On 4/6/23, efc@swisscows.email <efc@swisscows.email> wrote:
On Thu, 6 Apr 2023, grarpamp wrote:
On 4/5/23, efc@swisscows.email <efc@swisscows.email> wrote:
So you wouldn't say that Tor is good since it is the least worst way for people to browse?
Users getting jailed or murdered by the State's traffic analysis and sybil systems is for them perhaps the worst way to die. Does voting for least worst politicians get you much of anything in your lifetime, vs ignoring, defunding, routing around and removing them all permanently.
The same goes for users. Some do get jailed
If has been repeatedly suggested for years that people start a canary project to search for any suspected "analytical breakthroughs [William Binney]". Start collating and dissecting all court cases involving Tor and other leading supposedly resistant protocols and cryptoprivacy. Analyze cases, Interview the subjects. A Jewel that is used, is a Jewel that can be discovered, and you can bet that many Jewels are being used, in a trivially discoverable haphazard fashion, so as to guide infer as to what the current state and use of the real Family Jewels are.
From Wikileaks to Snowden to the recent Twitter Files and even more revelations of mass political corruption and info operations, only fools would believe there is nothing in operation worth finding... or at least worth rationally speculating on in yearly Symposium dedicated to that.
An approximate to some degree on "information" can be derived by careful postulation and calculatory estimates supported by history, current facts, funds, intents, trends, open sourced info, etc. History shows these have often wrote what later turned out to be true.
But I do give you this much, no one should use this service in the belief that it is a foolproof way to hide your tracks and I think the project should be very clear about that.
Watch Tor's videos, some say a roomfull of canaries could drop dead and TPI would still not include any potentially embarrassing clarity about adversarial attacks in their talks. In fact, in the rare times when TPI ever mention this fact of the slide deck "Tor Stinks -- NSA, vulns known since before 2012" they twist it and dodge and weasel around the obvious between the lines fact of that slide deck regarding the adversaries existing and advancing attacks. And how many times in last year did Tor Project disclose these at least 11+ year old facts, among others, to its users... ZERO. Tor Project literally committed changes to their front page and other pages that removed long standing warnings to their users, yet the design and security of the tor network did not improve in any manner that would support the removal of such warnings. In fact, some analysts would say that tor has grown continually weaker, relatively speaking, at the feet of advances in its adversaries analytical and active capabilities.
I like the principle "free, informed, consent" and if there is no information, there can be no free, informed consent.
Again, in just this month alone, TPI has yet again, completely censored information that users could use to help determine their own risk and consent. Not only did TPI censor it, they made no attempt to refute it, thus crediting it by default.
The real solution is to both fork tor, and also to design and compete entirely new network overlays.
"Tor Stinks -- NSA, vulns known since before 2012"
I was not aware of this, so thank you very much for informing. When it comes to forking tor there is another problem though, and that is all the infrastructure. Like FB, tor has some strong networking effects so starting from scratch would be tough. I do hope that someone does fork though, and that a new, stronger and less woke project might take over instead.
As to forks, if forks want an instant nodebase, for so long as the protocol of the new fork is able without safety compromise to remain backward compatible with the old tor, the new fork can simply do API module to import old tor's live nodelist and route its traffic over old tor nodes as desired. Besides, at this point Tor Project is so bad as a project that any well announced fork (and any entirely new competing network designs) would have volunteer node operators showing up in no time. TPI has been so busy vacuuming up all the Money Talk and Conferences in the room, which is a suspect in itself how that [psyop] has happened, that some Devs Users Operators and Funders have forgot they have the Right and Freedom and Imperative to Code and Launch and Fund competing projects. And to speak freely about and critique elephants in rooms.
I tried to reach out to persuade them to develop an "addon"
Another addon called OnionCat is being killed by Tor (hardly under any non-nebulous reasons that cannot be acceptably modularized) thus killing all users apps that do use, and all development of all future apps that could use, the protocols it provides. Given capacity and security were rationales that users contested, again without response, could there be speculations on why there is killing off of an entire protocol stack of potential future privacy enhanced apps...
I was met with complete silence
Your various experiences and observations with Tor are not unique. There are others who have discovered problems with Tor. But they may be afraid to speak out, or from their industry, or simply don't know that there are others to stand with, because Tor censors all their fora, so where would they go to find each other. TPI has even kicked people out of Tor Project for speaking freely in the interest of tor users, and or maintaining a different independence from the Tor Mob, and TPI even manufactured lies to them about why. And where can users go to find "information", because what competing review services have mentioned project issues and adversarial risks. That's another review project people could do :) Regarding this entire thread and many others on Tor here and elsewhere over years... On 5/18/23, Undescribed Horrific Abuse, One Victim & Survivor of Many <gmkarl@gmail.com> wrote:
it's really heartening to see this post to the tor lists
If you actually bothered to check the tor archives, you would discover that in fact the "moderator [1]" aka Tor Project Incorporated has blocked the post off all four of its lists. So no one on them saw it on any of them. In fact, Tor Project Incorporated has blocked and refused to post dozens of perfectly legitimate open posts and points made by multiple people over the years. Clearly, Tor Project Incorporated is defrauding its users from seeing discussing and gaining potential knowledge and protections regarding tor's not broadly known to users, intentionally disadvertised and whitewashed away from sight, fatal design flaws and conflicts of interest, among other problems. Tor Project Incorporated is thus putting its users at substantial risk. Tor Project Incorporated is plainly resorting to CENSORSHIP to hide some embarassing things... including its GovMil designed funded and operationally governed software, and Govt funded programs and Govt funded staff's career monied interests above users, and certainly now many might say is suspect of keeping its design weak perhaps to support any ties to user adversaries such as the GovMil NSA CIA and partner entities incl ISP's. Tor design has stayed 25 years old, while threats advanced light years, yet Tor Project Incorporated chooses silence refusing to even publicly speculating on design weakness in such wide public needed and vocal manner so as to inform warn users of some real issues. Yet CIA and more now advertise to "Use Tor". Such SpyVeillors, DataMiners, and agencies and entities are not willfully in the habit of globally recommending to the world that which they cannot crack. Tor Project is presenting a growing discongruence with at least now what are surely huge advancements in adversarial capabilities if not dire abject realworld application of same... and no one is talking about it. TPI is so afraid of embarassing things that even after declaring themselves to be hypocrites "bricking up" fora counter to their faux professed free speech principles, thus killing their lists, that they still laughably CENSOR those dead lists. Must be damning info to go to all that effort. Tor Project has been caught disencouraging vulnerability researchers. And caught acknowledging its intentional extensive censorship of its fora. TPI must be held to account. tor needs to be forked. And other completely new overlay network designs need to be created, coded, openly competed, and rolled out into operation. [1] Moderator: noun, one who facilitates free open conversations, not one who total blanket CENSORBANS all conversations and topics off all channels entirely. "Tor Stinks -- NSA, vulns known since before 2012" Censorship loses, Freedom wins.