Most Tor Keys May Be Vulnerable To NSA Cracking

Ars Technica reports that security researcher Rob Graham of Errata Security, after analyzing nearly 23,000 Tor connections through an exit node that Graham controls, believes that the encryption used by a majority of Tor users could be vulnerable to NSA decryption: "About 76 percent of the 22,920 connections he polled used some form of 1024-bit Diffie-Hellman key," rather than stronger elliptic curve encryption. More from the article: "'Everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys,' Graham wrote in a blog post published Friday. 'Assuming no "breakthroughs," the NSA can spend $1 billion on custom chips that can break such a key in a few hours. We know the NSA builds custom chips, they've got fairly public deals with IBM foundries to build chips.' He went on to cite official Tor statistics to observe that only 10 percent of Tor servers are using version 2.4 of the software. That's the only Tor release that implements elliptical curve Diffie-Hellman crypto, which cryptographers believe is much harder to break. The remaining versions use keys that are presumed to be weaker."

Re:Other than a few uber nerds

[BitZtream]

Why are you using Tor for online banking? They already know who you are.

Everything you've listed as being private except online banking doesn't belong on the Internet. If you're hiding your self from your bank, there are so many other fucked up things in your world that continuing to reply is clearly a waste of time.

If you don't want people to know those things, Tor isn't the solution. Not putting it on a public network in the first place is.

Tor is a shitty solution because of ignorant statements by ignorant people like you. If you want privacy, get a clue and act like it.