Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

To: or-talk@xxxxxxxxxxxxx

Subject: Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

From: Kyle Williams <kyle.kwilliams@xxxxxxxxx>

Date: Wed, 27 Oct 2010 16:49:47 -0700

Delivered-to: archiver@xxxxxxxx

Delivered-to: or-talk-outgoing@xxxxxxxx

Delivered-to: or-talk@xxxxxxxx

Delivery-date: Wed, 27 Oct 2010 19:49:56 -0400

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=+5ULK39fz0N9pFFRnINAhEqMTlGBBfGqpoxhYqee9Hg=; b=KTBuwv4jLKhYlrAR1k9TEDNzdhuPMpIQjPu3AeISUyYZdFyADT10sxhvHJhx3dAB3m bVO5r4GNJuIgMe+bivALwySki7lRUEnCfz83CCRRNyLx6jxQVVp1TwzltQlBEO3++lkq IT0aUQiSSagb7TNR4ZXYtj80tsVPzSTsx75/s=

Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=VrX1S6Q2OjH+ksQmYPuuT0BG1Prad7x3HKcpcE4xwvmA5cuj7CBgt3ekmK1J6EqJTr 9qWJlstJVdpJZjgElsb/6sJkSLqMkrg73K31F2iC6wdIItdgctf2fCNIzsjSXmNxVdtl 5PbVEDGwU4yLU57HK5B8BhZeAUxSiYCr7Lg50=

In-reply-to: <CE867B1C-88E9-48CF-9FF2-E9DAED999A49@xxxxxxxxxxxxxxxxx>

References: <4CC86D16.2000509@xxxxxxxxx> <CE867B1C-88E9-48CF-9FF2-E9DAED999A49@xxxxxxxxxxxxxxxxx>

Reply-to: or-talk@xxxxxxxxxxxxx

Sender: owner-or-talk@xxxxxxxxxxxxx

On Wed, Oct 27, 2010 at 11:50 AM, Sebastian Hahn <mail@xxxxxxxxxxxxxxxxx> wrote:

On Oct 27, 2010, at 8:19 PM, Matthew wrote:

Hello,

There is a “Hints and Tips for Whistleblowers Guide” available at http://ht4w.co.uk/.

The section on proxies includes Tor-related information which I fail to understand:

"You may actually get more anonymity when using the Tor cloud by not using the https:// version of a web page (if there is an alternative, unencrypted version available), since all the Tor traffic is encrypted anyway between your PC and the final exit node in the Tor cloud, which will probably not be physically in the United Kingdom."

---I have no idea what this means. I thought the whole point of using https:// was to prevent Tor exit nodes from snooping and / or potentially injecting content.

"This applies especially to websites like the reasonably anonymous whistleblowing website wikileaks.org (based in Sweden) , which offer both http://, https:/and Tor Hidden Service methods of uploading whistleblower leak documents, but who tend to, mistakenly, insist on using https:// encryption for when someone comments on their wiki discussion pages. When (not if) the wikileaks.org servers, or a blog or a discussion forum like the activist news site Indymedia UK are physically seized (this happened to IndyMedia UK at least 3 times now) , this may, in some circumstances, betray the real IP addresses of commentators with inside knowledge of a whistleblower leak i.e. suspects for a leak investigation."

-----How on earth can it be “mistaken” to insist on using https:// encryption? Why would using https:// "betray the real IP addresses"

Hi,

Wow. This is really dangerous misinformation, and I'm wondering what
kind of person would give such intentionally harmful advice, marketing
it at whistleblowers. Tor explicitly recommends using https wherever
possible, whether you are using Tor or not. You're right to be
suspicious of their advice. Attacking wikileaks for forcing the use of
https is also just ridiculous.

Sebastian***********************************************************************

To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/

The person(s) who wrote that article appear to not have a full understanding of Tor, or security for that matter.

We all know that HTTPS is preferred to regular HTTP.