[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Anonymous Publishing Is Dead.

On Sun, Jul 1, 2012, at 14:20, Edward Thompson wrote:
> 2. Email. I signed up for mailoo.org through Tor, I believe. But for all
> practical purposes, you could easily get a disposable e-mail address
> through a Firefox plugin called Bloody Vikings. Otherwise, pretty much
> any web mail will do... just war drive and sign up through the first
> open wi-fi connection you find ;)

Hmm... I already do something like that. And I tell you that most free
providers are a pain to work with. And that includes all the major
players. They are all going to punish you with a long annoying
reidentification which will prove zero security just because you change
location. And they do have the time and computing power just to try to
locate you any other possible way as their business model is tightly
integrated with tracking and selling private data.

Disposable email is good for accessing some resource once. Otherwise is
a pain in the rear.

> 3. Bitcoins. Yes, block chains are not that anonymous, especially
> considering the difficulty of buying them legitimately in the first
> place. How about a coin mixing service like www.bitcoinfog.com? Their
> methodology is very interesting, and it seems like you'd be able to
> 'launder' ordinary coins, bought legitimately through an exchange...
> There are a few other sites like this one:
> http://vzpzbfwsrvhfuzop.onion.to

I spent some time reading about bitcoin. It's a miracle discovery. It's
a proof about non conventional methods being able to compete with the
conventional financial transaction type. But I fail to see the anonimity
side of things. It's so nice. It's sooo geeky. It employs silly terms to
scare the layman like mining. Or worse, it has terms with a clear
equivalent in conventional finance like wallet. My grandma knows she can
watch over her wallet and things would be all right. And if someone
forces her she can go to the police station and declare the theft. Till
version 0.6 there was no protection from theft with BC. Crap concept
with junk application from the point of view of annonimity. Each time
some conspiracy theorist starts making sense I remind myself that people
(programmers are people, aren't they?) are above all stupid followed
closely by lazy. Just take a look at the way FF is developed: in the era
of Facebook developers are doing their best to shed MORE data instead of
patching up the holes. By holes I don't mean Secunia security holes, but
privacy holes.

> 4. Do you really need your own dedicated VPS?! And only in developed
> Western countries? Have you checked out this list of BTC-friendly
> servers:

Actually any service should be checked for its origin or place of doing
business. Always remember the case of Hide My Ass which proved to be
full of Holes if you allow such a gross joke. They weren't keeping logs
till pressured. Than they said everybody is obliged under law to keep
logs. And to prove the indolence of their users: they are still in
business, trapping flies for the government. On the other hand, servers
hosted outside the reach of certain totalitarian governments are blocked
on the crime of spam or copyright infringement. If these were anything
but hassle (see the problems with the free webmail above) yahoo and
google would have offered email only between their users.

> Anyway, my point is that there are ways to acquire BTC, randomised
> enough not to be a concern, after which you can buy all the hosting (and
> related) services your heart desires. And if your threat model
> encompasses an organisation with vast resources, like the NSA for
> example, consider that they haven't yet managed to track down the guys
> running the Silk Road drug site (http://silkroadvb5piz3r.onion)... ;)

Usually this kind of trafic is tolerated because they want to catch a
bigger fish. Sometimes services like that are set up by the
investigating authorities. And some other times they set it up
independently just for the sake of compensating the budget restrictions
(those drones are mighty expensive, mind you).

tor-talk mailing list