Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |
------------------------------------------+--------------------------

Comment (by ioerror):

 Replying to [comment:77 cypherpunks]:
 > Replying to [ticket:18361 ioerror]:
 > > they collude with larger surveillance companies (like Google)
 >
 > Should we assume you do too?
 >
 > appelbaum.net.                3600    IN      MX      10
 ASPMX3.GOOGLEMAIL.COM.
 > appelbaum.net.                3600    IN      MX      1
 ASPMX.L.GOOGLE.COM.
 > appelbaum.net.                3600    IN      MX      5
 ALT1.ASPMX.L.GOOGLE.COM.
 > appelbaum.net.                3600    IN      MX      5
 ALT2.ASPMX.L.GOOGLE.COM.
 > appelbaum.net.                3600    IN      MX      10
 ASPMX2.GOOGLEMAIL.COM.

 Yes, you should assume that the internet is unsafe unless you take care to
 protect yourself. If you email me, you should assume that the FBI and
 other parties will read your email - they do not respect the US
 Constitution and they have been politically persecuting people involved
 with the Tor Project, WikiLeaks and other groups. Obviously, yes, that
 includes me. If you email me - you should take extra precautions - one of
 which is to ask me for another email address and to use end to end
 encryption.

 I'm involved with fighting the DoJ in a protracted legal struggle. Google
 has been suing them on my behalf because I chose to park my domain there.
 I made that choice for exactly that reason - millions of dollars of legal
 support from some of the best lawyers on earth with an aligned interest.
 You'll note, I don't offer you service for that domain name and you'll
 also note that I talk about this strategy in public. I've even confronted
 the FBI about it in public and there is video evidence of that discussion.
 As a result of my choice, I've received an unknown amount of free legal
 defense in (effectively secret) courts fighting under seal. Every time we
 win or lose, Google has been working to unseal it and tell us how the
 world actually works. I don't have any privacy with email anyway, so I
 have chosen to make that worthwhile in a way that benefits everyone in the
 short, medium and longer term.

 I understand the problems in this space very well and I am fighting it on
 every front available to me. CF is another terrain of struggle and it
 impacts people more than that specific domain name which is largely
 limited to my own personal privacy for that given address.

 My concern about Google is not that people should not be free to use their
 services - it is that CF *colludes* with Google when a user has not at all
 consented. How many server operators know that the CAPTCHA is hosted by
 Google, when they use CF for "protection" services? All of them? None of
 them? Did anyone get a choice? Tor users certainly did not get a choice
 when they are automatically flagged based on an IP reputation system and
 then redirected to Google.

 So sure - you can say that I'm colluding as long as you also consider that
 CloudFlare is as well. You can't say that Tor is colluding from any of
 this discussion. My *personal* collusion is part of a larger strategy to
 improve things for everyone and it only harms me, when I fail. So which
 collision matters to Tor users and in what way? I'd guess CF's collusion
 with Google is a much larger problem and if I'm wrong in my personal
 choices, I anticipate no fallout for you. If CF merely continues as it
 stands, we will continue to see a GAA for nearly the entire internet with
 data shared between CF and Google about people who deeply care about their
 privacy and anonymity.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:78>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs