[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hacker strikes through student's router

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Hacker strikes through student's router
From: "loki tiwaz" <loki_tiwaz@xxxxxxxxxxx>
Date: Fri, 11 Nov 2005 10:17:02 +0000
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Fri, 11 Nov 2005 05:17:09 -0500
In-reply-to: <71cd4dd90511100330r1cea4bf3q4525265f2f3d9a80@mail.gmail.com>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

the hammer analogy is perfectly apt imho. you normally would use a hammer to bash nails in to wood to build a wide variety of things, but you could also use a hammer to break a lock or kill someone or smash a window. in terms of the virtual world, you can use an internet access system (whether direct or proxied) to do things on the internet, and you can use them to do bad things too.

the problem is not the tool, the problem is the user. considering the degree of privacy violation being perpetrated by malicious entities on the internet (advertisers, script kiddies, identity thieves, phishers) there really does need to be measures to counteract this invasion of privacy. it is not going to stop cybercrime to outlaw one anonymising system, but it is going to damage the rights of good people to outlaw an accessible anonymising system.

weigh up the costs and benefits and if your goal is to stop malicious internet use you are barely even going to knock a chip out of the side of it by banning tor. tor is not exactly invulnerable to tracing, for one thing, there is only maybe at most 10000 clients on the internet and 300 nodes. while it makes it harder, it certainly isn't impossible for an internet infrastructure system administration to at least establish who on their networks are using it. this could then enable them to start up traffic analysis scanning to figure out who amongst the tor users is looping back into the network. the onus of security maintenance, will always lie on the operators of the services. it is facile, for example, to set up blocking of tor to services which should not be used anonymously anyway, such as internal authentication systems and email services, but permit tor use otherwise.

anyone who thinks that banning tor will achieve anything in the war against malicious use of the internet has no imagination or capacity for logic in my humble opinion. taking a black and white view of tor use will only harm other tor users whose intentions and actions warrant no such treatment.

when i was in school, when the teacher could not identify a wrongdoer, to make the whole group suffer for the actions of one did nothing but increase the amount of bad behavior perpetrated by the less scrupulous of the group. the same thing will happen here if it is allowed to happen.

i believe that this issue will eventually glom into the general mess of anonymising systems, tor is just the flavour of the month due to its novelty.

From: Anthony DiPierro <or@xxxxxxxxx>
Reply-To: or-talk@xxxxxxxxxxxxx
To: or-talk@xxxxxxxxxxxxx
Subject: Re: Hacker strikes through student's router
Date: Thu, 10 Nov 2005 06:30:25 -0500
On 11/9/05, George W. Maschke <maschke@xxxxxxxxx> wrote:
>
> How is the anonymity provided by Tor any more subject to abuse than,
> say, the anonymity afforded by companies and institutions that offer
> WiFi hotspots? Or Internet cafes? Or public libraries?
>
Well, Tor is more accessible to more people. Tor lets you use your own software, not whatever happens to be loaded on the public computer (answer to 2 and 3 anyway). And the difficulty of tracking people using Tor is much higher than tracking people using these other providers, because at least the other providers give you a location. Along those same lines, the examples you give are more limited. You could easily set up a bot to use all Tor nodes at once. It'd be a lot harder to do that with all wifi hotspots, or internet cafes, or public libraries.
On top of all that, there are probably protections put in place at most of
these places. Firewalls and proxies, with every access being logged in case
there's a problem. And finally, to the degree that these methods don't
provide this type of accountability, they probably do find themselves being
threatened with lawsuits.
I agree with cyphrpunk for the most part. In the end Tor is going to be widely accepted to the extent that the good outweighs the harm. To say it's just like cyber cafes, or wifi hotspots, or public libraries, or selling hammers - none of these are very good analogies. Of course hooking up a gun to the internet isn't any better, but somewhere between the two lies my view of the situation. (Actually, both the hammer and the gun analogy miss the point that Tor just allows you to do something most users can already do, more anonymously.)

Anthony

_________________________________________________________________ Don't just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/

References:
- Re: Hacker strikes through student's router
  - From: Anthony DiPierro

Prev by Author: Re: Prerelease version of Torpark v1.0
Next by Author: Re: Hacker strikes through student's router
Previous by thread: Re: Hacker strikes through student's router
Next by thread: Re: Re[2]: Prerelease version of Torpark v1.0
Index(es):
- Author
- Thread