Seems to me if people care about anonymous publication security and robustness they need static content, distributed, encrypted and integrity protected. eg like say tahoeLAFS over Tor or something like that. Of course not as jscript, form, click etc but thats just asking to be hacked anyway. As I recall Zooko mentioned you can actually do that - back a web server in LAFS, then the webserver is nothing but a read-only consumer of LAFS data. Presumably someone can figure out how to route encrypted, authenticated change sets or form submussions back to the underlying LAFS over Tor. Adam On Fri, Oct 04, 2013 at 04:22:02PM +0200, Meredith L. Patterson wrote:
On Fri, Oct 04, 2013 at 08:16:48PM +1000, James A. Donald wrote:
My understanding is that they found a bunch of Tor machines, installed malware by means of rubber hoses, and thus located the Silk Road hidden web server.
Why would they even need to use rubber hoses? They could just compel Amazon. How many Tor nodes are on EC2 these days, again?
--mlp