[cryptography] To Tor or not to Tor?
grarpamp at gmail.com
Thu Mar 27 00:20:04 PDT 2014
On Wed, Mar 26, 2014 at 7:23 AM, John Young <jya at pipeline.com> wrote:
> Ubiquitous use of a comsec system is a vulnerability
Which ubiquity, in the curious case of Tor/I2P, appears to be holding
up reasonably well so far. That is to say, who can state a case
where a weakness in those systems (documented, or not) was exploited
publicly to jail someone? Tor people seem to say it's possible, and
the four horsemen have been operating in these nets for many years.
Yet we're not seeing any canaries dropping in public. Why?
And there's mountains of lesser [computer/finance] crime, filesharing,
etc on these nets, with no sign of those actors being disrupted
Let's move to leaks, a civil/criminal matter. That's the one thing
that has had perhaps even zero first person appearance on .onion/.i2p.
Why not? (Discounting docs from criminal hacks above, submission
portals to third party publishers, mirrors, etc.)
What if the docs that say, places like Cryptome, have had to pull
due to threat of legal/ToS action... were hosted and told by the
leaker/collator themselves on these nets?
Who will carry the future gilded staffs of Cryptome, full-disclosure,
WL, etc? And more importantly, where?
What if a new set of Top Secret Snowden-like docs were hosted on
tor/i2p? What if they had fewer silly redactions, or more sources
and methods? Or serious political/geo/nwo intrigue the likes we've
not yet seen?
Are these nets only suited to street crime? Is offloading through
the media the only suitable/safe place for high crime and politic?
If not already present on these nets (some classes noted above),
and thus far apparently immune (perhaps foolishly so), then what
exactly are the needed test cases that will start producing not
just dead canaries, but public record of what killed them?
Any musing of 'To Tor or not to Tor?' must put consensus and evidence
to these sorts of questions.
More information about the cypherpunks