traffic flows.
Well yeah, that sucks. Correlation attacks are a real threat. If an adversary controls both entry and exit, they can correlate. I personally don't think NSA are doing it (yet!) but that's a speculation. I still claim your statement is incorrect:
> It doesn't mention that the u.s government can in very high likelihood de-anonimize users , sometimes even without cooperation from foreign governments , and sometimes even ISP's can do that.
Correlation attacks are a real threat but if they are "high likelihood" it only depends on your path selection and use case. Rotate your paths, don't use bittorrent, choose entry and exit points wisely.
> A somewhat pessimistic view would probably say ...
A somewhat optimistic view would say: the tools are there, use them, use them wisely! Using tor is still _so much_ better for anonymity than pretty much anything else.
http://cryptome.org/2013/08/tor-users-routed.pdf
And from 2009:
https://blog.torproject.org/blog/one-cell-enough
> The Tor design doesn't try to protect against an attacker who can see or measure both traffic going into the Tor network and also traffic coming out of the Tor network. That's because if you can see both flows, some simple statistics let you decide whether they match up. Because we aim to let people browse the web, we can't afford the extra overhead and hours of additional delay that are used in high-latency mix networks like Mixmaster or Mixminion to slow this attack. That's why Tor's security is all about trying to decrease the chances that an adversary will end up in the right positions to see the traffic flows.
Well yeah, that sucks. Correlation attacks are a real threat. If an adversary controls both entry and exit, they can correlate. I personally don't think NSA are doing it (yet!) but that's a speculation. I still claim your statement is incorrect:
> It doesn't mention that the u.s government can in very high likelihood de-anonimize users , sometimes even without cooperation from foreign governments , and sometimes even ISP's can do that.
Correlation attacks are a real threat but if they are "high likelihood" it only depends on your path selection and use case. Rotate your paths, don't use bittorrent, choose entry and exit points wisely.
> A somewhat pessimistic view would probably say ...
A somewhat optimistic view would say: the tools are there, use them, use them wisely! Using tor is still _so much_ better for anonymity than pretty much anything else.