[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
From: Eugen Leitl <eugen@xxxxxxxxx>
Date: Tue, 11 Oct 2011 16:42:21 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 11 Oct 2011 10:42:38 -0400
In-reply-to: <4E942D25.1030005@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1318264946.14388.140258153147161@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <4E932657.3090404@xxxxxxxxx> <20111010202713.GC25711@xxxxxxxxx> <4E936185.6040609@xxxxxxxxx> <20111011080706.GF25711@xxxxxxxxx> <4E942D25.1030005@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

On Tue, Oct 11, 2011 at 12:48:53PM +0100, Julian Yon wrote:

> I think you missed the point Jeroen was making there. If Mallory
> *really* wants to compromise your server, there will be a level of
> security beyond which a gun to your children's heads is the most

I think he missed my point: there is a wide spread in threat
scenarios and capabilities. What we care most is preventing
easy, undetectable and hence scalable information vacuuming 
by way of forcing cloud operators to provide convenient access 
APIs. This is what dominates the volume.

None such are available at the co-lo hosting own hardware or
freedom boxes on home broadband. Sure Shabak ninjas could 
abseil through the skylights, garotte the cat and compromise 
my NIC, but if I'm worried about these I shouldn't be relying 
on Tor, anyway.

> cost-effective attack. In most people's threat models, they'd rather
> take their chances with compromised data than with their kids' lives. In
> such a model, making the server too secure can itself be a risk.

This is not the threat model we're looking for. Move along.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
  - From: Jeroen Massar

References:
- [tor-talk] WSJ- Google- Sonic Mr. Applebaum
  - From: Andre Risling
- Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
  - From: Jeroen Massar
- Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
  - From: Eugen Leitl
- Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
  - From: Jeroen Massar
- Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
  - From: Eugen Leitl
- Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
  - From: Julian Yon

Prev by Author: Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
Next by Author: Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
Previous by thread: Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
Next by thread: Re: [tor-talk] WSJ- Google- Sonic Mr. Applebaum
Index(es):
- Author
- Thread