On 07/19/2016 03:34 PM, juan wrote:
On Tue, 19 Jul 2016 03:31:09 -0600 Mirimir <mirimir@riseup.net> wrote:
On 07/18/2016 03:39 PM, juan wrote:
On Mon, 18 Jul 2016 04:45:19 -0600 Mirimir <mirimir@riseup.net> wrote:
My current working hypothesis is that Tor is not broken/breakable by design.
keep sucking mirimir - your friend syverson isn't fully satisfied yet.
He's not my friend, Juan. He works for the fucking US Navy, after all.
But I do respect him. Think about it. He and his friends got US military funding for a project that provided deniable and secure communication, but only by making it public, for use by both funders and their enemies.
Oh come on Mirimir. As 'we' know, they did the only thing they could have done.
The only way for them to be able to exploit their users as cover is by making the system 'public' and 'free'. They didn't do it because of ANY altruistic and humanitarian motivation. They had no other choice, and it was good propaganda to boot!
I didn't say that there was anything altruistic or humanitarian about it. And yes, they did what they had to do.
So,
1) They need human shields, their abused 'users'
Yes, they do. All Tor users do, actually.
2) The system doesn't pose a threat to 'GPAs' - that is the system doesn't pose a threat to its owner, the US military.
Maybe it does, and maybe it doesn't. I can't imagine how you know. I do agree that it's prudent to be suspicious. But no better alternatives have been implemented. So the best option that I see is layering stuff. Route Tor through nested VPNs. Route Mixmaster, Pond, Bitmessage, etc through Tor. Encrypt private stuff with GnuPG.
It might be that this vulnerability was crucial for selling it to US military. But that's distinguishable from the argument that it's intentionally designed to be vulnerable.
The distinction looks rather subtle. It's actually invisible and non-existent from my point of view...
Maybe so.
There's also the fact that nobody has come up with anything practical that's not vulnerable to global adversaries.
Hardly surprising cosidering how powerful the US government is and how far its control over 'industry' and 'academy' goes. It includes the 'community' of sold out 'hackers' too.
If your assessment is correct, we are truly fucked :(
Also, it should be obvious that having bad and *subsidized* systems like tor fucks up the 'market' for security.
Yes, it does :(
So it seems unlikely that he had such a design that he put aside as unsellable.