https://www.linkedin.com/pulse/4-types-attacks-tor-network-de-anonymize-
users-arun-kl

On Wed, 6 Mar 2024 10:50:14 +0100 (CET), Logram <logram@nowhere.org> said:

> https://www.linkedin.com/pulse/4-types-attacks-tor-network-de-anonymize-users-arun-kl

Is It Possible To De-Anonymize a Tor User?
To conclude the answer to this question. De-anonymizing Tor users aren’t
just theoretical. The governments have caught many Tor users and detained
them for illegal activities. One such example is silk road an online dark
website hosted in 2011 by Ross Ulbricht to trade illegal drugs. According
to Edward Snowden, it is never possible to de-anonymize all Tor users at
once. But, with manual analysis, it is possible to de-anonymize a very
small fraction of Tor users. Till now, no success has been seen in
de-anonymizing a user based on the request or demand.

Bringing up Ross Ulbricht is a red-herring. Ulbricht was found due to his
use of a Gmail account in his own name: rossulbricht@gmail.com. This account
was linked to an nym he used (altoid) to advertise Silk Road early on.

The majority of illicit market operators and vendors have been busted using
similar methods -- another case in point:

Feds say alleged AlphaBay operator Alexandre Cazes welcomed users
to the dark web drug market with a message that included the email
address "Pimp_Alex_91@hotmail.com."

https://www.vice.com/en/article/zmv535/alleged-dark-web-kingpin-doxed-himself-with-his-personal-hotmail-address

Stainless Steel Rat

On 06/03/2024 15:12 Stainless Steel Rat <Use-Author-Supplied-Address-Header@[127.1]>
wrote:
> On Wed, 6 Mar 2024 10:50:14 +0100 (CET), Logram <logram@nowhere.org> said:
>
>> https://www.linkedin.com/pulse/4-types-attacks-tor-network-de-anonymize-users-arun-kl
>
> Is It Possible To De-Anonymize a Tor User?
>
> To conclude the answer to this question. De-anonymizing Tor users aren?t
> just theoretical. The governments have caught many Tor users and detained
> them for illegal activities. One such example is silk road an online dark
> website hosted in 2011 by Ross Ulbricht to trade illegal drugs. According
> to Edward Snowden, it is never possible to de-anonymize all Tor users at
> once. But, with manual analysis, it is possible to de-anonymize a very
> small fraction of Tor users. Till now, no success has been seen in
> de-anonymizing a user based on the request or demand.
>
> Bringing up Ross Ulbricht is a red-herring. Ulbricht was found due to his
> use of a Gmail account in his own name: rossulbricht@gmail.com. This account
> was linked to an nym he used (altoid) to advertise Silk Road early on.
>
> The majority of illicit market operators and vendors have been busted using
> similar methods -- another case in point:
>
> Feds say alleged AlphaBay operator Alexandre Cazes welcomed users
> to the dark web drug market with a message that included the email
> address "Pimp_Alex_91@hotmail.com."
>
> https://www.vice.com/en/article/zmv535/alleged-dark-web-kingpin-doxed-himself-with-his-personal-hotmail-address
>
> Stainless Steel Rat
>

I once read about this illegal CP website which had literally hundreds of thousands (!) of registered users. The location of the Tor server was uncovered and several suspects were apprehended. However, they only managed to arrest a handful of the visitors to the web site.

To me this sounds like Tor is safe, most of the time.

On Wed, 6 Mar 2024, The Running Man wrote:

>
> On 06/03/2024 15:12 Stainless Steel Rat <Use-Author-Supplied-Address-Header@[127.1]>
> wrote:
>> On Wed, 6 Mar 2024 10:50:14 +0100 (CET), Logram <logram@nowhere.org> said:
>>
>>> https://www.linkedin.com/pulse/4-types-attacks-tor-network-de-anonymize-users-arun-kl
>>
>> Is It Possible To De-Anonymize a Tor User?
>>
>> To conclude the answer to this question. De-anonymizing Tor users aren?t
>> just theoretical. The governments have caught many Tor users and detained
>> them for illegal activities. One such example is silk road an online dark
>> website hosted in 2011 by Ross Ulbricht to trade illegal drugs. According
>> to Edward Snowden, it is never possible to de-anonymize all Tor users at
>> once. But, with manual analysis, it is possible to de-anonymize a very
>> small fraction of Tor users. Till now, no success has been seen in
>> de-anonymizing a user based on the request or demand.
>>
>> Bringing up Ross Ulbricht is a red-herring. Ulbricht was found due to his
>> use of a Gmail account in his own name: rossulbricht@gmail.com. This account
>> was linked to an nym he used (altoid) to advertise Silk Road early on.
>>
>> The majority of illicit market operators and vendors have been busted using
>> similar methods -- another case in point:
>>
>> Feds say alleged AlphaBay operator Alexandre Cazes welcomed users
>> to the dark web drug market with a message that included the email
>> address "Pimp_Alex_91@hotmail.com."
>>
>> https://www.vice.com/en/article/zmv535/alleged-dark-web-kingpin-doxed-himself-with-his-personal-hotmail-address
>>
>> Stainless Steel Rat
>>
>
> I once read about this illegal CP website which had literally hundreds of thousands (!) of registered users. The location of the Tor server was uncovered and several suspects were apprehended. However, they only managed to arrest a handful of the visitors to the web site.
>
> To me this sounds like Tor is safe, most of the time.
>

I think when considering the power of the state against one individual on
tor, it should be pretty obvious that it is not enough. The main value is
that it has to be good enough to not make it worthwhile for the state to
go after most people there. But high value targets, rest assured, will be
found. It will only be a matter of time.

