[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Escape NSA just to enter commercial surveillance?



any garden variety proxy achieves the same result.

No, it does not.

Yes it does, unless the proxy server 'shares' information with
facebook.

But the pictures a little greater than "hiding something from
facebook" - it's about hiding the fact that you're visiting
that specific service in order to circumvent e.g. filters that
try to block that.

I have the feeling that the word "Facebook" triggers some sort
of "bite reflex" in this discussion - you can insert
$any_commercial_service_or_website instead.

And clear-name-policies or whatever do not change the fact that
you may use $service using a nym and you're fully in charge of
what information about your true identity you reveal.

A proxy might hide your location from $service-operator, but it
has this information at hand. Such proxy services make their money
with your privacy, but you don't have a guarantee that they won't
give away this information. Tor is about distributing parts of the
trust to multiple instances so each one of them needs to be trusted
less in the end. Proxies put the all the power to a single point.


facebook doesn't have yet an army or global 'jurisdiction'...
now if you're talking about the criminals known as the 'US
government'(who fund tor) that's of course a different story.

I did indeed talk about them, you're right. Sorry for mentioning
that specifically, thought processes often mess up written text :-)


Also, a proxy may be compromised.

whereas tor is magically protected from compromise.

Indeed not, but it's much harder to compromise a chain instead
of a single instance like a proxy. That's why I described
"which part of a circuit knows what" again - I didn't do that
to imply that you're now aware of that, I wanted to support my
stance that it _seems to me_ it's a better approach to distribute
the trust-load to more than one entity.

I know all that. My point is that so onion routing isn't really
needed if all you want it to hide your location from facebook
or even from anybody else who can't threat to murder proxy
operators like the US government(who fund tor) does.

Fair enough.

It's dangerous to hint people to use proxies
in order to get their locations hidden

Ah yes. They are not magical like tor.

There's no reason to get cynical. After all this is not a
"my toy is better than yours" thing but an open debate where I
personally enjoy to learn about your point of view and therefore
get a bigger picture. I don't want to pick on your point of view,
it's just about having an argument where we bring in pros and cons,
there is no winner and no loser if we do it right, I hope we're
both clear on that :)

But to join in anyway: No magic involved. It's just another trust
model in my opinion. It may not be perfect, but my personal opinion
based on my experience is that proxy services have their own range
of application that might be a little different from Tors.


And of course it is not dangerous to promote tor, a system
creted and controlled by the US military.

As long as it is transparent and works the way it should - aye.
Many protocols and technologies we use while we do our
everyday business on the internet are military- or gov. driven
or at least were initially created or funded that way.

I'm not a big fan of that either, .. but I'm lacking of alternatives
that can keep up with that. Many scientific papers and a lot of research
by scientists from all around the world went into Tor as it is today and
this is continuing so far. As a full time IT security researcher, this
adds to my trust in Tor, but that may be a personal thing and must not apply
to anybody else though :-)

Once again, I'm enjoying the discussion as long as it adds value to
both sides, I hope thats also the case for you :)

- Daniel
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk