@@Anon_Spartan Game Freak* which is important to note because Game Freak is shit at literally everything they do. How I wish Nintendo could wrest control of Pokemon from them, but not many realize Game Freak isn't a Nintendo subsidiary but rather a co-owner of The Pokemon Company.
people still use tor? lol if you're not willing to disguise yourself and physically move from one public wifi spot to another constantly, you have no business doing anything that might lead to your investigation or arrest
It's hard to say exactly what mistakes were made without direct sources from law enforcement but guard relay attacks were probably a big part of it since vanguard wasn't being used by ricochet and probably not by the .onion service either
The mathematics behind Tor is solid. The cryptography is also solid. That means a successful deanonymization or two won't ever happen; the *VAST* majority of users will never be found. It is far easier to exploit weaknesses and failures in user OPSEC. Remember the Silk Road.
I think the real issue is the deanonymization of users by controlling the entrance and exit node. Everytime you use TOR it goes through 3 nodes. But there are a bunch of nodes controlled by the feds to try and deanonymize users and data. If you control the first and 3rd node then it doesn't matter what crytography is being used by TOR. First node would show IP address that initiates the request, and last node shows the decrypted traffic, so they can associate you with the data.
@@yunggoosbumps215 And ironically, the fact that so many people use Tor thinking it hides their crimes magically combined with people who actually read the risks of running an exit node and decide they'd rather not be patsies for the magic-privacy-blackbox idiots means that the main people running exit nodes... are the ones interested in catching you.
Let's say the 5 eyes monitored connections (through ISPs, which the Snowden leaks showed has been done, at least in the USA, many years ago) to all Tor relays which they can. Tor relays are public. Many times, your connections will not all go through 5 eyes. However, just sitting here generating circuits I'm getting many which start and end in 5-eyes countries so if they wanted to why not correlate it? Maybe not 2 onion services tho Honestly, I think politics and law keep us safe on there. Not wanting to give up sources, fruit of the poison tree, and maybe other reasons I think save many people. I have friends who live in places where using Tor can get u in big trouble. maybe the infrastructure doesn't exist to do that here in the West, history shows otherwise but if it's not admissible in court, terrible for PR, expensive, legal risk, etc they might not think it's worth doing. Or if they do it's rarely worth making it known. Tor themselves does not guarantee against state level attacks
2 місяці тому+23
Tor has been compromised for years. None of this is new.
6:38 small correction: He was given 10 years in prison, yes, but with an "anschließende Sicherheitsverwahrung" = subsequent preventive detention. It is given to brutal criminals, if they need to be kept out of public. Some of these criminals stay in there their entire lifes, even though they technically got a 10 or 15 year prison sentence. Hans-Georg Neumann, a killer, got a life sentence (max 25 years in Germany) but sat in prison for over 50 years.
Life sentence doesn't have a maximum in Germany. In US law terms, it would probably be called 15 to life. Sicherheitsverwahrung is a complete different topic.
@blarfroer8066 No, you confuse Sicherheitsverwahrung with life sentence. Germany has a maximum of 25 years for a life sentence. The reason why some criminals spend their life in prison IS because of Sicherheitsverwahrung
@realkyunu nope. There's a life sentence for crimes of especial severity. Sicherheitsverwahrung is not prison, which is why the inmates get a number of privileges that regular convicts don't get. I suggest you inform yourself before you continue spreading misinformation.
@@blarfroer8066 So youre telling because they got so privileges that Sicherheitsverwahrung is no prison? They are still held there and can only leave the facility to go to work. It sounds like prison light but its still prison.
First thing I thought of is that Germany is also home to Hetzner hosting, as most of the boxes looked like middle boxes. I mean when you have some of the cheapest hosting around, you’re bound to get more people donating resources.
6:35 That is not true! At least one of the founder faces "Sicherheitsverwahrung" after his 10-15 year sentence which means that they will probably never be free.
@@MentalOutlawSicherheitsverwahrung is a bit of a weird one because it's legally speaking not treated as a punishment. Basically, it means that someone is determined to be a danger to others and likely not able to be rehabilitated, so they aren't let go after their sentence ends. However, because the government is technically in violation of their rights by locking them up indefinitely, they do receive more privileges compared to normal prison inmates once their regular prison sentence has run out.
We have it here in Sweden as well, our "life-time" used to be, I think 18 years (now it's 25 apparently) but you won't be released if you're deemed as a "danger to the public" which is why it can turn into an actual life-sentence... (Jackie Arklöv for instance will most likely never get out, unless it's the last few days of his life when dementia fucked him up properly or something like that)
"You will be fine as long as you dont commit serious crime" todays breathing can became tommorows serious crime, and this is really what is most scarry.
Exactly, breathing could be illegal tomorrow. What he's talking about, is breathing. Serious crimes in the context of the tor browser include breathing. Breathing could be made illegal because of the internet. Because we all know the biggest problem with tor is people breathing. Too many people want pictures of the youngsters breathing. And now, on a totally unrelated note, can I get a quick look at your hard drive? I just wanna make sure no one is breathing on your machine.
Communication protocols can't be outlawed. You are naive. At least in the US the first amendment or freedom of speech clearly protects it. Lovers spreading FUD online, classic example
@@gregorymorse8423 you are putting to much trust into your democracy actually following its own rules as well as your democracy existing in the future.
@olivers.7821 oh I don't hold much hope for it. It was founded as a republic not a democracy in fact. They turned it into a popularity contest a hundred years back so who knows what is next. But the culture is pretty strong on values like free speech. So at least it's unlikely for some generations to see thst disintegrate.
@@gregorymorse8423 a democracy is a type of republic. You have the same criticisms of your country as your would-be oligarchs. I dont think the problem with America is too much political participation from regular people.
