>(here, there's a subtext that Tor actually made NSA's job easier)
I'm not sure how you reached that conclusion.
The slides mention that Tor is:
* Very difficult to identify on the network-level, since Tor-tls traffic is indistinguishable from Apache-tls traffic as of 2011
* Impossible to fully deanonymize
* Only exploitable via a handful of browser exploits.
Further, later in the "Tor is the King" slide deck, there's this rather glowing endorsement of the TAILS livecd:
"Tails... adds severe misery to CNE equation."
...which is what you'd expect, given that TAILS is entirely ephemeral, and so all of their callbacks and APT-style attacks are useless against it.
I had previously considered TAILS a rather "amateur" system myself, because of the glut of livecds bundling Tor. But it turns out they're actually adding severe(!) misery to the NSA's exploitation team! I'm downloading the TAILS cd now so I can switch over to using it in a VM rather than running Tor Browser Bundle on my own machine.
Will tails still only use ram and no disk within a vm? If not, you'll just have a slightly better tor browser bundle (plus other features) right? I always thought the "ram only" portion of tails was one of the biggest anonymity wins.
Even TAILS worries me slightly. Why? Homogeneity. The same thing that makes a freshly booted TAILS "clean" and exactly the same as any other freshly booted TAILS also means that it's a "known quantity" to an attacker.
A lot of obscure vulnerabilities that would normally require a "perfect storm" to be used together to compromise a system are much easier to construct once you know a lot about the target system. And it would be well worth the time for an attacker to develop an exploit that would work against all TAILS users.
In the same way the Firefox heap spraying attack was specifically targeted against users of the Tor Browser Bundle. There, homogeneity was a large part of victims' downfall. TAILS is arguably many times more homogeneous.
ASLR and related technologies are a (very very basic) start but we may not have better answers to things like this until we have the likes of binary diversity as described in http://lwn.net/Articles/565113/ being usable (Even then, a final binary compilation stage would need to be taken by an application user before use).
Edit: and yes, you don't need to point out that the TBB vulnerability did heap spraying in Firefox's JIT and so binary diversity would probably have been minimally effective.
Not just diskless, but somehow incapable of flashing the BIOS, rewriting the CPU microcode, and loading new firmware into the NICs and other peripherals.
CPU microcode is volatile. BIOS flash used to be jumper protected on old PCs, and many NICS you could remove the flash if you didnt want them to be bootable.
Used to have some machines with zip flash sockets you could remove while the machine was running (useful for flashing linuxbios aka coreboot in the old days).
You can get various flash types with read only switches, though whether these can actually stop writes I dont know. Optical drives are harder to get now, but old computers are widely available I suppose, and less traceable.
I'm not sure how you reached that conclusion.
The slides mention that Tor is:
* Very difficult to identify on the network-level, since Tor-tls traffic is indistinguishable from Apache-tls traffic as of 2011
* Impossible to fully deanonymize
* Only exploitable via a handful of browser exploits.
Further, later in the "Tor is the King" slide deck, there's this rather glowing endorsement of the TAILS livecd:
"Tails... adds severe misery to CNE equation."
...which is what you'd expect, given that TAILS is entirely ephemeral, and so all of their callbacks and APT-style attacks are useless against it.
I had previously considered TAILS a rather "amateur" system myself, because of the glut of livecds bundling Tor. But it turns out they're actually adding severe(!) misery to the NSA's exploitation team! I'm downloading the TAILS cd now so I can switch over to using it in a VM rather than running Tor Browser Bundle on my own machine.