the most annoying thing about Juan
Mirimir
mirimir at riseup.net
Thu Jul 21 00:54:45 PDT 2016
On 07/21/2016 01:16 AM, juan wrote:
> On Wed, 20 Jul 2016 16:24:04 +0000
> Sean Lynch <seanl at literati.org> wrote:
>
>
>>>> Tor IS actually secure IF YOU ARE THE FUCKING US MILITARY.
>>>> If on the other hand you are one of their TARGETS then tor IS NOT
>>>> SECURE.
>>>>
>>>> Is something unclear?
>>>
>>> What's your evidence for that? I doubt that it's technical, from
>>> what you've shared. So it sounds like just an assumption.
>>>
>>
>> So much about security is based on probabilities and unknowns,
>
>
> It seems kinda obvious to me that analyzing the security of
> say a symetric encryption algorithm is very different
> than analyzing the security of something like tor.
>
> In the case of tor there a A LOT more probabilities and
> unknowns involved. Also in the case of tor there are a few very
> damning knowns.
>
> So, any advertising regarding something like tor must have a
> lot more disclaimers than say, AES advertising.
I totally agree with you on that. I want Tor Project to put more
disclaimers and warnings on their front page.
>> and
>> our own privacy is such a personal issue, that I don't think this is
>> something that's going to be solved by "evidence." Some people are
>> going to be uncomfortable using or supporting Tor no matter what
>> because of its history,
>
> It's not just 'history'. Tor is fucked up because of its
> nature, purpose and past and current funding.
>
>
>> and now potentially because they blame Tor
>> for what happened to Appelbaum.
>
> The appelbaum soap opera is totally irrelevant actually, except
> that it's good because it shows that the members of the tor
> project are backstabbing clowns.
Indeed :)
> Now, think how much trust people who don't even trust
> themselves deserve.
Tor is open source, so trusting software doesn't depend entirely on
trusting coders.
>> Personally, from having talked to people who knew him that I've known
>> for years, I am inclined to believe that Appelbaum did at least most
>> of what he's accused of.
>> But I blame the community for tolerating it
>> and saying nothing at least as much as I blame him. He could not have
>> existed without the legions of fanboys who, when they saw him trying
>> to force a kiss on a woman, just wished they had such big balls
>> rather than being concerned over whether or not she actually wanted
>> that.
>>
>>
>>>>> It's the same argument that we make about encryption
>>>>> generally.
>>>>
>>>> No it is not. You are *misaplying* the argument.
>>>
>>
>> I think that what they are saying is that whether or not crypto is
>> effective for a given application depends on the resources your
>> adversaries are able and willing to apply to breaking it.
>
>
> The 'traffic analysis' of tor is not even crypto. It's based on
> IXPs taps, not on fancy math and number crunching.
It's based on intercepts _and_ "fancy math and number crunching".
>>>>> Systems with backdoors can't be secure. And you can't keep
>>>>> anyone from using anonymity systems without backdoors.
>>>>
>>>> Yes you can if access to the backdoor requires capabilities
>>>> that your enemies don't have.
>>>
>>> That's the fallacy about backdoors ;)
>>>
>>
>> Agreed. It's also the fundamental fallacy behind all of the NSA's
>> attempts to weaken crypto.
>
>
> There isn't any fallacy there. They weaken crypto because that
> serves their ends.
>
> And if they need a 'secure' cypher they won't use any of the
> ones they sabotaged.
>
> But, again, this doesn't apply to tor.
You are very suspicious ;)
>>> So are you arguing that well-designed backdoors are OK? Or are you
>>> just arguing that US military are dumb enough to think so. That
>>> they're so confident about their superior capabilities?
>>>
>>
>> The latter seems perfectly plausible to me. Groupthink.
>
>
> I don't think the US military are dumb. If you do, then you are
> not thinking as correctly as you should.
They have done some pretty stupid things.
>>>>> As I understand Juan's position, that wouldn't work for him.
>>>>
>>>> What wouldn't work?
>>>
>>> Let's assume, hypothetically, that Tor is secure for everyone. And
>>> let's acknowledge that US military uses it for evil.
>>>
>>> If that were so, would you use and recommend Tor?
>>>
>>> Or would you reject it, because it's used for evil?
>>>
>>>
>
>
More information about the cypherpunks
mailing list