There's plenty of Tor nodes in Japan and South Korea And contrary to @Kanapek22 comment, the West is full of pedophiles while in the 1st world countries in Asia they go to jail
The irony of law enforcement spending time to catch preds and giving them a short sentence. Just for context they also physically manipulated the poor people. Edit: the judges failed to punish the right people.
@@EdmondDantèsDE Yeah, that. It's not the "law" part that they do, it's the "enforcement" part. With a lot of emphasis on the 'force' bit of "enforcement", in many cases, even. As much as cops like to pretend they're Judge Dredd, they are not in fact the judges.
10 years is a long sentence in Germany. We do not lock people away for life because everyone has the right to get a second chance. The U.S. has 8x more people in prison per capita and still more crime, so longer sentences clearly don't reduce crime.
Tor is funded by US government to contact Russian and Iranian assets in their countries. In 2013 Iran executed all CIA assets and China did the same. Why is there no Exit node from North Korea or Iran?
Yet we(U.S.) continue to get intelligence from those countries. Neither China nor Iran like to delete foreign spies because they can use them for trading.
Well there will never be an exit node from north Korea because it only has something like 128 public IP addresses, not that it matters since they also probably don't have anywhere anyone who wanted to could actually host an exit node.
All the caveats you mentioned sounds exaclty like what three letter agencies are capable of doing. They have nothing but time on their hands and way much more money than these companies.
and don't forget, they have backdoors etched right into the silicon of all chips produced everywhere now ...the 'spooks' are controlled by the banks, the rothschild's control the central banks of 60 countries around the world. more prescient, is how did the israelis pull off the exploding pager/radio caper?
@@GerhardTreibheit In German law "life sentence" means exactly 25 years. You can get incarcerated for longer though if you are seen as a danger to society. This isn’t seen as part of the punishment though and you get a lot of freedoms that normal prisoners wouldn’t
You have no idea what you're talking about. They had observed me with their own trojan (on my mobile and on the laptop), because of a troll who told them made up stories about me. But you'll only know about this, when you hire a lawyer and get an insight in your current records (Akteneinsicht in German). You'll at best only notice some odd behaviour on your machines, every now and then, but would probably never find out what's the cause of this.
Tor has not been secure for years. I remember reading years ago news about Tor, where cases were constantly being opened because governments own the entry and exit nodes and can easily identify people.
May I kindly suggest that you give a short definition of what a guard node and other concepts are. I just landed on this channel and you may even have other videos on the concepts, but a quick explanation with a link to a longer video would enrich your content in my view. Anyway, I have subscribed.
What really sucks is that illegal drugs are implicitly linked to creeps like this, making getting rid of the former's illogical illegality many orders of magnitude harder.
I mean.. I know it's 15 or 16. The SV know for sure.i was sitting with multiple people having that back in my time when I did a few not so .. lawful things
Bruh you shouldn't be using a vpn with Tor at all. It completely defeats the purpose of Tor's encryption and leaves a log with your VPN provider of what you've been doing. Tor Project has even come out saying that's a bad idea and weakens your security and anonymity. Do not make a logged traffic trace on someone else's servers that you do not own. Even though I trust mullvad, they did get raided and told a story about how they lied to police and got them to not take their servers.
@yunggoosbumps215 TOR themselves have said a VPN can provide more security. It's just difficult to optimize for it, and so they recommend that those who don't know what they're doing should just TOR alone
@@DavePerry-h5r back when i was a /b/tard in 08/09 i remember it was a thing, the FBI strong armed the owners of TOR for control. About when they did the same thing to M00T.
4:36 could that be easily mitigated by Tor browser implementing restrictions on the amount of sites that a site could redirect to and warning the users asking them if they want to proceed? Or maybe even creating a settings to increase/decrease the amount of external connections? Seems like an easy fix.
It may have been a timing based attack on the Tor network. This works irrespectively of Vanguard or not, the whole "but it wasn't the most recent version" while the devs are seemingly confused and beg for more information seems like they are deflecting criticism.
I like this channel but the video titles are starting to sound clickbaitish. I understand that influencers are told that this is a good way to increase audience engagement and video clicks, but if I wanted to be treated like a mindless customer, I would just stick to watching Linus's Tech videos.
@@RichardDressler Just because isnt private doesnt mean that they steal from you. If only you have the private key, you can take your wealth to the "coof-coof in". Security x privacy, chose one.
3:00 There was a Dark web tor browser hackerman craze on a global scale a few years ago, and a lot of new users flooded, new nodes were set up and so on. I doubt the governments of these countries didn't set up their own nodes at this time as well
To be fair, prison sentences in germany are generally lower than in the us (or to be percise, us sentences are just insanely high compared to most other countrys), so ofc anyone caught in america gets signifgicantly higher punishment than anyone caught in germany, no matter what exactly it is for
More to the point NSA everything was already controversial when it was 'strictly for matters of national security'. We now know that ALL policing agencies are in effect doing completely warrant-less dragnet surveillance of everybody. On a pan global basis.
Most tor users are in germany hence most tor traffic connects through german servers which the bnd hands over to the nsa. If you want real privacy setup your own vpn relay service using openvpn, there are so many iranian, russian and japanese universities which offer this free vpn service. There are also privately hosted services you can use. Only an idiot will believe tor will cover his back.
6:45 If i remember correctly some european states have a legal system where even if you dont get a lifelong sentence, a judge can, if he sees you as a thread to other people, still keep you in a less restrictive prison. So even though these people "only" got 10 years for violence against a child, if the state believes they would do it again, they can keep them locked up even after those 10 years passed
6:45 You can't compare the sentences between different countries. Germany has one of the most lenient criminal justice systems, the US one of the most severe.
the tor project explicitly recommends against using a vpn with tor. there are cases where it may make sense based on your threat model, but you're almost certainly better off using a bridge in most cases
crazy how making a anonymous marketplace gets you life in prison but running a CP forum and hurting actual children gets you only 10 years. our countries morals are out of order
I have a question about it: if collaborating actors put enough ressources in hosting nodes, isn’t their a probability that all 3 nodes chosen belong to that group of collaborators? With no financial incentive to run nodes (like cryptocurrencies do) isn’t kinda likely that a coalition of collaborating actors with ressources can host a large enough proportion of the nodes for it happen ?
