[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum



On Tue, Oct 11, 2011 at 12:48:53PM +0100, Julian Yon wrote:

> I think you missed the point Jeroen was making there. If Mallory
> *really* wants to compromise your server, there will be a level of
> security beyond which a gun to your children's heads is the most

I think he missed my point: there is a wide spread in threat
scenarios and capabilities. What we care most is preventing
easy, undetectable and hence scalable information vacuuming 
by way of forcing cloud operators to provide convenient access 
APIs. This is what dominates the volume.

None such are available at the co-lo hosting own hardware or
freedom boxes on home broadband. Sure Shabak ninjas could 
abseil through the skylights, garotte the cat and compromise 
my NIC, but if I'm worried about these I shouldn't be relying 
on Tor, anyway.

> cost-effective attack. In most people's threat models, they'd rather
> take their chances with compromised data than with their kids' lives. In
> such a model, making the server too secure can itself be a risk.

This is not the threat model we're looking for. Move along.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk