First thing anyone should do is get an openwrt comptable router and encrypt your dns. Also stahp using windows and macosx.

Thoroughly sound advice. Especially about the router -- Hacking routers is way cheaper (in terms of risk of exposure) than hacking PCs. Get that backdoored shitty firmware off your routers people. And stahping with the closed-source OSes is good too. Though those aren't backdoored as cheaply and as all the time as routers. But still, even your hacked router can't peer into a secure conection, and they can't peer into Tor. They sure can collect timing and bandwidth data though, which brings us to your next point -

They can fingerprint your browser.

Can they? It's certainly not by measuring bandwidth and latency. I'm a web developer, so I know my way around web browsers. The default Tor browser goes a long way to defingerprint its requests.

Beyond that, interrogative fingerprinting (with Javascript for example), is only possible when someone's interfering with the connection to inject data.

This is trivial and undetectable to do for an unencrypted connection (http) but very expensive for well-encrypted connections (https with a good cipher suite choice). I say "expensive" rather than "impossible" because servers can be compromised directly, and then work to deanonymize their users. This is not something Tor can help with, but Tor can probably be used to deanonymize Hidden Services. This can be done with Denial of Service attacks that are visible to the public -- that is, it's hard to do it covertly, and it's hard to do it without being noticed. Besides, Tor provides connection anonymity, it makes no guarantees that you should trust the server.

What they can fingerprint -- or more accurately, footprint -- is your browsing history. That's why I advise not mixing regular browsing with your Tor activities that are unique to you. Sometimes I search for things I'd never care about on Tor just to mess with their history analyzers.

Another thing: currently, Tor connections are dinstinguishable from TLS (https) connections, but this is basically a bug, and is going to be fixed in future versions. You will be able to run Tor over https, and it will look indistinguishable from an encrypted web browsing session. This is because encrypted data is opaque, but there's a slight difference in the way Tor initiates its encryption. That's what gives it away.

packet staining

Ah, yes. It's important for security to use an adblocker. It's more than just removing ads.

These things demonstrate to me that the NSA doesn't have a backdoor to Tor specifically, unlike some out there (Yasha Levine, Pearse Redmond, etc.) believe. They're having to work around the security of the Tor network itself, because it appears to provide what it promises -- connection anonymity. And all you need to do to thwart traffic analysis attacks is to run Tor with cover traffic, most helpfully by being a relay.

also let's remember that if TOR relies on not being able to see all the nodes,and sadly if they do have the capability that is rumored,that means they might be able to see all the nodes

I do wonder how much one can do even by seeing the whole network, as all internal links are encrypted and have some amount of cover traffic for any given connection. Still, Tor is a low-latency network, which means it does not take active measures to combat traffic pattern analysis. This is why I recommend cover traffic (downloading some youtube video, porn, etc) while doing something you want to remain anonymous. It might be helpful, and I don't think it hurts...

any of you care to comment on if it's true they can break asymmetrical encryption?

Given how badly they want the keys, I'd say most asymmetrical encryption is safe. That is, they might be able to shave a few bits off of a brute force attack, but they can't outright break RSA or Elliptic Curve crypto. There are probably some weak curves in the NIST standard though, and some bad RSA initialization parameters. Also, they probably knew about things like Heartbleed, so it's still very important for content providers to stay up-to-date on security bulletins.

But I'm pretty sure the math is sound.

The only slight problem i see with it all,is they usually have their hands in getting these standards put out there

It's a good idea to move away from NIST standards. I myself like the stuff Daniel Bernstein's been working on: thinks like the 25519 Elliptic Curve. He and other crypto-minded folks (like Bruce Schneier) really don't trust the NIST standards these days, because many of them do not fully elaborate on the method of picking constants. (all crypto schemes have built-in constants, some make the crypto breakable, others make it secure. This is especially true with elliptic curves.)

they are usually actively involved in being architects for crypto standards

They've been weakening them lately, but let's remember that the NSA has also secretly strengthened security before. Back when they were equal parts SIGINT and COMSEC, back in the cold war days. Check out the history of the DES cipher. They strengthened it against differential cryptanalysis without explaining, but they also promoted a weakened key size that made it crackable for them. It's pretty weird shit.

The Equation Group

It's the work of the NSA's Tailored Access Ops. It's damned clever, but if you're not using Windows, there are ways to mitigate it. If you drive is encrypted through software (dm-crypt or truecrypt) -- and if your boot partition is encrypted as well, and you checksum the bootloader to make sure it hasn't been modified before entering yor password, there's not much this Equation Group firmware hack can do. You could also boot from a read-only USB key, or if you're really paranoid, from a finished burned CD.

The most important thing to realize is that for every measure they take, we have countermeasures. The panopticon is fundamentally, mathematically, physically unsustainable.

