Re: [cryptography] To Tor or not to Tor?

I'm in devil's advocate territory here, because I neither trust nor distrust Tor/i2p, feeling that we can't really be sure one way or another. But:

Which ubiquity, in the curious case of Tor/I2P, appears to be holding up reasonably well so far. That is to say, who can state a case where a weakness in those systems (documented, or not) was exploited publicly to jail someone? Tor people seem to say it's possible, and the four horsemen have been operating in these nets for many years. Yet we're not seeing any canaries dropping in public. Why?

And there's mountains of lesser [computer/finance] crime, filesharing, etc on these nets, with no sign of those actors being disrupted either.

Time for me to fulfil Godwin's Law and discuss Nazis! When the UK broke Enigma, they were able to decrypt Nazi comms with their spies on UK mainland, and by the end of the war they had turned or neatly disposed of the lot of them. This was so effective that by the time the V2 rockets started raining down, the UK were able to feed false info back along the wires instructing the Nazis to aim wildly off target, and telling them that the casualties were drastic, and the (extremely expensive) program a wild success. In the modern day, you have a scenario where every significant opponent of the fascists use forms of cryptography that *may* be vulnerable to the fascists' level of technical sophistication; we don't know, really. But if they *can* crack Tor/i2p in limited circumstances, they sure as hell wouldn't let anybody know; including the monkies in the "lower" agencies who might do something as dumb as prosecuting someone on Tor-derived evidence. They would instead use the information as the UK did on their predecessors: to identify, neutralise or (better yet) turn them when necessary, but until that point simply to gather more information and find more targets. The patience of spies can look like inability or apathy, until they have cause to act. On 27/03/14 07:20, grarpamp wrote:

On Wed, Mar 26, 2014 at 7:23 AM, John Young wrote:

...

Ubiquitous use of a comsec system is a vulnerability

Which ubiquity, in the curious case of Tor/I2P, appears to be holding up reasonably well so far. That is to say, who can state a case where a weakness in those systems (documented, or not) was exploited publicly to jail someone? Tor people seem to say it's possible, and the four horsemen have been operating in these nets for many years. Yet we're not seeing any canaries dropping in public. Why?

And there's mountains of lesser [computer/finance] crime, filesharing, etc on these nets, with no sign of those actors being disrupted either.

Let's move to leaks, a civil/criminal matter. That's the one thing that has had perhaps even zero first person appearance on .onion/.i2p. Why not? (Discounting docs from criminal hacks above, submission portals to third party publishers, mirrors, etc.) What if the docs that say, places like Cryptome, have had to pull due to threat of legal/ToS action... were hosted and told by the leaker/collator themselves on these nets?

Who will carry the future gilded staffs of Cryptome, full-disclosure, WL, etc? And more importantly, where?

What if a new set of Top Secret Snowden-like docs were hosted on tor/i2p? What if they had fewer silly redactions, or more sources and methods? Or serious political/geo/nwo intrigue the likes we've not yet seen?

Are these nets only suited to street crime? Is offloading through the media the only suitable/safe place for high crime and politic?

If not already present on these nets (some classes noted above), and thus far apparently immune (perhaps foolishly so), then what exactly are the needed test cases that will start producing not just dead canaries, but public record of what killed them?

Any musing of 'To Tor or not to Tor?' must put consensus and evidence to these sorts of questions.

-- T: @onetruecathal, @IndieBBDNA P: +3538763663185 W: http://indiebiotech.com