----- Forwarded message from Roger Dingledine <arma@mit.edu> ----- Date: Thu, 26 Sep 2013 01:52:14 -0400 From: Roger Dingledine <arma@mit.edu> To: liberationtech <liberationtech@mailman.stanford.edu> Subject: Re: [liberationtech] The missing component: Mobile to Web interoperability (in Internet Freedom Technologies) User-Agent: Mutt/1.5.20 (2009-06-14) Reply-To: liberationtech <liberationtech@lists.stanford.edu> On Wed, Sep 25, 2013 at 09:32:46PM -0700, coderman wrote:

On Wed, Sep 25, 2013 at 1:34 PM, Jonathan Wilkes <jancsika@yahoo.com> wrote:

...

... Roger Dingledine has said that his biggest fear is that the NSA has found a way to break Tor,

citation? ;)

You left out the rest of his sentence (and maybe some different punctuation would have helped too). Once upon a time, we argued that sure, maybe NSA could break Tor if they put enough resources into it, but at least we could rely on the fact that if the FBI called them up on the phone and asked for some help with a case, they sure wouldn't admit to it. And also, if they *did* have an attack, surely they wouldn't "spend" their super-secret knowledge on just any old situation: https://en.wikipedia.org/wiki/Coventry_Blitz#Coventry_and_Ultra It's similar reasoning that might make you comfortable jaywalking in front of a secret service agent -- surely they have more important things to be doing with their time, or with our tax dollars, than coordinating with the local police to bust you for something irrelevant, right? And now here we are learning about a growing number of cases where NSA actually does provide intelligence for cases that are totally outside their scope or mandate, with sentences that start with "you didn't hear it from me, but". So the snippet of quote above is out-of-context -- I do think that an organization that puts a lot of energy into surveilling large parts of the Internet can probabilistically correlate some Tor traffic flows, but I wouldn't call that threat my biggest fear. That said, I do really worry about the slippery slope where everybody collects their own huge database of Internet traffic and then eagerly shares their analysis with everybody else. It shifts the balance of power even more in favor of the surveillance state(s). --Roger -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys@stanford.edu. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5