A visit to NCFTA

by phobos | July 15, 2009

I recently was invited to give a Tor talk at the National Cyber-Forensics and Training Alliance. Who is NCFTA? They are a non-profit that

brings together local, state, and federal law enforcement, businesses, and academic institutions to functionally collaborate on cybercrime issues.

The Tor talk was given to around 30 people who either investigate or use Tor daily as part of their role at NCFTA. The talk lasted around 2 hours with many questions. A handful of people hung out afterwards while I showed them the internals of Tor Browser Bundle (which circumvented their firewall just fine ;) and the Incognito LiveCD.

All in all, it was a great visit to a bunch of smart people who need Tor to do their job safely.


Please note that the comment area below has been archived.

July 16, 2009


How to make my bridge relay useful? I found my bridge bandwidth usage always 0 KB/s, so want to make it useful, by how? thanks.

July 21, 2009



that's right, firefox 3.5 are (stable) but stay in test and 3.5.1 will come out in a few day...

So better wait to firefox made a final version before use it.

July 28, 2009


I would be more interested in knowing what the Tor Project has learned from the talk.

What do you mean by people who investigate tor.
If its anonymous what are they investigating?

I meant that NCFTA is primarily law enforcement and companies looking to share data about attacks and defenses that worked. They use Tor to do their investigations and to protect their people when doing the investigations.

Also, they investigate Tor to see how it works and what may be left behind on a machine. People will encounter Tor and want to know how it works and what forensic evidence it may leave behind.

I didn't learn anything about the investigations and topics they're working on, if that's what you're asking. I would be very surprised if they did share the details.

The visit reinforced that for all the new fancy technologies around, old fashioned police work continues to be the best way to catch a criminal. The technologies are just tools to help you along.

July 31, 2009


The LEA has broken TOR long time ago.

But they themselfs can still use TOR network to be anonymouse when they go beyond what law allows them to because they controll nodes they use as entry &/or exit node.

law enforcement has not broken tor at all, 99% of them don't even know what an IP address is, nevermind understand encryption. Only in your delusional fantasy world is the NSA, FBI, CIA, FSB, (insert your own fantasy agency) able to break tor or other tools. cybercrime is DOING JUST FINE. WE MAKE BILLIONS a year thanks to the ineptness of the police.

Stop watching movies, step away from the computer, and go to the library to read a book or ten. learn how police work actually is done, learn about forensics (made up science), and exploit it to your advantage. it is so easy to make money as a blackhat it is pathetic. ask your bank what all of those fees are really for, it is not to increase their profits -- it is to cover their losses. you suckers keep paying the banks to let me take money from them by the 7 zeros. idiots, kthxbye

August 03, 2009


Speaking of updating, are we allowed or supposed to update the browser through its update feature? The browser just notified me that there was a new version out.