On 6/29/2014 1:22 AM, Roger Dingledine wrote:
I'm not addressing whether Tor or anything else, or the people involved are good, bad, bullet proof or riddled with holes. Simply pointing out what was widely believed / accepted as fact - before & after Snowden.On Sat, Jun 28, 2014 at 09:38:05PM +0000, williamwinkle@xxxxxxxxxxxxxxx wrote:I don't understand what Schneier means by this: "After identifying an individual Tor user on the internet, the NSA uses its network of secret internet servers to redirect those users to another set of secret internet servers, with the codename FoxAcid, to infect the user's computer."/Right. This is why Bruce's choice of phrase "identifying an individual Tor user" is a poor one. Probably the better phrase would be "seeing a flow on the Internet that they decide they'd like to attack"./ /One of the big issues I'm still unhappy about is that they say they never attack Americans, yet something like 13% of Tor users are coming from America, and if you attack 1000 Tor users, statistically you can't really say that you've never attacked an American./
Most of what you & others (mentioning same points) about the last 2 paragraphs is true. Even some of what various gov'ts say may be true - to a point (the U.S. isn't the only one involved) . But, the *exact* wording of laws, contracts & lies... uh..., speaking points of politicians is critical. ~ /"They have never attacked / used any gathered email or electronic communication against [fill in country name here]."/
Maybe *they* haven't directly used any gathered data against citizens (which before Snowden, or B.S., they absolutely denied before Congress, any gathering of data on general population, at all). But that wording, or the questions asked of them, doesn't seem to preclude them giving the data to "someone" else, who then might use it. Nor rule out retaining the data, for future use.
Or... perhaps everyone should immediately ignore anything they say, if it's assumed that, if... they (any gov't agency) _*told bald faced lies before_ to the public & respective countries' legislative bodies,* about them violating the Constitution & numerous laws (at least, in the U.S.), then they certainly *might* lie again... & again... Which scenario is more likely?
And just assume, based on past behavior, that anything they say, whether under oath or not, is worthless & meaningless. That's why James Bond was called a *"secret agent," * not a "full public disclosure agent."
Based on the secretive operation & capabilities of various gov't agencies (by design), is it even reasonable to say w/ any certainty, that they are likely only monitoring the exit traffic? That in some fashion, they don't have the ability to monitor "enough" entering / exiting Tor traffic, that they can't identify one person at both ends? Not that they're interested in "average" users./And as some of the other posts in this thread explain, one of the main features of Tor is to make it hard for you to decide *which* Tor user you're looking at, if you only see the flow coming out of the exit relay./
Not that they may NOT be able to do this (yet). But based on revelations in Snowden's documents, of mind-blowing operations, abilities that are 30+ yrs ahead of industry or the public AND staggering monies spent, that a real possibility exists that almost nothing developed by humans is out of their reach - by any one of many methods, including bribery?
All of that - & more - is exactly what the Snowden documents showed, at least for _what those documents covered_.
How can it be ruled out of the realm of realistic possibility, that very likely the Snowden's documents revealed only a fraction of what the U.S. (& probably other gov'ts) are doing or their capabilities (or what may soon be a capability)?
Those documents showed, that much of what some persons had believed (who were previously labeled as serious conspiracy nuts) about many countries' gov't programs & capabilities, which had always been written off by the general public as futuristic science fiction, *was indeed true. *
There is no arguing with that one fact. What ELSE the "gov't" can / can't do, or may soon be able to do, that the documents don't cover (given their budget is astronomical), is another topic.
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk