Tor Fails to Protect Again

Yesterday news broke that the use of Tor helped to incriminate someone for being a jackass. Tor since October has been revealed to be an abysmal tool for running a drug enterprise and now seems to be unfit for the humble task of generally being a nuisance. Of course write ups on the story mention how just having a few things done differently could have helped to prevent this arrest. Maybe that is true and much of Tor isn't just a giant honeypot. The moral here is that no single tool, especially when used without an understanding of that tool's limitations, is going to be able to serve as a magic bullet.

5 thoughts on “Tor Fails to Protect Again

  1. The Tor Project has admitted that "Tor alone is not enough to protect your anonymity and privacy while browsing the web." You must take added steps to ensure you are anonymous. There are countless articles about OPSEC and protecting anonymity on the web. If one is inclined to need anonymity they should take the time to learn how to be.

    I wouldn't call this a failure on Tor's part. Tor is simply a means of connecting to a network. It's how you use that network that keeps you safe.

    • You have some strong points here, and in this particular case there was a lot of things the user could have done better.

      I post these Tor failures though to counter the saccarine sweetness many people who evangelize Tor spread where all of a sudden Tor becomes some sort of magic. That sort of blind evangalism pushing people towards a shiny promising tool merely encourages use without understanding.

      • After commenting I did go around and look at more of your Tor Fails.

        I agree people start using these sorts of technologies without the proper knowledge of how to use them safely.

        • Well, this is the one that made me go back and do a tag for it. This case was clearly one of user error. Some though like the Silk Road may actually have involved more in the way of observing traffic on the Tor network over time, and having a case of parallel construction be the one actually presented to the courts.

          Then there's the odd failures Google analytics and other really common web stuff routinely breaking out of Tor's tunnels.

Leave a Reply

Your email address will not be published. Required fields are marked *