>Does anybody knows how one can be sure that he is in the legitimate Tor network and not a fake one?
I'm a bit uncertain that document is completely credible - it makes some claims that appear to be very wild, even given what we've seen so far.
But let's assume they're right about their Tor claim. Even if the NSA places you on a controlled Tor network, I could still read my gmail because the NSA would have to try to get around Google's SSL.
Some bad endpoints have been known to try and MITM SSL before, but always with self signed certificates, so if the user messed up it was down to them.
Of course, if our endpoints are run by the NSA, and the NSA have pressured other CAs to sign *.google.com, we can only depend on cert pinning. But it's the NSA, so how do we know that they haven't already backdoored my browser to change the pinned fingerprints...
But at the end of the day, the latest I'd heard from the Snowden revelations is that Tor is a major thorn in the NSA's side, so I'm inclined to believe that over this breathless PDF that makes all sorts of outlandish claims.
EDIT: From that PDF:
> When the DSL connection is established a covert DHCP request is sent to a secret military network owned by the U.S. Government D.O.D. You are then part of that U.S. D.O.D. military network, this happens even before you have been assigned your public IP address from your actual ISP.
That stretches the bounds of credulity - it assumes that a giant government-mandated conspiracy exists between ISPs, device manufacturers, networking developers... even with what we've seen so far it's impossible to swallow.
The entire premise of that paper is misguided. It's fairly common for large providers[1], e.g., BT, Sprint, T-Mobile, to use several of the non-Internet-connected DOD /8s for management addresses, once they've exhausted RFC1918.
Ah, that seems sensible - because if the chain is me -> a -> b -> badsite.onion, and the NSA owns a & b, I'm encrypting to each of those node's keys; and in the absence of a central Torland CA, I can't trust anything but what's visible.
So even if badsite.onion used TLS, I'd be forced to verify their certificate offline or risk
me -> a -> b -> badsite.onion (NSA fakery) <=> torchain -> badsite.onion (real)
Remember that the URL acts as the public key. If you got the URL from a reputable source then there's no way that you could manage tot get into that situation. Just like SSL you're assured that the destination is who you think it is.
Surely the TOR protocol is equivalent encryption to SSL/TLS and thus only the exit node or one with the exit node's private key can read any traffic for the hidden service?
Without those servers, if we assume the NSA owned the network the entire point would be moot. With those servers... I guess the NSA would have to fuck with your Tor client or steal those server's private keys.
I'm a bit uncertain that document is completely credible - it makes some claims that appear to be very wild, even given what we've seen so far.
But let's assume they're right about their Tor claim. Even if the NSA places you on a controlled Tor network, I could still read my gmail because the NSA would have to try to get around Google's SSL.
Some bad endpoints have been known to try and MITM SSL before, but always with self signed certificates, so if the user messed up it was down to them.
Of course, if our endpoints are run by the NSA, and the NSA have pressured other CAs to sign *.google.com, we can only depend on cert pinning. But it's the NSA, so how do we know that they haven't already backdoored my browser to change the pinned fingerprints...
But at the end of the day, the latest I'd heard from the Snowden revelations is that Tor is a major thorn in the NSA's side, so I'm inclined to believe that over this breathless PDF that makes all sorts of outlandish claims.
EDIT: From that PDF:
> When the DSL connection is established a covert DHCP request is sent to a secret military network owned by the U.S. Government D.O.D. You are then part of that U.S. D.O.D. military network, this happens even before you have been assigned your public IP address from your actual ISP.
That stretches the bounds of credulity - it assumes that a giant government-mandated conspiracy exists between ISPs, device manufacturers, networking developers... even with what we've seen so far it's impossible to swallow.