I hate when law enforcement makes me take the side of defending PDFs because of my privacy principles. Unfortunately, degenerates deserve online privacy too
Freedom of speech, but what about the CHILDREN? Right to self defense, but what about the CHILDREN? Search warrants, but what about the CHILDREN? Due process, but what about the CHILDREN?
When you compare the punishment of these people to other tor users that got caught, you have to keep in mind that sentences in Germany are in general MUCH lower than in the US.
It wouldnt surprise me, at all. Almost all entrance/end relays are controlled by big daddy gov. They can trace the starting point and decrypt the end point to know which IP connected with what/who. The architecture of Tor isnt like BTC/XMR where nodes are in the hand of average joes, therefore, decentralized af. Is not even private like SimpleX messenger. People don't know that is not private BY DESIGN, TCP/IP itself is a network with vulnerability regarding identity. You cant try to build safety inside an unsafe environment; any tool created will have vulnerability at it's core.
And also... The US kinda rules in Germany now :) idk why but 5 years ago it was DEFINITELY different in Germany... btw. : just because my cousin live's there :)
If the Tor project wanted to keep Tor secure from malicious nodes, they should use the GNU Affero GPL v3 or later for the Tor program rather than the BSD 3 clause.
I think it's far more easy to find someone using tor because of a human error than a 0 day bug or something else. Remember that the weakest component is always the human
"Old version" as an opsec mistake is weird since at any point a vuln/patch can drop, and isn't there a line of thinking that taking the bleeding edge updates is itself a mistake? I'm gonna deduct a point from tor here, if the patch was that critical it should be forced, or this counts as a small/niche design fail. I can't help coming away feeling like security is secure until it isn't, which makes everything feel suspect and illusory.
..and there is nothing wrong with having something to hide. I don't want the entire world to see what kind of pr0n I watch, or my ISP to block my access to websites my country's censorship apparatus has deemed unfit for viewing.
Tor was anonymous? No one is anonymous on the internet, It's the internet, it's all transparent, maybe on the early days of the internet it wasn't like this but it's 2024 now
I am not disrespecting people who maintain the Tor projects, at the state of things they are as much of victims as ourselves, but seriously, which state actor or corporation hasn't breached Tor? Or anything made to make us safer? At this point isn't it just easier to organize the workers and overthrow capitalism along with the mega corps to protect our privacy and well being? Like, no one is safe anymore in the internet, if we have ever been safe, anyone can fall prey to vigilance or a dickhead with an anime profile picture on 4chan, why bother with individual action when its clearly going downhill even with our best efforts? If we want to deal with all of what we're seeing in these last years, like Microsoft, Apple or Google as a whole, we will need more than open source projects maintened by people who are on the verge of burnout, seriously, im sick entire of it, at this point of history it will be easier to just overthrow capitalism than to try to convince all the mega corp lobbyists that perhaps closed source is bad and monopolizing an entire niche of important projects and services isn't good
Reminder that the fucking US MILITARY IS THE ONE THAT BUILT THE TOR PROTOCOLS and then RELEASED IT so that the rest of the public would serve as cover for THEIR stuff. And that no one can save you from being stupid with your opsec. Tor's privacy lies in BLENDING IN WITH THE REST. If you're using Tor and then sticking out, LURK MOAR and learn to camouflage. Tor isn't some magic privacy program, it's only as useful as a digital Waldo costume at a Where's Waldo convention.
Tor is extremely outdated. I dont understand why people dont work together to come up with P2P solutions. Tor feels extremely fragile. With how many resources government has I dont think its barely any cost for them to run more than 90% of nodes across all countries.
@@neoqwerty I am pretty sure military isnt using tor to communicate today. They probably have built something way more secure than tor. Tor is extremely fragile and very easy to identify.
>bust pdf files >give them a slap on the wrist typical. they punish you more severely for copyright infringement than child abuse. it's telling, real telling, about who dictates the priorities here.
Tor has been compromised for a while. Do you really think governments wouldn't have already done something about it? This video and the comments are a big giant cope due to emotional attachments to the software.
@@zedvee2668 A. I2P is the protocol and network, not implementation. B. There is I2Pd(written in c++) C. Who gives a single crap what is written in what unless you are going to either modify the code or deploy the code to several devices. Take your shitty elitist ass out of here.
TOR is an highly outdated program from the US military. It is muskets compared to rifles and I am not IT guy, but can simply look at timelines from design and implementation, to mainstream to decades later and make a pretty good educated guess.
@@Anton43218 Stop being a noob about anonymity. People should never connect to Tor directly but instead connect to it using stepping stones. Why do you think criminals who steal sensitive data and hack big valuable companies don't get traced? They don't just use Tor. Tor is for the inexperienced in network anonymity and is actually just obsolete methods that independent groups in their mom's basement have already surpassed in sophistication. Learn more: ua-cam.com/video/zXmZnU2GdVk/v-deo.html
I think this is an example of when having nothing to hide is a sensible arguement, since if you're not up to no good, you won't be tempted to tell everyone on a forum about it and defeat your own privacy/security solution :)
It was an outdated chatting client. You're welcome
thanks
Vielen Dank
based and time saving pilled
ty
You can sugar coat it like that ,or you can get 14 eyes pilled and give up on privacy
Did German police break Tor? no
Thanks
I love you
ty
are they upping their game? yes
Why would German police break tor when Tor is funded by USA to contact Russian assets.
their is a old mob saying "Even a fish would not get caught, if he could just keep his mouth shut."
Sounds like something humans Worldwide would agree with. Even aliens.
