Delivery-Date: Tue, 07 Oct 2014 11:43:08 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 071691E0BF2;
	Tue,  7 Oct 2014 11:43:06 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 7F47F31171;
	Tue,  7 Oct 2014 15:43:01 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id BCB0931134
 for <tor-talk@lists.torproject.org>; Tue,  7 Oct 2014 15:42:57 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Ip7_PtxXN-Kc for <tor-talk@lists.torproject.org>;
 Tue,  7 Oct 2014 15:42:57 +0000 (UTC)
Received: from jessica.everdot.org (unknown [IPv6:2001:470:1f0b:1c12::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 7340231006
 for <tor-talk@lists.torproject.org>; Tue,  7 Oct 2014 15:42:56 +0000 (UTC)
Received: from mail.everdot.org (primail.everdot.org [IPv6:2001:470:dc2e:5::2])
 (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by jessica.everdot.org (Postfix) with ESMTPS id 4B4D0FA06CE
 for <tor-talk@lists.torproject.org>; Tue,  7 Oct 2014 17:42:52 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
 by mail.everdot.org (Postfix) with ESMTP id 1850F912322F
 for <tor-talk@lists.torproject.org>; Tue,  7 Oct 2014 17:42:52 +0200 (CEST)
X-Virus-Scanned: amavisd-new at everdot.org
Received: from mail.everdot.org ([127.0.0.1])
 by localhost (everdot.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id WPpidUEBozZA for <tor-talk@lists.torproject.org>;
 Tue,  7 Oct 2014 17:42:45 +0200 (CEST)
Received: from meilong (unknown [IPv6:2001:470:dc2e:2:19f6:9140:c7e1:56ed])
 (using SSLv3 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mail.everdot.org (Postfix) with ESMTPSA id 573A49122DF9
 for <tor-talk@lists.torproject.org>; Tue,  7 Oct 2014 17:42:45 +0200 (CEST)
Date: Tue, 7 Oct 2014 17:42:40 +0200
From: =?ISO-8859-1?B?1nl2aW5k?= Saether <oyvinds@everdot.org>
To: tor-talk@lists.torproject.org
Message-ID: <20141007174240.10e76ebc@meilong>
In-Reply-To: <N1-fSah43VDuP@Safe-mail.net>
References: <N1-fSah43VDuP@Safe-mail.net>
X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.24; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Subject: Re: [tor-talk] isp monitoring tor
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============7248292235234282863=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

--===============7248292235234282863==
Content-Type: multipart/signed; micalg=PGP-SHA1;
 boundary="Sig_/XAREz7RcMtCk.FmN0_Z/vG3"; protocol="application/pgp-signature"

--Sig_/XAREz7RcMtCk.FmN0_Z/vG3
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

> Sure, I understand what you mean. I'm assuming a situation that
> doesn't involve legal issues. This would be illegal surveillance,
> using average resources with your ISP supporting it for some reason.
> I think Tor would be able to handle this type surveillance if used
> correctly.
>=20
> I would like to know what their procedure would be outside of
> monitoring ExitNodes. How much effort it would be to examine the
> packets and get any useful information.

I am personally NOT convinced Tor handles this kind of surveillance at
all but it depends on the threat model.

This is mine:

All (border-crossing) digital communications are by law required to be
routed through the FRA corporation[1]. This is done by my ISP and all
local ISPs because they are required to do so by law.

This means that FRA is able to monitor all end-users and all websites
and Internet services hosted within the Iron Curtain.

Is it possible that they could see that this particular pile of data
went out from webservice X and a similar pile of traffic went to
customer X? There is no way to know for sure.

You should assume that they are monitoring all ExitNodes. The local
situation is that they do not need to monitor ExitNode because they get
to see everything going from out from an ExitNode and into this country
anyway.

Using Tor makes it slightly harder for them and that is a good thing.
Just don't blindly assume they can not at minimum see parts of your
traffic because that is likely wrong.

One last little detail: I am talking about legal, mandated
surveillance. What is and is not legal in your country may also change.
I personally stopped caring about what is and is not legal a long time
ago, the local regime does not care at all. The only thing that does
matter is that you do not irritate anyone to the point where they
decide to take action against you.

[1] http://fra.se/

--Sig_/XAREz7RcMtCk.FmN0_Z/vG3
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlQ0CfMACgkQNBSJHnwv/KqxUgCglYlwOhsG2HLgOTL4Wj5HFlxc
H74AoLrU1nZjt4G9DLra+O1Dum490ffV
=q9KC
-----END PGP SIGNATURE-----

--Sig_/XAREz7RcMtCk.FmN0_Z/vG3--

--===============7248292235234282863==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============7248292235234282863==--

