[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] FBI cracked Tor security
On 19 July 2016 at 08:31, Mirimir <mirimir@xxxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 07/18/2016 07:08 PM, Jon Tullett wrote:
>> On 18 July 2016 at 16:17, Mirimir <mirimir@xxxxxxxxxx> wrote:
>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>> A few years ago, I wrote
>>> <https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me>.
>>
>> Have you updated it to account for subverted VPN providers?
>> Advising people to use VPNs which may have been subject to national
>> security letters is arguably bad.
>
> Which VPNs have received NSLs?
I take it that's a no, then?
Point being, not only do we now know which operators have received
letters, we _can't_ know. The first rule of NSL club is you don't talk
about NSL club. I have yet to see much evidence that warrant canaries
help. And that's not the only risk; operators can be coerced, hacked,
suborned, or otherwise compromised. Belgacom, for example.
We mitigate that by layering services, but that's back to the question
of how complex an environment suits your risk profile. Not everyone
has the same nut; not everyone needs the same size hammer.
-J
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk