[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Why TOR Operators SHOULD always sniff their exit traffic...
No chris I dont think you shall have that information.. AT present
ANYONE can run a tor server and does.. this includes US government
agencies to the best of my knowledge.. as far as what I do for a
really dont have a clue. Come to think of this if EFF is now relying
upon laws to protect anonymity instead of technology and thinking that
evil tor operators will submit their servername for excludenode
inclusion then your organization is NOT giving good anonymity advice.
oh and BTW chris.. your BIO as well as your title says nothing about a
juris doctor(n.b. a law degree) nor do you carry an Esq. suffix on your
name(neither do I but I do have the advantage of having a actually paid
a criminal law specialist for examination of my businesses legal
position in running a server, have YOU??)
suffice to say that you have NO legal training to make the claim my
advice is stupid, and I have run a medium sized ISP as well as a Phone
company with the legal advice I had to pay for, not obtain from someone
who simply has the virtue of posting from an eff.org address and who is
most definitely NOT a lawyer nuff said in the meanwhile chris and the
rest of the tor community that believe evil server operators will
announce themselves will indeed have a few sleepless nights over this
Invisible IRC inside of TOR is one way of further protecting oneself on IRC.
ECPA and related case law is something I am VERY familiar with from the
government investigator viewpoint BTW
I havent given ANYONE legal advice here,only stated how I run my
server(s) and the legal basis on which I perform monitoring of traffic
exiting my property. You may not like it ,too bad, hopefully yours and
others usage patterns of tor and associated software will become mature
so that traffic analysis and monitoring are not a threat to you
personally, but they are done and NOT by myself alone. This is one of
the initial threats we examined when the 2 NRL folks who invented tor
approached myself and lucky at financial crypto in Anguilla to introduce
tor and its inventors to the cypherpunk community.(It was a vastly
different design in those days, solaris based :( and lots of other
gotchas), I tend to implement EVERY attack possible at my node(s) to
know what issues tor still has so I can avoid usage patterns that would
tend to expose my true name as well as advise clients on its
a "possibly evil" tor operator
ps prior to calling someone stupid in public really should know who you
are talking to / calling out other wise one risks making "stoopid" errors.
ps the pgp/cypherpunk/remailer community was not really evolving until
David Sternlight provided LOTS irritation to us and Detweiler and others
thoroughly exploited every weakness the various nym servers and
remailers had to offer.
I hope I can force this group to evolve as fast as the above forced the
cypherpunk community to alter their code and practices for more
anonymity than laws can offer maybe then tor and eff can offer real
resistance to the onrushing faith based police state
..Chris Palmer wrote:
yet another reason sniffing is a GOOD thing for tor operators...
You are not a lawyer, you don't fully understand ECPA or ECPA-related
case law, and you are giving stupid advice. Please stop doing this.
Also, can you please tell me what the nickname of your Tor server is?
I'd like to put it in my ExcludeNodes directive.