tor promises to be good*

Steve Kinney admin at pilobilus.net
Sun Aug 14 13:49:36 PDT 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/11/2016 09:08 PM, bbrewer wrote:
> No worries, JUAN, they promise no backdoors… (I’m with you on your
> design stance, btw)
> 
> https://blog.torproject.org/blog/tor-social-contract
> 
> "The Tor Social Contract Posted August 9th, 2016 by alison  in •
> ethics
> 
> • human rights
> 
> • social contract
> 
> At The Tor Project, we make tools that help promote and protect the
> essential human rights of people everywhere. We have a set of
> guiding principles that make that possible, but for a long time,
> those principles were more or less unspoken. In order to ensure
> that project members build a Tor that reflects the commitment to
> our ideals, we've taken a cue from our friends at Debian and
> written the Tor Social Contract -- the set of principles that show
> who we are and why we make Tor. Our social contract is a set of
> behaviors and goals: not just the promised results we want for our
> community, but the ways we seek to achieve them.

[ etc ]

As a QA and document control guy, I can't read something like that
without processing it like this:

"We are committed to transparency; therefore, everything we release is
open and our development happens in the open. Whenever feasible, we
will continue to make our source code, binaries, and claims about them
open to independent verification. In the extremely rare cases where
open development would undermine the security of our users, we will be
especially vigilant in our peer review by project members."

Translation:  We believe in and practice an open, accountable
development process, except when we don't.  The public is allowed to
see how TOR works, except when the public is not allowed to see how
TOR works.  Trust us, what you don't know won't hurt you.

"We are not just people who build software, but ambassadors for online
freedom. We want everybody in the world to understand that their human
rights -- particularly their rights to free speech, freedom to access
information, and privacy -- can be preserved when they use the Internet.
"

Edit to include:  The TOR project believes in human rights, except the
rights of persons accused of crimes to be held innocent until proven
guilty, and to publicly confront their accusers in a neutral, public
Court.  The TOR Project believes in and exercises the rights of
risk-averse employers to discipline and discharge victims of malicious
office gossip and/or anonymous denunciation as an expedient conflict
resolution method.

"We never intentionally mislead our users nor misrepresent the
capabilities of the tools, nor the potential risks associated with
using them. Every user should be free to make an informed decision
about whether they should use a particular tool and how they should
use it."

Edit to include:  "The TOR Browser ships with NoScript installed but
disabled.  Users must enable it themselves to obtain protection
against de-anonymization at will by any malicious or compromised
website.  We do this as a convenience for naive users who may not
understand what NoScript is or what it does."

With TOR, one can have exactly as much "freedom and security" as one
can steal.  Just like real life.

:o/



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJXsNlgAAoJEECU6c5Xzmuqx7UH/juSkFhBaENZSOhPfoPsG/2u
UPsXzjtjP7GAf5sMeacTl4O/DCosIace5e67NNuC5JIfmxPl5cJdV+VDfiAJ1uTF
MppYOZNW6H0iS/+9TrLsM1YvBO33JjqU2Rep1kA9bxhYV4CtWWTGFPhgQEElbLZL
6wKKzGQy4zYTj6P5oeqEi3Crq9HdETsZstyKNDLqTnPANyLlrHQo5HKQjYeTxNs/
ywLfTRK4kBJxB5Xq8RYI9x4FwVV9R7pjqlZLLhFtuS8WXzA0AmfanDgOvSc1WXef
vt7ZyNCm/tgpfNiCTjC60qZeGCpGy9mRzalMgUPI8YVe9QI4P6CUOrMav8GqPgk=
=3BN7
-----END PGP SIGNATURE-----



More information about the cypherpunks mailing list