On 07/03/2024 10:07 D <nospam@example.net>
wrote:
>
>
> On Wed, 6 Mar 2024, The Running Man wrote:
>
>>
>> On 06/03/2024 15:12 Stainless Steel Rat <Use-Author-Supplied-Address-Header@[127.1]>
>> wrote:
>>> On Wed, 6 Mar 2024 10:50:14 +0100 (CET), Logram <logram@nowhere.org> said:
>>>
>>>> https://www.linkedin.com/pulse/4-types-attacks-tor-network-de-anonymize-users-arun-kl
>>>
>>> Is It Possible To De-Anonymize a Tor User?
>>>
>>> To conclude the answer to this question. De-anonymizing Tor users aren?t
>>> just theoretical. The governments have caught many Tor users and detained
>>> them for illegal activities. One such example is silk road an online dark
>>> website hosted in 2011 by Ross Ulbricht to trade illegal drugs. According
>>> to Edward Snowden, it is never possible to de-anonymize all Tor users at
>>> once. But, with manual analysis, it is possible to de-anonymize a very
>>> small fraction of Tor users. Till now, no success has been seen in
>>> de-anonymizing a user based on the request or demand.
>>>
>>> Bringing up Ross Ulbricht is a red-herring. Ulbricht was found due to his
>>> use of a Gmail account in his own name: rossulbricht@gmail.com. This account
>>> was linked to an nym he used (altoid) to advertise Silk Road early on.
>>>
>>> The majority of illicit market operators and vendors have been busted using
>>> similar methods -- another case in point:
>>>
>>> Feds say alleged AlphaBay operator Alexandre Cazes welcomed users
>>> to the dark web drug market with a message that included the email
>>> address "Pimp_Alex_91@hotmail.com."
>>>
>>> https://www.vice.com/en/article/zmv535/alleged-dark-web-kingpin-doxed-himself-with-his-personal-hotmail-address
>>>
>>> Stainless Steel Rat
>>>
>>
>> I once read about this illegal CP website which had literally hundreds of thousands (!) of registered users. The location of the Tor server was uncovered and several suspects were apprehended. However, they only managed to arrest a handful of the visitors to the web site.
>>
>> To me this sounds like Tor is safe, most of the time.
>>
>
> I think when considering the power of the state against one individual on
> tor, it should be pretty obvious that it is not enough. The main value is
> that it has to be good enough to not make it worthwhile for the state to
> go after most people there. But high value targets, rest assured, will be
> found. It will only be a matter of time.

That's just your opinion. There's no proof that this is actually the case.

On Thu, 7 Mar 2024, The Running Man wrote:

>
> On 07/03/2024 10:07 D <nospam@example.net>
> wrote:
>>
>>
>> On Wed, 6 Mar 2024, The Running Man wrote:
>>
>>>
>>> On 06/03/2024 15:12 Stainless Steel Rat <Use-Author-Supplied-Address-Header@[127.1]>
>>> wrote:
>>>> On Wed, 6 Mar 2024 10:50:14 +0100 (CET), Logram <logram@nowhere.org> said:
>>>>
>>>>> https://www.linkedin.com/pulse/4-types-attacks-tor-network-de-anonymize-users-arun-kl
>>>>
>>>> Is It Possible To De-Anonymize a Tor User?
>>>>
>>>> To conclude the answer to this question. De-anonymizing Tor users aren?t
>>>> just theoretical. The governments have caught many Tor users and detained
>>>> them for illegal activities. One such example is silk road an online dark
>>>> website hosted in 2011 by Ross Ulbricht to trade illegal drugs. According
>>>> to Edward Snowden, it is never possible to de-anonymize all Tor users at
>>>> once. But, with manual analysis, it is possible to de-anonymize a very
>>>> small fraction of Tor users. Till now, no success has been seen in
>>>> de-anonymizing a user based on the request or demand.
>>>>
>>>> Bringing up Ross Ulbricht is a red-herring. Ulbricht was found due to his
>>>> use of a Gmail account in his own name: rossulbricht@gmail.com. This account
>>>> was linked to an nym he used (altoid) to advertise Silk Road early on.
>>>>
>>>> The majority of illicit market operators and vendors have been busted using
>>>> similar methods -- another case in point:
>>>>
>>>> Feds say alleged AlphaBay operator Alexandre Cazes welcomed users
>>>> to the dark web drug market with a message that included the email
>>>> address "Pimp_Alex_91@hotmail.com."
>>>>
>>>> https://www.vice.com/en/article/zmv535/alleged-dark-web-kingpin-doxed-himself-with-his-personal-hotmail-address
>>>>
>>>> Stainless Steel Rat
>>>>
>>>
>>> I once read about this illegal CP website which had literally hundreds of thousands (!) of registered users. The location of the Tor server was uncovered and several suspects were apprehended. However, they only managed to arrest a handful of the visitors to the web site.
>>>
>>> To me this sounds like Tor is safe, most of the time.
>>>
>>
>> I think when considering the power of the state against one individual on
>> tor, it should be pretty obvious that it is not enough. The main value is
>> that it has to be good enough to not make it worthwhile for the state to
>> go after most people there. But high value targets, rest assured, will be
>> found. It will only be a matter of time.
>
> That's just your opinion. There's no proof that this is actually the case.

Plenty of people with businesses on darknet that have gotten caught. And
actually, if you are serious about your threat model, it is tor that have
to prove they are safe, not the other way around.

If you're interested, but I doubt you are, a search for tor and
vulnerability should give you plenty to read.