the most annoying thing about Juan

Mirimir mirimir at riseup.net
Thu Jul 21 00:54:45 PDT 2016 

On 07/21/2016 01:16 AM, juan wrote:
> On Wed, 20 Jul 2016 16:24:04 +0000
> Sean Lynch <seanl at literati.org> wrote:
> 
> 
>>>>       Tor IS actually secure IF YOU ARE THE FUCKING US MILITARY.
>>>> If on the other hand you are one of their TARGETS then tor IS NOT
>>>>       SECURE.
>>>>
>>>>       Is something unclear?
>>>
>>> What's your evidence for that? I doubt that it's technical, from
>>> what you've shared. So it sounds like just an assumption.
>>>
>>
>> So much about security is based on probabilities and unknowns, 
> 
> 
> 	It seems kinda obvious to me that analyzing the security of
> 	say a symetric encryption algorithm is very different
> 	than analyzing the security of something like tor. 
> 
> 	In the case of tor there a A LOT more probabilities and
> 	unknowns involved. Also in the case of tor there are a few very
> 	damning knowns.
> 
> 	So, any advertising regarding something like tor must have a
> 	lot more disclaimers than say, AES advertising.

I totally agree with you on that. I want Tor Project to put more
disclaimers and warnings on their front page.

>> and
>> our own privacy is such a personal issue, that I don't think this is
>> something that's going to be solved by "evidence." Some people are
>> going to be uncomfortable using or supporting Tor no matter what
>> because of its history, 
> 
> 	It's not just 'history'. Tor is fucked up because of its
> 	nature, purpose and past and current funding.
> 
> 
>> and now potentially because they blame Tor
>> for what happened to Appelbaum.
> 
> 	The appelbaum soap opera is totally irrelevant actually, except
> 	that it's good because it shows that the members of the tor
> 	project are backstabbing clowns.

Indeed :)

> 	Now, think how much trust people who don't even trust
> 	themselves deserve.

Tor is open source, so trusting software doesn't depend entirely on
trusting coders.

>> Personally, from having talked to people who knew him that I've known
>> for years, I am inclined to believe that Appelbaum did at least most
>> of what he's accused of.
>> But I blame the community for tolerating it
>> and saying nothing at least as much as I blame him. He could not have
>> existed without the legions of fanboys who, when they saw him trying
>> to force a kiss on a woman, just wished they had such big balls
>> rather than being concerned over whether or not she actually wanted
>> that.
>>
>>
>>>>> It's the same argument that we make about encryption
>>>>> generally.
>>>>
>>>>       No it is not. You are *misaplying* the argument.
>>>
>>
>> I think that what they are saying is that whether or not crypto is
>> effective for a given application depends on the resources your
>> adversaries are able and willing to apply to breaking it.
> 
> 
> 	The 'traffic analysis' of tor is not even crypto. It's based on
> 	IXPs taps, not on fancy math and number crunching.

It's based on intercepts _and_ "fancy math and number crunching".

>>>>> Systems with backdoors can't be secure. And you can't keep
>>>>> anyone from using anonymity systems without backdoors.
>>>>
>>>>       Yes you can if access to the backdoor requires capabilities
>>>>       that your enemies don't have.
>>>
>>> That's the fallacy about backdoors ;)
>>>
>>
>> Agreed. It's also the fundamental fallacy behind all of the NSA's
>> attempts to weaken crypto.
> 
> 
> 	There isn't any fallacy there. They weaken crypto because that
> 	serves their ends. 
> 
> 	And if they need a 'secure' cypher they won't use any of the
> 	ones they sabotaged. 
> 
> 	But, again, this doesn't apply to tor.

You are very suspicious ;)

>>> So are you arguing that well-designed backdoors are OK? Or are you
>>> just arguing that US military are dumb enough to think so. That
>>> they're so confident about their superior capabilities?
>>>
>>
>> The latter seems perfectly plausible to me. Groupthink.
> 
> 
> 	I don't think the US military are dumb. If you do, then you are
> 	not thinking as correctly as you should.

They have done some pretty stupid things.

>>>>> As I understand Juan's position, that wouldn't work for him.
>>>>
>>>>       What wouldn't work?
>>>
>>> Let's assume, hypothetically, that Tor is secure for everyone. And
>>> let's acknowledge that US military uses it for evil.
>>>
>>> If that were so, would you use and recommend Tor?
>>>
>>> Or would you reject it, because it's used for evil?
>>>
>>>
> 
>

More information about the cypherpunks mailing list