14-07-2009, 11:57 AM
Tor now has another, potentially VERY subversive, capability which the spooks are no doubt nervous about. It provides tools to set up a hidden TCP/IP service. That is a service (eg a web site or messaging service) whose host machine IP address - and hence whoever controls it - cannot be traced using conventional snooping forensics. Such a site operates as a 'localhost' service on the host machine. Briefly, Tor auto-generates an encrypted public key for the host location and broadcasts it to the Tor network. This allows any Tor user who knows the public key to access the service whilst keeping the location of the host itself securely hidden. Whilst various convoluted forensics are available to spooks trying to find such a service operator, 'Ping', 'Tracert', 'Whois' and their complex derivative tools are of no use whatsoever, making the task much more difficult.
It is also possible to set the service up on a securely encrypted 'Truecrypt' hidden volume. It would be impossible to prove that a particular machine was in fact the host for such a service unless analysis of the machine were carried out whilst the Truecrypt hidden volume was actually mounted - 'plausible deniability' being one of Truecrypt's' major strengths.
So now - for example - OBL's orders could be broadcast to his acolytes from a desk-top machine in - wherever - and the spooks would have a tough time figuring out:
1. That anything IS being broadcast by OBL in the first place
2. That anyone is actually accessing said broadcasts, much less who they are.
3. Whether the service machine is in downtown NYC or Timbuktu.
Not that they need any such knowledge you understand, since they are quite capable of manufacturing it to their own ends anyway. But you get the drift.
Neat eh?
It is also possible to set the service up on a securely encrypted 'Truecrypt' hidden volume. It would be impossible to prove that a particular machine was in fact the host for such a service unless analysis of the machine were carried out whilst the Truecrypt hidden volume was actually mounted - 'plausible deniability' being one of Truecrypt's' major strengths.
So now - for example - OBL's orders could be broadcast to his acolytes from a desk-top machine in - wherever - and the spooks would have a tough time figuring out:
1. That anything IS being broadcast by OBL in the first place
2. That anyone is actually accessing said broadcasts, much less who they are.
3. Whether the service machine is in downtown NYC or Timbuktu.
Not that they need any such knowledge you understand, since they are quite capable of manufacturing it to their own ends anyway. But you get the drift.
Neat eh?
Peter Presland
".....there is something far worse than Nazism, and that is the hubris of the Anglo-American fraternities, whose routine is to incite indigenous monsters to war, and steer the pandemonium to further their imperial aims"
Guido Preparata. Preface to 'Conjuring Hitler'[size=12][size=12]
"Never believe anything until it has been officially denied"
Claud Cockburn
[/SIZE][/SIZE]
".....there is something far worse than Nazism, and that is the hubris of the Anglo-American fraternities, whose routine is to incite indigenous monsters to war, and steer the pandemonium to further their imperial aims"
Guido Preparata. Preface to 'Conjuring Hitler'[size=12][size=12]
"Never believe anything until it has been officially denied"
Claud Cockburn
[/SIZE][/SIZE]