Awesome. That's exactly why I posted this thread. A curious intersection of knowledge bases in a curious place.

I studied quantum computing at a graduate level (I also studied cryptography, if you hadn't guessed). Fast implementations of Quantum Computing do indeed break a lot of currently used asymmetric crypto (RSA, Diffie -Hellman, most Elliptic Curves). Fortunately, quantum-computing-resistant asymmetric crypto has already been developed: there's SIDH ( https://en.wikipedia.org/wiki/Supersingular_Isogeny_Key_Exchange ) for example. There's a good rundown at https://en.wikipedia.org/wiki/Post-quantum_cryptography .

My worst-case reasonable scenario guess (assuming no alien technology, but assuming Moore's Law holds for quantum computers -- which is a very lofty assumption), the NSA has quantum computers that run as fast as the mainframes of the 50s. That might be usable to break some small-key-size encryption, but nothing serious (RSA>2048bits, Elliptic curves > 256 bits), and certainly not en masse.

As for Snowden being a limited hangout, i think this is only partly true. see my take on the situation if you're interested: https://www.reddit.com/r/conspiracy/comments/2l7wge/hi_james_corbett_of_corbettreport.com_here._ama/clt71ub?context=3

Basically, we're seeing a high-level "friendly" conflict between elites aligned with SIGINT and the ones banking on COMSEC + psyops, plus a bout for the power to blackmail.

Linux does not leak DNS....Its been like that for years.

It's not about DNS leaks here, it's about having a hostile machine on your network that all your data goes through. Routers are the most backdoored things out there. Read up on the link /r/abdullar_boogers posted: http://cryptome.org/2013/12/Full-Disclosure.pdf

If you use Linux, who wants to waste money on a new router and encrypt your DNS?

You don't need to waste money. Chances are, your router can be flashed with open-source firmware at zero cost. Take a look at https://en.wikipedia.org/wiki/List_of_wireless_router_firmware_projects for a firmware that probably works for your router. The bonus is the open-source stuff is usually easier to use and more functional than the corporate stuff.

You misunderstood. It's important to prevent DNS leaks, but that's not the purpose of installing open-source firmware on your router. The purpose is to ensure you don't have a hostile machine on your network.

Both things are important. DNS Leak = caught, and hostile router = caught. Security these days means staying safe on multiple fronts. Secure OS, secure DNS, and secure router and some of the most important ones.

You don't understand -- the NSA has complete, trivial access to your router if you don't run open-source firmware. Especially the shit Verizon, Time Warner, Cogent and the like bundle. They don't enter by hacking the wireless network, there are backdoors and hacks galore for default firmware in routers, because it's such an easy and low-security target.

I don't think you looked at it, so I advise you to at least skim through this document: http://cryptome.org/2013/12/Full-Disclosure.pdf

Talk about a late reply...

The router is more than "a tool to connect to the webz"

Access to a router means access to your LAN. Means each of your computers can be probed for available vulnerabilities and commanded directly. Means you must firewall and harden every machine on your network as though they are directly connected to the internet.

The router also observes all incoming and outgoing traffic, and can be used for traffic timing attacks on Tor and other anonymizing tools. So if your router is compromised, it's very easy to deanonymize you even if you use all other proper precautions.

So stay safe out there! Run open source router firmware!

What if the act of watching makes you a target? Would you not wish to watch anonymously?

I think content consumers (clients) have their anonymity preserved through proper use of Tor. Content producers (servers), especially the popular ones -- Hidden Services -- are vulnerable to long-term deanonymization attacks.

The best way to use Tor is for specific types of browsing patters that you'd wish to exclude from your regular browsing. Definitely don't check your gmail while looking through things you want to stay anonymous for.

I'm more interested in the questions and insight /r/conspiracy has on this, but yes, there's /r/tor ...

That noise is indeed useful. It's useful for others, but it's also useful for you, since now if you suddenly want to use Tor for something you'd really want to do anonymously, you already have cover traffic so as to not single out your occasional Tor use.

a distraction from people who really need cover, like political dissidents or journalists

Yep. Just keep in mind, you're providing cover for everyone that uses the system. That means the activists and the CIA spies, but also probably the NSA data exfiltrators, and the child porners, and organized crime botnets.

I mean, it's still totally worth it in my opinion, I just wanted to mention that you can't be selective about who you provide cover for. Strange as it may seem, it's either Anonymity for All (who want it), or No Anonymity at All.

You misunderstood. It's important to prevent DNS leaks, but that's not the purpose of installing open-source firmware on your router. The purpose is to ensure you don't have a hostile machine on your network.

Both things are important. DNS Leak = caught, and hostile router = caught. Security these days means staying safe on multiple fronts. Secure OS, secure DNS, and secure router and some of the most important ones.