On Sun, Aug 14, 2016 at 04:49:36PM -0400, Steve Kinney wrote:
On 08/11/2016 09:08 PM, bbrewer wrote:
written the Tor Social Contract -- the set of principles that show who we are and why we make Tor. Our social contract is a set of behaviors and goals: not just the promised results we want for our community, but the ways we seek to achieve them.
As a QA and document control guy, I can't read something like that without processing it like this:
"We are committed to transparency; therefore, everything we release is open and our development happens in the open. Whenever feasible, we will continue to make our source code, binaries, and claims about them open to independent verification. In the extremely rare cases where open development would undermine the security of our users, we will be especially vigilant in our peer review by project members."
It's even worse - that last sentence above could easily be read as follows (thanks for the mindset, Juan :) - "In rare cases, open development does undermine the security of our users (those who actually need Tor against TLAs, and all our open development lulling those lusers into a belief in safety which does not exist) and in these rare cases (which are the only ones we should be worrying about) we will be especially vigilant in our open development and peer review to work extra hard at bamboozling folks and fulling all our masters requirements for next version, and thereby avoiding those things which may actually help those who actually need Tor to actually do something effective with it besides sharing our Hollowood propaganda". (This one time, I had a weird moment of having read the (Tor propaganda) paragraph above as though it was your (Steve) 'response to Tor propaganda' - then, this one time, I read your next para below and said "what?!!" Then, I shoved a light bulb up my brain, twigged really hard and explained it to myself slow enough that I could understand it.)
Translation: We believe in and practice an open, accountable development process, except when we don't. The public is allowed to see how TOR works, except when the public is not allowed to see how TOR works. Trust us, what you don't know won't hurt you.
s/won't hurt you/we want you to think won't hurt you/
"We are not just people who build software, but ambassadors for online freedom. We want everybody in the world to understand that their human rights -- particularly their rights to free speech, freedom to access information, and privacy -- can be preserved when they use the Internet. "
"Especially the rights of Jacob Applebaum whom we have a monstrous hard on for at the moment - his rights are like, you know, really important all of us here at Tor Inc. We believe in a better, warmer, caring world full of justice, transparence and truth."
Edit to include: The TOR project believes in human rights, except the rights of persons accused of crimes to be held innocent until proven guilty, and to publicly confront their accusers in a neutral, public Court. The TOR Project believes in and exercises the rights of risk-averse employers to discipline and discharge victims of malicious office gossip and/or anonymous denunciation as an expedient conflict resolution method.
"And we absolutely believe in the right for those with a rigid anger against another, to take a firm hold of a vigilante community and thrust some righteous and vigorously anonymous arguments at the wall of innuendo, slurs and outright lies and coverups. Because, what's life without some serious and unethical backstabbing process thrown into the mix?"
"We never intentionally mislead our users nor misrepresent the capabilities of the tools,
(like those tools on our vigilante justice committee, the CIA guys who failed to cover their trackes well enough when apply to work with Tor Inc, and those CIA guys who did get through the gaping cracks we lubricate with TLA dollars - as we always say, "once you've had black (money), you'll never go back!")
nor the potential risks associated with using them.
(like the use of our vigilante justice system, which nearly got out of Public Relations control, but was saved at the 11th hour by our knight-ess in smoking black garter belts, Shari Steele)
Every user should be free to make an informed decision
to jump on our vigilante lynch mob band wagons, and
about whether they should use a particular tool
like Jacob Applebaum when the time is just right,
and how they should use it."
vigorously, relentlessly and cruelly - we call it: The Shari-ahh law way. Only thing we have not yet figured out is how to include more, how do we say this, physical consequences, as part of our detailed, torturous and dare we say, religious ways.
Edit to include: "The TOR Browser ships with NoScript installed but disabled. Users must enable it themselves to obtain protection against de-anonymization at will by any malicious or compromised website. We do this as a convenience for naive users who may not understand what NoScript is or what it does."
As well we do this and are up front about it when we say "we need more users to fill enough of the bandwidth to provide enough cover traffic for our special ops in Syria, Lybia, Iraq, Afghanistan, China and Russia, and disabling No-script by default would cause according to our estimations, quite a few millions of those useful naieve users to not stay.
With TOR, one can have exactly as much "freedom and security" as one can steal. Just like real life.
Yes I agree, that would be a fine ending to their propaganda - I'm just not sure they would include it - too much truth.