Links

Ben Laurie blathering


Why I Don’t Trust Tor

I’ve been widely quoted as saying

“I would not trust my life or even my liberty to Tor”

in a New Scientist article on WikiLeaks. I said this because low-latency systems such as Tor are susceptible to traffic analysis by a strong adversary (such as, say, a government). If I were a dissident in a country with an evil government I would not rely on Tor to protect me from that government. Actually, I should rephrase that: if I were a dissident I would not rely on Tor to protect me.

This is not to say WikiLeaks expects you to rely on Tor, I was commenting in general about the security of Tor, not about the security of WikiLeaks (in the absence of a detailed design, I can’t comment on that).

2 Comments

  1. I guess the natural question to follow is: are there things you would trust to TOR?

    Comment by Ben Hyde — 16 Jan 2007 @ 15:42

  2. The Tor developers agree — http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#China

    Though Roger Dingledine did speak more on this topic at 23C3 (I wasn’t at his talk, so can’t coment on it)

    Comment by Danny — 17 Jan 2007 @ 20:22

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress