To Tor or not to Tor?

[John Young]

Ubiquitous use of a comsec system is a vulnerability, whether
PGP or Tor or another popular means. Crypto advocates and
Tor encourage widespread use as a defense but may be luring
victims into traps. The more users of a system the more likely
it will be attacked by officials or by malefactors. And the attacks
are most often overlooked in the volume, or excused as a price
of popularity, fixes underway, always underway, keeping coders
and investors happy as engineers mud-wrestling and financiers
soused.

Most trusted systems (MTS) are where the money is, as with banks,
so that's where robbers make their living, and MTS set up budgets
for loss, PR, lobbying, training staff in cover-ups and workarounds,
hiring ex-regulators and distinguished industry leaders as advisors,
board members and faces of the MTS around the planet.

The lucrative boomlet in comsec generated by Snowden Inc's
marketing gambit promoting encryption and enhanced comsec
among media mouthpiece megaphones indicates that another
cycle of dubity of the status quo comsec confidence game is
to be followed by a repair and rejigger protection racket,
as evidenced on these mail lists, at conferences, and no doubt
in halls of semi-classified exchanges everready to share tips
and tricks to ratchet up demand for security in all its devilish
manifestations.

Was it not mere months ago when a call was issued to redesign
and or replace the entire Internet from top to bottom, the whole
thing, to end the futile comsec tinkering and delusionary marketing,
no way the Frankenstein could be made secure for human use,
it had fundamental faults which precluded durable comsec.

Perhaps re-Frankensteining is being done in semi-classified
halls, hindered by by official and commercial and scholarly
exploiters of the monster's faults to advance their interests
in advocating MTS for public use, just keep those research
and investment funds flowing.

No risk, no security market, so what fool would want an Internet that
had no faults. No bank would want perfect security to be available
directly to customers. No military or spy agency would want perfect
national security available to the citizenry. No government would
want a threat-free populace. No comsec industry would want ...

Best to aim for pretty good comsec and call it best that can
be done but cheating happens, thank you Edward Snowden,
so prepare for disaster "not if, not when, but now." Intel
committees wokring hand in hand with Snowden Inc. to keep
the public panicky and needful of secrecy protection of
the holy grail, national security backed by WMD.

In short, Tor is a confidence game, crypto is a confidence game,
no better than military, espionage, publicity, entertainment, finance,
law, insurance, education and religion. Oops those are the primary
routes to wealth and power concentration and need for WMD
protection.

What, you say WMD is a confidence game? Getoutahere, that's
top secret codeword core faith in secretkeeping. Without that
fundamental Frankensteinian fault nobody would buy security
against the Doctors of monsters working hard at most secret
laboratories on earth to devise crypto for assuring WMD comms
and launch threats are pretty good at persuading the public to
pay the steep protection fee -- which it should be noted is
laundered through IRS and NGOs, blessed by FRS and SEC.

Damn 3 lettered agencies of God.