😂
*there
That's stupid because a fish has to open it's mouth to eat...just like a human.
I've never heard this one, but thank you for sharing it. I'll definitely remember it.
400k clients, 390k of which are federal employees
Wouldn't suprise me
you have to pay upto 50$ per account
so total amount spent would be this 19,500,000
@@anutane799 A lot of such forums are free to join
@@anutane799 Pennies for a government, much less multiple governments.
@@noscopesallowed8128yea dude, and 14 different countries colabing? 100%
I never commit serious crimes, just funny ones.
Goofball police open up
Officer please I was just acting silly
I'll put that in my Quotebook 😄
Like painting wheelchairs on every parking space at a supermarket.
Like implementing "Geneva suggestions" in Rimworld?
I guess coomers have poor opsec when they operate with one hand on the keyboard.
ROFL 😂
Just happened to Nintendo.
@@Anon_Spartan Game Freak* which is important to note because Game Freak is shit at literally everything they do. How I wish Nintendo could wrest control of Pokemon from them, but not many realize Game Freak isn't a Nintendo subsidiary but rather a co-owner of The Pokemon Company.
I can't even use the computer when I coom because my dong requires double handed 100
people still use tor? lol if you're not willing to disguise yourself and physically move from one public wifi spot to another constantly, you have no business doing anything that might lead to your investigation or arrest
This video better not be about another opsec mistake
Better an op sec mistake vs a vulnerability in the protocol.
It's hard to say exactly what mistakes were made without direct sources from law enforcement but guard relay attacks were probably a big part of it since vanguard wasn't being used by ricochet and probably not by the .onion service either
Well well, it mostly was (And also old versions of software)
@@BobertV702 Funny enough, Mental Outlaw seems to be using a outdated version of the software too.
It ALWAYS is an opsec mistake
Anytime the title on a you-tube video asks a question, it's almost always no for the answer.
Betteridge's Law of Headlines
True, but it's still interesting to see how they fucked up this time and why it isn't Tor's fault
I guess its time to go back to smoke signals or pigeon messaging
pidgeons can easily be bribed, that's why we stopped using them
@@phillipanselmo8540 They can be easily shot down. Some guy actually did an RFC over something like Pigeon Protocol, it's online lol
@@phillipanselmo8540 smoke signals were even worse at being bribable
havent had any successes either
@@DanielBjorndahl They were barbiequeable... no?.....Ok I'm out...
It was a timing attack that is significantly harder to pull off had the person used Vanguard as per Tor recommendation.
Saved you 10 minutes.
whats vanguard
The mathematics behind Tor is solid. The cryptography is also solid. That means a successful deanonymization or two won't ever happen; the *VAST* majority of users will never be found. It is far easier to exploit weaknesses and failures in user OPSEC. Remember the Silk Road.
There still could be 0-days.
I think the real issue is the deanonymization of users by controlling the entrance and exit node. Everytime you use TOR it goes through 3 nodes. But there are a bunch of nodes controlled by the feds to try and deanonymize users and data. If you control the first and 3rd node then it doesn't matter what crytography is being used by TOR. First node would show IP address that initiates the request, and last node shows the decrypted traffic, so they can associate you with the data.
@@yunggoosbumps215 And ironically, the fact that so many people use Tor thinking it hides their crimes magically combined with people who actually read the risks of running an exit node and decide they'd rather not be patsies for the magic-privacy-blackbox idiots means that the main people running exit nodes... are the ones interested in catching you.
Let's say the 5 eyes monitored connections (through ISPs, which the Snowden leaks showed has been done, at least in the USA, many years ago) to all Tor relays which they can. Tor relays are public. Many times, your connections will not all go through 5 eyes. However, just sitting here generating circuits I'm getting many which start and end in 5-eyes countries so if they wanted to why not correlate it? Maybe not 2 onion services tho
Honestly, I think politics and law keep us safe on there. Not wanting to give up sources, fruit of the poison tree, and maybe other reasons I think save many people. I have friends who live in places where using Tor can get u in big trouble. maybe the infrastructure doesn't exist to do that here in the West, history shows otherwise but if it's not admissible in court, terrible for PR, expensive, legal risk, etc they might not think it's worth doing. Or if they do it's rarely worth making it known.
Tor themselves does not guarantee against state level attacks
Tor has been compromised for years. None of this is new.
6:38 small correction: He was given 10 years in prison, yes, but with an "anschließende Sicherheitsverwahrung" = subsequent preventive detention. It is given to brutal criminals, if they need to be kept out of public. Some of these criminals stay in there their entire lifes, even though they technically got a 10 or 15 year prison sentence. Hans-Georg Neumann, a killer, got a life sentence (max 25 years in Germany) but sat in prison for over 50 years.
Life sentence doesn't have a maximum in Germany. In US law terms, it would probably be called 15 to life. Sicherheitsverwahrung is a complete different topic.
@blarfroer8066 No, you confuse Sicherheitsverwahrung with life sentence. Germany has a maximum of 25 years for a life sentence. The reason why some criminals spend their life in prison IS because of Sicherheitsverwahrung
@realkyunu nope. There's a life sentence for crimes of especial severity. Sicherheitsverwahrung is not prison, which is why the inmates get a number of privileges that regular convicts don't get. I suggest you inform yourself before you continue spreading misinformation.
@@blarfroer8066 So youre telling because they got so privileges that Sicherheitsverwahrung is no prison? They are still held there and can only leave the facility to go to work. It sounds like prison light but its still prison.
ur my favorite fed youtuber
Bro don't blow covers
fedtube
@@Marth8880fedhub
First thing I thought of is that Germany is also home to Hetzner hosting, as most of the boxes looked like middle boxes. I mean when you have some of the cheapest hosting around, you’re bound to get more people donating resources.
6:35 That is not true! At least one of the founder faces "Sicherheitsverwahrung" after his 10-15 year sentence which means that they will probably never be free.
