Donate for the Cryptome archive of files from June 1996 to the present

21 March 2014

Compromised Comsec, Sys Admin Hunters and Tor


2014-0467.pdf  NSA Hunt Sysadmins  March 20, 2014 (1.2MB)

Note: The Intercept's redaction of sys admin hunting techniques from the document above is ridiculous. These techniques have been long known and applied.

Sys admins catch you hunting them and arrange compromises to fit your demands so you can crow about how skilled you are. Then you hire them after being duped as you duped to be hired.

The lead Tor designer reportedly (via Washington Post) had a session with NSA to brief on how to compromise it, although "compromise" was not used nor is the word used by gov-com-org-edu.

[A sends link to Tor Project version:]

Not many honest comsec wizards nowadays are promising more than compromised comsec, and the compromise is gradually increasing as Snowden material is dribbled out to convince the public and wizards not a hell of a lot can be done about it except believe in and buy more compromised comsec.

Not news here (comsec lists) and in comsec wizard-land, to be sure, but compromised comsec is the industry standard, as the industry and its wizards in and out of government enjoy the boom and bust in comsec tools generated by precursors of Snowden, Snowden and his successors.

Compromisability is assumed by the comsec industry to be a fundamental feature in all nations, no need to advertise it, much better to advertise how great comsec is and now much it is needed. Crypto-wizards have a long history of compromising believers who hire them and who suffer their promises of highly trusted protection.

Trusted comsec is necessary to get persons to pack their comms with compromisable information. The greater the trust the greater the revelations of just what is desired.

So what if laws are aleays jiggered to allow access to the revelations "under legal pressure" and "FISC orders." That has been a fundamental feature of crypto and comsec wizardry.

The marriage of flexible legal protections and malleable comsec is a venerable dynasty of compromise.

At 06:04 AM 3/21/2014, you wrote:

Hi there,

As I am running a local cryptoparty and do a lot of basic encryption/privacy

talks and workshops, I am often recommending Tor as one of the means of

protecting one's privacy and yes, even security (for example, by running a

hidden service and making it possible for users not to leave the darknet).

Of course it's far from being enough, and I make that very clear.

But lately I got to wonder if using Tor does more harm than good? If the NSA

can impersonate any IP on the planet, they can impersonate any Tor node; tis

has two important consequences:

1. they know when you're using Tor, and can flag you accordingly, and (for

example) deliver some nastiness when (not "if"!) they get the chance,

because "when you have something to hide..."

2. they can guess with high probability whom are you communicating with; they

don't have to break encryption, it's enough they listen-in and see that a

Tor packet from your IP to Node A is x bytes; a packet from Node A to Node

B is x-( header + Tor encryption layer size ) bytes, and so on.

So, is using Tor today doing more harm than good? Would ordinary Joe Schmoes

be far better of not using Tor? How about more high-profile targets, like

activists/hacktivists, etc?