Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,690 --> 00:00:08,100
These aren't concluding thoughts on tour and then some mitigations to reduce the risk where your adversary
2
00:00:08,100 --> 00:00:10,270
has little resources.
3
00:00:10,500 --> 00:00:17,830
All the consequences all low torments your ISP or local network from knowing what sites you visit to
4
00:00:17,920 --> 00:00:23,840
or prevents a site you visited from knowing who you are unless you tell them in some way.
5
00:00:23,970 --> 00:00:29,620
And Tor prevents corporate tracking and it helps to evade censorship.
6
00:00:29,660 --> 00:00:34,900
But world intelligence agencies have declared war on toll.
7
00:00:34,920 --> 00:00:40,000
They are concerned about what they cannot see what you are doing and why.
8
00:00:40,120 --> 00:00:48,100
Tor is arguably the best anonymizing network but it's far from perfect and under constant attack to
9
00:00:48,100 --> 00:00:52,950
deal anonymize the uses against a well resourced adversary.
10
00:00:52,950 --> 00:01:00,240
Staying anonymous is extremely difficult even with Tor because of the fundamental nature of the Internet
11
00:01:00,240 --> 00:01:00,590
.
12
00:01:00,600 --> 00:01:07,230
If you think you are specifically targeted by well-resourced adversary with international reach or visit
13
00:01:07,230 --> 00:01:14,580
locations that might be targeted and the consequences are high toll should not be relied upon to anonymize
14
00:01:14,580 --> 00:01:15,300
you.
15
00:01:15,330 --> 00:01:21,570
The biggest weaknesses as I see it number one is not maintaining good OPSEC.
16
00:01:21,570 --> 00:01:24,270
You are likely to make human errors.
17
00:01:24,270 --> 00:01:27,280
This will always be your biggest weakness.
18
00:01:27,370 --> 00:01:34,850
All the big concerns for Tor traffic co-relation and civil attacks attacks against the browser.
19
00:01:34,920 --> 00:01:42,870
As I said that's a concern and also attacks against the host operating system which is a soft target
20
00:01:42,870 --> 00:01:43,250
.
21
00:01:43,290 --> 00:01:50,400
You can mitigate and reduce the possibility of a well-resourced or nonwork resource adversary from de
22
00:01:50,400 --> 00:01:55,370
anonymising you and here are my recommended security controls.
23
00:01:55,530 --> 00:01:59,550
First as mentioned get a control of your OPSEC.
24
00:01:59,550 --> 00:02:01,240
This is priority one.
25
00:02:01,260 --> 00:02:06,240
Review the OPSEC section and make any needed changes.
26
00:02:06,240 --> 00:02:14,730
Use isolation compartmentalisation to reduce the impact and possibility of browser exploits being successful
27
00:02:14,730 --> 00:02:14,870
.
28
00:02:14,880 --> 00:02:20,160
You can use hardened virtual machines physical isolations sandboxes and so on.
29
00:02:20,160 --> 00:02:23,240
Never install it or browse when your main operating system.
30
00:02:23,250 --> 00:02:24,990
If the consequences are high.
31
00:02:24,990 --> 00:02:28,470
See the section on isolation compartmentalisation.
32
00:02:28,620 --> 00:02:32,950
More information on how to do that with the Tor browser.
33
00:02:33,120 --> 00:02:38,090
Take extra steps to not maintain history through non-persistent.
34
00:02:38,160 --> 00:02:44,520
You can get this through options such as live operating systems like tails and VM snapshots and you
35
00:02:44,520 --> 00:02:50,130
can further mitigate with things like special deletion like secure deletion and whole disk encryption
36
00:02:50,130 --> 00:02:50,200
.
37
00:02:50,220 --> 00:02:53,470
A number of sections cover this on the course.
38
00:02:53,520 --> 00:02:59,010
Always use it or browse with high security settings and don't add extensions.
39
00:02:59,010 --> 00:03:06,450
Consider using Unix or tails in the ways I have recommended in those sections and you could also consider
40
00:03:06,540 --> 00:03:14,730
using multiple chained anonymising systems and offsite connections to help reduce the risk from some
41
00:03:14,730 --> 00:03:17,010
types of DNA on amaizing attacks.
42
00:03:17,010 --> 00:03:20,680
Now see those sections on how to do that but warning.
43
00:03:20,700 --> 00:03:23,500
Doing that wrong could put you more at risk.
44
00:03:23,520 --> 00:03:29,880
Apply all of the other security controls detail through out the course as is relevant to your situation
45
00:03:29,880 --> 00:03:30,490
.
46
00:03:30,510 --> 00:03:36,780
Assume all locations you visit are in the control of your adversary and mitigate appropriately.
47
00:03:36,780 --> 00:03:43,200
Assume the network you traverse is in the control of your adversary and mitigate appropriately.
48
00:03:43,200 --> 00:03:51,330
Assume your adversary has a zero day remote code browser exploits mitigate appropriately and assume
49
00:03:51,450 --> 00:03:58,860
an active traffic confirmation and Sibyl attack while you are using Tor and mitigate appropriately as
50
00:03:58,860 --> 00:04:00,300
just described.
51
00:04:00,660 --> 00:04:08,760
I recommend periodically checking the Tor Project blog for status updates and also check toll client
52
00:04:08,790 --> 00:04:10,220
and relay accounts.
53
00:04:10,230 --> 00:04:12,710
Make sure they look normal.
54
00:04:12,720 --> 00:04:21,420
I also recommend reading the whole design documents which are here so that Tor witnesses and the recommended
55
00:04:21,420 --> 00:04:25,290
security controls to help mitigate against those weaknesses.
56
00:04:25,290 --> 00:04:30,830
I hope that helps you in using Tor and what you can do to reduce your risk
6027
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.