Thanks for the clarification, I'm glad Germany has harsher sentences then, in the US they almost never get life in prison.
@@MentalOutlawSicherheitsverwahrung is a bit of a weird one because it's legally speaking not treated as a punishment.
Basically, it means that someone is determined to be a danger to others and likely not able to be rehabilitated, so they aren't let go after their sentence ends. However, because the government is technically in violation of their rights by locking them up indefinitely, they do receive more privileges compared to normal prison inmates once their regular prison sentence has run out.
Rehabilitation is the only justice the law has. @@MentalOutlaw
@@MentalOutlaw they also have harsher sounding words
We have it here in Sweden as well, our "life-time" used to be, I think 18 years (now it's 25 apparently) but you won't be released if you're deemed as a "danger to the public" which is why it can turn into an actual life-sentence... (Jackie Arklöv for instance will most likely never get out, unless it's the last few days of his life when dementia fucked him up properly or something like that)
"You will be fine as long as you dont commit serious crime" todays breathing can became tommorows serious crime, and this is really what is most scarry.
this is exactly the problem
Yeah, that's a bit of an oxymoron - so "if you don't actually need Tor to protect you, you'll be fine"...? Gee, thanks a lot...
@@AttilaAsztalosI didn't expect him out of all people to say something like this
Exactly, breathing could be illegal tomorrow.
What he's talking about, is breathing.
Serious crimes in the context of the tor browser include breathing.
Breathing could be made illegal because of the internet.
Because we all know the biggest problem with tor is people breathing.
Too many people want pictures of the youngsters breathing.
And now, on a totally unrelated note, can I get a quick look at your hard drive?
I just wanna make sure no one is breathing on your machine.
@@xBellevueBallerZx the biggest problem is that the failing government is making criticism of violent religions and their climate ideology a crime
It was the irony of dumping all your opsec work on tor and using an outdated chat client.
1:38 the disrespect to the Netherlands by not only calling it Holland but also rotating our flag upside down lmao
I guess the creator of this chart is a fan of the farmers
The state of Tor currently is ok because governemnts are using it, as soon as they find it obsolete it will become illegal...
There are rumors of an internet x_x switch. 90% chance. 🙀
Communication protocols can't be outlawed. You are naive. At least in the US the first amendment or freedom of speech clearly protects it. Lovers spreading FUD online, classic example
@@gregorymorse8423 you are putting to much trust into your democracy actually following its own rules as well as your democracy existing in the future.
@olivers.7821 oh I don't hold much hope for it. It was founded as a republic not a democracy in fact. They turned it into a popularity contest a hundred years back so who knows what is next. But the culture is pretty strong on values like free speech. So at least it's unlikely for some generations to see thst disintegrate.
@@gregorymorse8423 a democracy is a type of republic. You have the same criticisms of your country as your would-be oligarchs. I dont think the problem with America is too much political participation from regular people.
Why are all the Tor nodes only in Western places? Why not Japan or South Korea as well?
they prefer irl crimes
Japanese guys are too busy stealing females underwear to do stuff with Tor
@@Kanapek22you wouldnt download a murder?
didnt japs come up with softether?
There's plenty of Tor nodes in Japan and South Korea
And contrary to @Kanapek22 comment, the West is full of pedophiles while in the 1st world countries in Asia they go to jail
there's a german saying: The Internet is new territory
künstlicher Lebensraum ¯\_(ツ)_/¯
Das Internet ist für uns alle Neuland
The irony of law enforcement spending time to catch preds and giving them a short sentence. Just for context they also physically manipulated the poor people. Edit: the judges failed to punish the right people.
I love contradictory behaviors 😊
Law enforcement doesn't give sentences.
@@EdmondDantèsDE Yeah, that. It's not the "law" part that they do, it's the "enforcement" part. With a lot of emphasis on the 'force' bit of "enforcement", in many cases, even.
As much as cops like to pretend they're Judge Dredd, they are not in fact the judges.
Well that's Germany.
10 years is a long sentence in Germany. We do not lock people away for life because everyone has the right to get a second chance.
The U.S. has 8x more people in prison per capita and still more crime, so longer sentences clearly don't reduce crime.
Tor is funded by US government to contact Russian and Iranian assets in their countries. In 2013 Iran executed all CIA assets and China did the same. Why is there no Exit node from North Korea or Iran?
Yet we(U.S.) continue to get intelligence from those countries. Neither China nor Iran like to delete foreign spies because they can use them for trading.
Is anyone able to run a server in those countries that can access the outside world? If a server did pop up there, I’d be very suspicious about it.
Ya and Q is comine
It's funded by Israel so they can monitor how much load is being expelled to anime girls
Well there will never be an exit node from north Korea because it only has something like 128 public IP addresses, not that it matters since they also probably don't have anywhere anyone who wanted to could actually host an exit node.
When will people learn to just SHUT THE HELL UP about themselves.
Well, in this case we are lucky that they didn't.
A a social species it's only natural. Unfortunate that others can exploit this fact.
True
There are always narc's and other people who need attention and admiration, or just want to brag about themselves.
To get into these circles you probably have to give something "useful" and original to the group.
All the caveats you mentioned sounds exaclty like what three letter agencies are capable of doing. They have nothing but time on their hands and way much more money than these companies.
and don't forget, they have backdoors etched right into the silicon of all chips produced everywhere now ...the 'spooks' are controlled by the banks, the rothschild's control the central banks of 60 countries around the world. more prescient, is how did the israelis pull off the exploding pager/radio caper?
10 years in prison in Germany is actually a lot for a country where the maximum possible sentence is 25 years
no, you can get life, and be in prison indefinitely, in germany
"LIfe" can be given, that's just 25 years plus "savekeeping" cause danger to society afterwards.
