Tor is not alone in misleading users about online security. It would be worth repeating that security online, as offline, is always an iffy promise and that communication and identity-protection caution is a basic requirement. Offerers of security in whatever guise -- national, governmental, commercial, organizational, religious, individual -- are well aware of the limits of what is being offered and thus over-promise to conceal those limits. Security should be understood to mean limited security, which is how security experts know it. A few of them laugh, or growl, at the ease with which scoundrels among them deceive the public. Most, however, enjoy the rewards of keeping quiet, or most likely, shading the truth in such a way that when vulnerabilities are exposed -- ie, people die (far more than sacrosanct journalists, entire duped populations) -- they roll out the usual exculpations of charging the victims with complicity in their suffering for believing what they were told. Never trust a security expert for they an incapable of knowing the full consequences of what they are advising about, having been trained to fudge, blather, brag, warn, and promulgate the faith. Security means to blame the victim, that is, require to the victim to believe in corrupt security, to never doubt the security offerers, all of whom are motherfucking liars, cheats and false priests, most often in pay of those who reap great fortunes fucking the people, themselves protected by secrecy. Without secrecy none of this shit would work. Thus, above all else, cloaking secrecy with evasive bullshit is essential, for example, the open source religion which hides crimes and misdemeanors around the globe, above and below. Dinky revelations of vulnerabilities hide great ones. Thus, the near monthly revelations of data hacking, the crowing about finding holes, the issuing of new patches and protections, the revisions of privacy policies, the proposed new legislation and regulation to control violations, the warnings of national attacks, the grandstanding virii of machinic attacks, the calls for digital identities and banning of anonymity, the jailing of a few pipsqueak examples, the avoidance of effective law enforcement and punishment of major cartels and spy regimes inside and outside government, the excusing of corporate and institutional siphoning of user data, the lack of constraint on military arms sales and product promotiing wars, well, its a long list of what secret security fosters. Believe nothing you hear about security, should be the motto required of every peddler and advocate of it. Alternatives to security are available but get no traction against the hegemon. At 11:05 AM 11/16/2011 +0100, you wrote:
----- Forwarded message from andrew@torproject.org -----
From: andrew@torproject.org Date: Tue, 15 Nov 2011 21:49:34 -0500 To: tor-talk@lists.torproject.org Subject: Re: [tor-talk] Tor in Mexico User-Agent: Mutt/1.5.20 (2009-06-14) Reply-To: tor-talk@lists.torproject.org
On Sat, Nov 12, 2011 at 08:30:45PM +0100, matej.kovacic@owca.info wrote 1.0K bytes in 28 lines about: : The site mentioned (http://www.nuevolaredoenvivo.es.tl/) is promoting : Tor use. It seems the victim used Tor, but the gangsters were able to : identify and kill him anyway...
There's nothing in the chron.com report, nor that site, that ties Tor usage to the targeted/killed people.
Using a hidden service may help protect both the site and users.
I talked to a journalist from a newspaper in Mexico City concerned about journalist safety in light of the ongoing drug wars. Most of the discussion was about how internet surveillance can happen and things people can do to stay safe, even if they aren't reporting on the drug wars.
There was another journalist from an activist organization with the same sorts of questions.
In both cases, the bulk of the discussion wasn't around the technology, but about the social aspects of anonymity. If you use tor to successfully hide from an adversary who runs the ISP, but login to facebook and join an anti-zeta group under your real name and profile, well, you've lost your anonymity.
I mentioned http://advocacy.globalvoicesonline.org/, specifically http://advocacy.globalvoicesonline.org/projects/guide/, as examples of places to learn more about blogging/reporting in dangerous areas. CPJ also has a guide to reporting in dangerous places, https://www.cpj.org/reports/2003/02/journalist-safety-guide.php.
This violence against journalists (both citizen and traditional) is nothing new for lots of places in the world. It seems American's aren't used to seeing it this close to our borders, https://www.cpj.org/americas/mexico/.
Tor alone cannot save you in completely hostile situations. Understanding the environment and making decisions on your own is key. Many people are struggling with the understanding part due to being overwhelmed with the technical knowledge required to stay completely safe online, yet still live in a hostile area. The lack of understanding leads to poor or uninformed decisions. No software is going to solve some of these issues.
From talking to DEA agents and former drug/gang members, the drug cartels are just as advanced as the police forces, if not more so. We're seeing the results of this in the targeted killings based on online activities.
-- Andrew pgp key: 0x74ED336B _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE