[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
On Tue, 1 Jul 2014 14:36:08 -0400
Paul Syverson <paul.syverson@xxxxxxxxxxxx> wrote:
>
> People have denied over and over your allegations that Tor was somehow
> designed to be intentionally vulnerable in some way.
Tor is vulnerable to your so called ´global´ adversaries.
That is inherent to tor´s design.
And by the way, ¨global¨ here is of course vague and
misleading. It is just a matter of getting enough traffic.
>They have already
> cited various aspects to the openness of the design, the extensive
> scientific scrutiny to which it has been subject, etc. as evidence of
> this.
I understand that there is no design that can counter traffic
analysis, but that doesnt excuse tor.
Tor is an ´anonimity´ tool that can be easily subverted by any
´adversary´ who collects enough data. That is part and parcel
of the very desing of tor. So, sayig that tor is vulnerable BY
DESIGN is a valid way of putting it.
The trick is, as I previously mentioned, to mention that
limitation...sometimes...and sometimes not.
Yes, yes. You have your papers. No, I doubt those papers are
read by ´ordinary´ tor users.
>It's hard to imagine what would satisfy you at this point but
> perhaps this will help: I designed Tor with Roger and Nick. At all
> times we designed it to be as secure as we could given usability,
> performance, and other practicality goals (which are themselves
> security goals we considered, as has also been widely documented). At
> no point did we intentionally do anything to make the design less
> secure than we could think how to do while still making it as usable
> and practical as possible.
You do realize that given the politics of the US government
your claims are pretty shaky, no ? You are to be oh so
trusted...because you say so? Come on.
Extraordinary claims require extraordinary evidence.
> Nor did anyone ask any of us to do so,
It is a well known fact that the US government can
compel its subjects to brazenly lie on matters of so called
´national security´.
Extensive cooperation between american firms helping the
criminal activities of the US government has been widely
published.
And you want people to believe that you, who are explicitly
working for the US military, have not been influenced by them at
all?
Again, such a very very extraordinary claim requres very
extraordinary proof.
And yet, there is no proof to be seen. Except your words.
> as
> far as I know. My opinion (subject to reasoned _scientific_ debate)
> about why the Tor design is more secure for practical attacks than
> those designed to be putatively more secure against a widescale
> attacker (such as those mentioned above) is sketched in "Why I'm not
> an entropist" 2009. That paper could use some updating and expansion,
> but the basic points hold up I believe.
>
> > Its been 6 days already.
>
> People have day jobs trying to design, build, and analyze systems to
> protect people. I often take way longer than that to respond to
> substantive well-reasoned questions, as do many people with jobs
> and/or lives. Such people also typically expect response times
> proportional to the importance, urgency, and reasonableness of the
> questions. To such people I say please do not infer too much to the
> fact that I have responded to all this in a mere 6 days.
>
> aloha,
> Paul
>
> >
> > Regards,
> >
> > Mark McCarron
> >
> > > From: fuerschpiu@xxxxxxxxx
> > > Date: Tue, 1 Jul 2014 18:39:13 +0200
> > > To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> > > Subject: Re: [tor-talk] Illegal Activity As A Metric of Tor
> > > Security and Anonymity
> > >
> > > Please Mccarron,
> > >
> > > The discussion is dead. You killed it yourself by not adding
> > > anything meaningful as far as I have seen. You just repeat
> > > yourself again and again as if it's a mantra. You got statistics
> > > to back up your claims? Good - show them! You got the script you
> > > used to track the onions? Awesome! Show it so we can see for
> > > ourselves and use it too!
> > >
> > > As others pointed out already: give us something to work with,
> > > else you can just pack up and troll another list as far as I am
> > > concerned.
> > >
> > > --
> > > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > > To unsubscribe or change other settings go to
> > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> > --
> > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk