[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor Project - FOIA revelation ?

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Tor Project - FOIA revelation ?
From: Wanderingnet <wanderingnet@xxxxxxxxxxxxxx>
Date: Sun, 18 Mar 2018 07:24:22 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 18 Mar 2018 07:24:57 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=default; t=1521372275; bh=I0XCLro582cLeOqykKehVW/aOV8atl+YiJclzRfgQXo=; h=Date:To:From:Reply-To:Subject:In-Reply-To:References:Feedback-ID: From; b=L+TmTJ36X4xlZDvfLT2GaTt6RrutzBup5gahv0S5kvMX1ouy9LqP/HFTnZU/4YU1M NWAuws0qIvu87HGdtCCOse2n74i9pIVtbPQ6aOnEVShAOA01pVScTOZ3fks/6Q1zup B32CMsB3aZA7JyhWRbxRI5KkOUGdzkdqsCuESpsk=
Feedback-id: E2nGkGzloClDhaZhaeRa_5ZiCYuuSbDpsPt7e_hD8IeEnSoBYruNcO3LB2rTAt2KI9LpNzBVqbIaLK1HrTKwdw==:Ext:ProtonMail
In-reply-to: <j_n-MzOB6RNP2zQHVX3FIIAO5gDSfRAdAbJLjJTkp4U4AASaNtWGcSePDvrSvXTBXpRgKtmaIL9Jp7XUqB5L2JH-Ev3RI1IlZ9hr-22zM_A=@protonmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAJXMFhF1VMVeqNSw+AbP-C6j48+b1KW3tJY5snTgDX-n0oBhKg@mail.gmail.com> <20180302153530.GP8923@csail.mit.edu> <j_n-MzOB6RNP2zQHVX3FIIAO5gDSfRAdAbJLjJTkp4U4AASaNtWGcSePDvrSvXTBXpRgKtmaIL9Jp7XUqB5L2JH-Ev3RI1IlZ9hr-22zM_A=@protonmail.com>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

True, private commercial and corporate funding may indeed be no better; and in fact, one bugbear is precisely the extreme emphasis of state erosion of privacy in press to the neglect of private interest. Nonetheless, commercial systems are largely regarded as a lesser threat in adversarial terms (though this may be misleading). The reality is largely both, often in collaboration. 
The state participation, with TOR openly touting its usage by military and law enforcement, also raises the impetus for nation state control of the technology; the implication is that anyone going online with Tor, for one, is facing a system where world powers are vying for control, rather than merely petty criminals, the darker side of the net et al, who are always the top of the bill in dumb renditions of the dangers of the online world. 
Ideally, of course, all this would be crowd funded by its users. GRSec complained of its implementation by free users (particularly among the Debian community, I think) only to drop its free software availability, depriving the Linux community of one kernal hardening method (for those who can be bothered to work this hard - a note I add feeling an ideal OS should be available anyway - I would pay to see it developed GNU). SELinux, linked to the NSA, is left. 
My feeling is that an ideal Linux security OS is sorely lacking, astonishing given its prolific permutations, and that TOR itself remains troubled for all the reasons I have cited: implementation, the war for exit nodes and their risks, and what appear to be a failure of secured DNS, judging from the 'poisoned DNS' impression made by online feedback. I rarely bother to fire up Tor now when using the net due to being unsure of its definite security value. 

Sent from ProtonMail, Swiss-based encrypted email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

On March 2, 2018 6:03 PM, Wanderingnet <wanderingnet@xxxxxxxxxxxxxx> wrote:

> 
> 
> Funny that the likes of TAILS sneer at, say, Linux Security because of its links to the NSA, but build an entire OS around tor, 100% government funded. The world of online security is a funny thing in this regard, much like the nasty relationship between private media interests, party political govnerment, law enforcement, et al, the latter a web of deceits and false alternatives.
> 
> Sent from ProtonMail, Swiss-based encrypted email.
> 
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> 
> On March 2, 2018 3:35 PM, Jonathan Proulx jon@xxxxxxxxxxxxx wrote:
> 
> > On Fri, Mar 02, 2018 at 04:18:32PM +0100, J B wrote:
> > 
> > :https://www.zerohedge.com/news/2018-03-02/tor-project-almost-100-funded-us-government-report
> > 
> > FFS this is not news it is well know and established that TOR was a US
> > 
> > research project largely between US NRL (naval research lab) and MIT:
> > 
> > https://en.wikipedia.org/wiki/Tor_(anonymity_network)#History
> > 
> > https://www.torproject.org/about/sponsors.html.en
> > 
> > Also most research funding in the US at the time was through Defence
> > 
> > budgets. That may still be the case but the size and importance of
> > 
> > private corporate funding has been increasing (not sure that's morally
> > 
> > "better").
> > 
> > If you read anything about TOR it is clearly dual (or poly) use with
> > 
> > many conflicting even adversarial user groups BY DESIGN.
> > 
> > This is why Open Source works looks at it have lots of people look at
> > 
> > it, if anyone finds a back door or weak spot then we can talk about
> > 
> > vast conspiracies but honestly any privacy service would be an NSA
> > 
> > target (and foreign equivalents), public code review isn't perfect
> > 
> > things can be hidden or missed but it's the best you've got.
> > 
> > Do you think governments don't infiltrate "grass roots" orgnaizations
> > 
> > or something? The NSA can submit code to any opensource project
> > 
> > without revealing they are the source. Closed source is worse because
> > 
> > you'll never see and honestly any product could be wholly the work of
> > 
> > an intelligence agency front company.
> > 
> > Be suspicious as you like but there's never been a secret about who
> > 
> > started and funded this.
> > 
> > -Jon
> > 
> > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > 
> > To unsubscribe or change other settings go to
> > 
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor Project - FOIA revelation ?
  - From: J B
- Re: [tor-talk] Tor Project - FOIA revelation ?
  - From: Jonathan Proulx
- Re: [tor-talk] Tor Project - FOIA revelation ?
  - From: Wanderingnet

Prev by Author: Re: [tor-talk] obfs4proxy and ports < 1024
Next by Author: Re: [tor-talk] Intercept: NSA MONKEYROCKET: Cryptocurrency / AnonBrowser Service - Full Take Tracking Users, Trojan SW
Previous by thread: Re: [tor-talk] Tor Project - FOIA revelation ?
Next by thread: Re: [tor-talk] Tor Project - FOIA revelation ?
Index(es):
- Author
- Thread