[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Iran cracks down on web dissident technology
On 3/21/2011 2:39 PM, Paul Syverson wrote:
I appreciate your comments & the work of all involved w/ Tor. I read
the papers you linked, though I've seen most of the material in various
On Mon, Mar 21, 2011 at 02:06:04PM -0500, Joe Btfsplk wrote:
Last comments for a while. (All I have time for, sorry.) I'm just
going to respond to specific issues about system threats and the
Perhaps you should, because at least one govt seems to be steering the
boat. Therein lies the problem (not you, specifically). My comments &
MAINLY questions, weren't about typical or even very sophisticated
adversaries. They concern WHY any govt would continue funding an
anonymous communication project that in today's world, very real enemies
can use against said govt, in a very real way, if the govt has no way to
monitor it? One should ask, "Why would they do that?" It doesn't make
sense unless there's more to the story. Also, in terms of adversaries
against something like Tor, any advanced, well funded govt dwarfs the
most sophisticated adversaries. Many govts have unimaginable technology
& resources as well as legal (or not so legal) authority to demand info
(from ISPs, etc.) that no typical adversary would.
I will not join in the speculation about what governments do or why.
The threat models, discussion of thwarting various attacks, safety in
numbers, etc., are all based on assumptions like, 1) the adversaries
don't have unlimited time, resources & $. That assumption is out the
window if an adversary is a large govt.
2) The adversary doesn't have access to (some) info going IN and OUT of
a network like Tor. Not valid for a govt. They can get what they want
from ISPs - and have. The info may be encrypted going in, but they can
see you're accessing a Tor node. A large govt could ALSO monitor every
single exit node (& may).
There's NO comparison between people looking at open code, universities
or organizations doing small studies on flaws in Tor, etc., and
capabilities of a large, advanced govt. So please, I'm not talking
about how many people or universities look at Tor.
Advanced govts no doubt have incredible technology regarding breaking
encryption. Not a typical adversary. Since Tor was developed BY a
govt, and since many talk about one of its greatest values is to allow
people in "repressed" societies to communicate freely, the adversary
those users need to be most concerned about, is probably the one MOST
likely to breach Tor's anonymity. I doubt most people think Tor's main
purpose is to hide communication between two cheating spouses.
A govt helped develop Tor for SPECIFIC reasons (we probably don't know
all of them) & still funds it. Then for users around the world counting
on Tor for protection from their govts, the govts would have to be
considered as one of the main adversaries to Tor. Either the US is
really dumb for developing a system, perfect for enemies to use against
them (kinda doubt that) or there's more to the story.
I don't pretend to know the answers, but know when to ask questions.
For all I know, the US wants the enemy to use Tor for plotting, thinking
they're anonymous, when they're not. No one's answering my specific
questions, possibly because if they knew them, they'd be in top level
govt positions, sworn to secrecy. For those doubting any of this has
any merit, are you still waiting for them to find WMDs in Iraq?
tor-talk mailing list