@@Alias_Anybody but that has to be proven regularly and you get a lot of freedoms back since you don’t get punished anymore
@@GerhardTreibheit In German law "life sentence" means exactly 25 years. You can get incarcerated for longer though if you are seen as a danger to society. This isn’t seen as part of the punishment though and you get a lot of freedoms that normal prisoners wouldn’t
For child abuse?
German police is able to intercept fax messages, but not much more.
I know you are jokeing but I still want to add that he wasn't talking about the regular German police.
German police is severly underfunded but they actually had a couple of noteworthy successes when it comes to deanonymizing criminals on TOR.
We're talking about the STASI . lol
@@BillAnt The Stasi. doesn't exist anymore.
You have no idea what you're talking about. They had observed me with their own trojan (on my mobile and on the laptop), because of a troll who told them made up stories about me. But you'll only know about this, when you hire a lawyer and get an insight in your current records (Akteneinsicht in German). You'll at best only notice some odd behaviour on your machines, every now and then, but would probably never find out what's the cause of this.
Germany mentioned? Versammelt euch meine Kerle!!
What do you want them to gather and talk about?
Grüße
I would like you to compare tor to i2p from the point of view of attack by a nation state
I was wondering this same thing.
this
Same.
1:33 I still cannot believe they used the Luxembourgish flag upside down as the Dutch flag.
And called it Holland!
Schläfrig-Holzschwein lässt grüßen
Och komm schon...
Luxembourg is not real
Who cares?
Tor has not been secure for years. I remember reading years ago news about Tor, where cases were constantly being opened because governments own the entry and exit nodes and can easily identify people.
I was under the impression that the nsa has been running their own nodes and that tor has been broken for some time
Did he just call the Netherlands 'Holland' and flip its flag? Damn, those farmer strikes have gotten out of hand.
these thumbnails are fucking amazing
soyjaks are always amazing
@@sakamocat “Ah, Anon. I expected to find you here, in the Tor!”
does he use canva?
Who the fuck thought it was funny to turn the Dutch flag upside down and call it Holland 1:37
Indonesia
A bit of German practical humor?
google the flag of schleswig-holstein
the colors seem wrong too
I think it's hilarious. I haven't heard the term Holland since the late 70s when I was a child, I think?
algorithm. Thanks for your continuing coverage of these matters that most of us don't have the time to keep track of. Excellent work.
May I kindly suggest that you give a short definition of what a guard node and other concepts are. I just landed on this channel and you may even have other videos on the concepts, but a quick explanation with a link to a longer video would enrich your content in my view.
Anyway, I have subscribed.
I strongly believe that the real Tor hack is kept under wraps by the [redacted] who know it will only work once.
That is why you should use homebrew encryption & proxy servers. If you are in the know, you know. :winking_face:
Parallel construction baybeee
exactly, this is what I've been saying, if a nation threat actor does have a 0 day vulnerability, they would keep it hidden until necessary
What really sucks is that illegal drugs are implicitly linked to creeps like this, making getting rid of the former's illogical illegality many orders of magnitude harder.
6:38 10 years is actually quite a lot in Germany. (being 15 the max)
Yeah, every 2 digit year punishment is much in Germany
I thought 15 + SV is Max meaning basically you won't go out anymore untill you're 80+
I mean.. I know it's 15 or 16. The SV know for sure.i was sitting with multiple people having that back in my time when I did a few not so .. lawful things
Shameful
25?
Given what you described about 14 eyes attacking nodes, do you still stand by your previous recommendation to not use a VPN? Even Mullvad?
Good question
Pretty sure he has said he trusts Mullvad in the past.
Bruh you shouldn't be using a vpn with Tor at all. It completely defeats the purpose of Tor's encryption and leaves a log with your VPN provider of what you've been doing. Tor Project has even come out saying that's a bad idea and weakens your security and anonymity. Do not make a logged traffic trace on someone else's servers that you do not own. Even though I trust mullvad, they did get raided and told a story about how they lied to police and got them to not take their servers.
@yunggoosbumps215 TOR themselves have said a VPN can provide more security. It's just difficult to optimize for it, and so they recommend that those who don't know what they're doing should just TOR alone
@@yunggoosbumps215 Some VPN servers do not keep any logs.
every single thumbnail on this channel is a work of art
Yeah
Hello from a German viewer! ^^
You meant "Heil" ☠️
@@NikolaosKontos-np5xz How can we help you into the 21st century. You seem lost in 1940...
@@LearnGrowHealThrive insensitive joke it seems
@@Reformingandlearning probably
Hallo deutscher Zuschauer
unless im crazy, i thought TOR was compromised in like 2008/2009?
If it was you'd never hear about it. I'd assume it is by now.
ive heard nodes have been compromised several times over the decade.
@@DavePerry-h5r back when i was a /b/tard in 08/09 i remember it was a thing, the FBI strong armed the owners of TOR for control. About when they did the same thing to M00T.
I'd heard so too but plenty of sketchy shit is still up
Your videos remind me modern web-sites. Whole bunch of ChatGPT yapping and then 2 sentences of what actually happened.
4:36 could that be easily mitigated by Tor browser implementing restrictions on the amount of sites that a site could redirect to and warning the users asking them if they want to proceed? Or maybe even creating a settings to increase/decrease the amount of external connections? Seems like an easy fix.
Pretty sure they could just run Tor from a bunch of VMs to get around the limit unfortunately
TOR isn't secure at all.
It may have been a timing based attack on the Tor network. This works irrespectively of Vanguard or not, the whole "but it wasn't the most recent version" while the devs are seemingly confused and beg for more information seems like they are deflecting criticism.
I like this channel but the video titles are starting to sound clickbaitish. I understand that influencers are told that this is a good way to increase audience engagement and video clicks, but if I wanted to be treated like a mindless customer, I would just stick to watching Linus's Tech videos.
This Bro here a fed
👀....
nice try fbi
@@nittrana-hq7du maybe I'm German police
@@Reformingandlearning This is the FCC, we know exactly who you are.
Wait, I thought catching pedos was just a pretext to issue abusive laws. They finally actually catch child abusers in real life ?
TOR is a US military computer network.
Like wtf is everyone talking about?
Of course its backdoored.
Someone created it, someone has full access to everything on it. 😉
Well, same logic could be applied to blockchain and im pretty sure its not true
@@Wkaelx
I'm pretty sure it is, since most blockchains are completely public. And not intended to keep anything private. 😏
@@RichardDressler Just because isnt private doesnt mean that they steal from you. If only you have the private key, you can take your wealth to the "coof-coof in". Security x privacy, chose one.
t. someone that has no idea how open source software works
3:00 There was a Dark web tor browser hackerman craze on a global scale a few years ago, and a lot of new users flooded, new nodes were set up and so on. I doubt the governments of these countries didn't set up their own nodes at this time as well
What about i2p?
I randomly use tor to watch youtube videos sometimes as a way to confuse any trackers by adding normal traffic to that network.
Based
TOR has been compromised ever since egotistical giraffe.
To be fair, prison sentences in germany are generally lower than in the us (or to be percise, us sentences are just insanely high compared to most other countrys), so ofc anyone caught in america gets signifgicantly higher punishment than anyone caught in germany, no matter what exactly it is for
The NSA already did that over a decade ago, way too late to the party.
More to the point NSA everything was already controversial when it was 'strictly for matters of national security'. We now know that ALL policing agencies are in effect doing completely warrant-less dragnet surveillance of everybody. On a pan global basis.
Most tor users are in germany hence most tor traffic connects through german servers which the bnd hands over to the nsa. If you want real privacy setup your own vpn relay service using openvpn, there are so many iranian, russian and japanese universities which offer this free vpn service. There are also privately hosted services you can use. Only an idiot will believe tor will cover his back.
Why is it, when something happens, it is ALWAYS BAD OPSEC?
Because it is impossible to catch people with good opsec?
a fool learns from his own mistakes...
while geniuses learn from others
6:45 If i remember correctly some european states have a legal system where even if you dont get a lifelong sentence, a judge can, if he sees you as a thread to other people, still keep you in a less restrictive prison. So even though these people "only" got 10 years for violence against a child, if the state believes they would do it again, they can keep them locked up even after those 10 years passed
Correct, one of the admins got slapped with a Detainment Order
Fun Fact: many of the TOR nodes are run by the FBI... ;)
Someone backed by FBI doesnt want you to know. He wants you to still keep using extremely insecure tor network.
6:45 You can't compare the sentences between different countries. Germany has one of the most lenient criminal justice systems, the US one of the most severe.
This is why it's good to use a VPN (like Mullvad) with Tor. And hey, if you can host your onion service in an anonymized cloud platform - even better.
anonymized cloud platform?
so first tor and then mullvad, or first mullvad and then tor haha
using a VPN leaves tracks, don't use VPNs with tor
@@roywempor8395 completely depends on your opsec with the vpn.
the tor project explicitly recommends against using a vpn with tor. there are cases where it may make sense based on your threat model, but you're almost certainly better off using a bridge in most cases
How much would vpn do? And how would they know who you are even if they anonymis the connection. I would be very thankfull for an awnser.
crazy how making a anonymous marketplace gets you life in prison but running a CP forum and hurting actual children gets you only 10 years. our countries morals are out of order
I have a question about it: if collaborating actors put enough ressources in hosting nodes, isn’t their a probability that all 3 nodes chosen belong to that group of collaborators?
With no financial incentive to run nodes (like cryptocurrencies do) isn’t kinda likely that a coalition of collaborating actors with ressources can host a large enough proportion of the nodes for it happen ?
I hate when law enforcement makes me take the side of defending PDFs because of my privacy principles. Unfortunately, degenerates deserve online privacy too
Because if the worst don't have privacy, none of us have privacy.
I’m still trying to figure out how using a VPN on tor is a bad thing.
What's up with those wild thumbnails
It wouldn’t take years. All they have to do is make lots of small arrests and confiscate / take over ownership of existing nodes.
protecting children is always the excuse for tyranny.
Freedom of speech, but what about the CHILDREN? Right to self defense, but what about the CHILDREN? Search warrants, but what about the CHILDREN? Due process, but what about the CHILDREN?
"Protect trans children" is the excuse for tyranny, got it.
When you compare the punishment of these people to other tor users that got caught, you have to keep in mind that sentences in Germany are in general MUCH lower than in the US.
Tor is the honeypot of all honeypots
Forsooth
So is anything online with the words "Freedom", "Safety" or "Security". Honeypots, all 'em.
Some would even say, the Honeygrail!
It wouldnt surprise me, at all. Almost all entrance/end relays are controlled by big daddy gov. They can trace the starting point and decrypt the end point to know which IP connected with what/who. The architecture of Tor isnt like BTC/XMR where nodes are in the hand of average joes, therefore, decentralized af. Is not even private like SimpleX messenger.
People don't know that is not private BY DESIGN, TCP/IP itself is a network with vulnerability regarding identity. You cant try to build safety inside an unsafe environment; any tool created will have vulnerability at it's core.
Perfect Privacy + Tor
Lol “any serious crime “
They just have to get you on that first node right?
It’s not. Go read the Snowden document dumps. The GCHQ has been trying to break tor for years and has been quite successful at creating fake proxies.
Dylan J. Dance and co. Made a quantum vpn. QAL VPN. I recommend keeping an eye on him.
@@fatcat5817 Is this just another buzz word integration or the "Quantum" does something to do with physics?
Hey , after the Vault-7-Leaks, something is definitely wrong with TOR.
At least in Germany.
The connection is just.. Idk... 2 good??
And also... The US kinda rules in Germany now :) idk why but 5 years ago it was DEFINITELY different in Germany...
btw. : just because my cousin live's there :)
Why does Germany lead with 29%?
Cheap hosting
@@stigcc Theres also a legally recognised nonprofit funding TOR in germany.
Was this not weeks ago already published?
If the Tor project wanted to keep Tor secure from malicious nodes, they should use the GNU Affero GPL v3 or later for the Tor program rather than the BSD 3 clause.
yeah!
because gnu agplv3 is copyleft? i don't really get what's the advantage that tor project gets from getting a copyleft license (i am actually curious)
Vx
@@nxb00you can make propietary trash from bsd not from gpl
I think it's far more easy to find someone using tor because of a human error than a 0 day bug or something else.
Remember that the weakest component is always the human
Use i2p
@@itsoverpillwhy if I may ask?
@@joshfromsmosh3352d just heard of it myself
"Old version" as an opsec mistake is weird since at any point a vuln/patch can drop, and isn't there a line of thinking that taking the bleeding edge updates is itself a mistake? I'm gonna deduct a point from tor here, if the patch was that critical it should be forced, or this counts as a small/niche design fail. I can't help coming away feeling like security is secure until it isn't, which makes everything feel suspect and illusory.
Review the unplugged phone maybe deep dive if it's a real freedom phone clone still curious
Already did, it's not
I wonder if newer versions will add mor relays eg 4 of 5 hops from the normal 3
If you have nothing to hide,
You have nothing to fear.
Anyone who disagrees...has something to hide.
..and there is nothing wrong with having something to hide.
I don't want the entire world to see what kind of pr0n I watch, or my ISP to block my access to websites my country's censorship apparatus has deemed unfit for viewing.
Who defines what is "fear-worthy"? In some countries not wearing a scarf is illegal. In the UK, people are getting imprisoned for making stickers.
Ah yes how about afterlife then?
Tor was anonymous? No one is anonymous on the internet, It's the internet, it's all transparent, maybe on the early days of the internet it wasn't like this but it's 2024 now
I am not disrespecting people who maintain the Tor projects, at the state of things they are as much of victims as ourselves, but seriously, which state actor or corporation hasn't breached Tor? Or anything made to make us safer? At this point isn't it just easier to organize the workers and overthrow capitalism along with the mega corps to protect our privacy and well being? Like, no one is safe anymore in the internet, if we have ever been safe, anyone can fall prey to vigilance or a dickhead with an anime profile picture on 4chan, why bother with individual action when its clearly going downhill even with our best efforts? If we want to deal with all of what we're seeing in these last years, like Microsoft, Apple or Google as a whole, we will need more than open source projects maintened by people who are on the verge of burnout, seriously, im sick entire of it, at this point of history it will be easier to just overthrow capitalism than to try to convince all the mega corp lobbyists that perhaps closed source is bad and monopolizing an entire niche of important projects and services isn't good
Reminder that the fucking US MILITARY IS THE ONE THAT BUILT THE TOR PROTOCOLS and then RELEASED IT so that the rest of the public would serve as cover for THEIR stuff. And that no one can save you from being stupid with your opsec.
Tor's privacy lies in BLENDING IN WITH THE REST. If you're using Tor and then sticking out, LURK MOAR and learn to camouflage. Tor isn't some magic privacy program, it's only as useful as a digital Waldo costume at a Where's Waldo convention.
Only the chronically online care bro 😂 99.9% people use the internet to get bread recipes and check the news. Calm down captain revolution lol
Tor is extremely outdated. I dont understand why people dont work together to come up with P2P solutions. Tor feels extremely fragile. With how many resources government has I dont think its barely any cost for them to run more than 90% of nodes across all countries.
@@neoqwerty I am pretty sure military isnt using tor to communicate today. They probably have built something way more secure than tor. Tor is extremely fragile and very easy to identify.
@@returndislikes6906 you sure about that?
_EXCELLENT_ exegesis and walkthrough, not to forget the visual aid!
>bust pdf files
>give them a slap on the wrist
typical. they punish you more severely for copyright infringement than child abuse. it's telling, real telling, about who dictates the priorities here.
They got Life
These arguments are so forced and overused. You don't even know why it's 10-15 years.
"should" be safe never felt so unsafe
Tor has been compromised for a while. Do you really think governments wouldn't have already done something about it? This video and the comments are a big giant cope due to emotional attachments to the software.
1:35 Holland?! Two things, it's the Netherlands and that flag is upside down.
I like how you can tell the Boystown guy is a pdf file even though his face is blurred!
I'm fairly sure that was a TV Actor, recreating the Police Interview.
what do you think of Sky ECC?
i2p ftw
Yea not sure I trust that… it’s written in Java.
@@zedvee2668there's a c++ version as well.
The what's the alternative, hyphanet?
@@zedvee2668 A. I2P is the protocol and network, not implementation. B. There is I2Pd(written in c++) C. Who gives a single crap what is written in what unless you are going to either modify the code or deploy the code to several devices. Take your shitty elitist ass out of here.
@@zedvee2668There are open source implementations of Java.
Where the Archive Org video bro
TOR is an highly outdated program from the US military. It is muskets compared to rifles and I am not IT guy, but can simply look at timelines from design and implementation, to mainstream to decades later and make a pretty good educated guess.
Well then, if not TOR then what shall we use?
I mean they did keep ai from us for 20+ more years. 🤣
@@Anton43218 Stop being a noob about anonymity. People should never connect to Tor directly but instead connect to it using stepping stones. Why do you think criminals who steal sensitive data and hack big valuable companies don't get traced? They don't just use Tor. Tor is for the inexperienced in network anonymity and is actually just obsolete methods that independent groups in their mom's basement have already surpassed in sophistication. Learn more: ua-cam.com/video/zXmZnU2GdVk/v-deo.html
I think this is an example of when having nothing to hide is a sensible arguement, since if you're not up to no good, you won't be tempted to tell everyone on a forum about it and defeat your own privacy/security solution :)