[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Building tracking system to nab Tor pedophiles



On 3/6/07, Roger Dingledine <arma@xxxxxxx> wrote:
...
So the moral of the story appears to be turn the plugins off, period.
The broader moral is: don't run code from strangers on your computer. The
even broader moral would be to lament that we're still not using SSL on
most Internet interactions.

the depths of just how badly security in general sucks well captured.

at least some areas of the technology landscape are showing signs of
improvement.  bitfrost and mac(with parrallels?).

otherwise, the capriciousness of users encouraged by the inherent
architectural vulnerabilities sold in mass quantity by vendors more
concerned with profit and appearance than customer vulnerabilities
ensures lots of targets...
 i need a drink...   *g*


And maybe the fourth is that we (somebody
here) should work on easy instructions for locking down common OS network
interfaces so only Tor communications can get through. Or Tor LiveCDs
that have that already done. Or VM images that can be run as routers
between your computer and the Internet.

ah, at least this can be worked on in a straightforward fashion. (unlike transnational market forces with lots of momentum :)

and even various combinations of the above for additional
compartmentalization without excessive overhead.  some relevant links:

http://virt.kernelnewbies.org/TechComparison

http://wiki.laptop.org/go/Bitfrost


(btw: if anyone has some bandwidth they would like to donate for janusvm dev torrents please email me so i can contact you for early seeding...)