[tor-talk] FBI cracked Tor security

grarpamp grarpamp at gmail.com
Tue Jul 19 00:55:27 PDT 2016

On 7/19/16, Mirimir <mirimir at riseup.net> wrote:
> Well, given what we know of TLA capabilities, what Tor Project says at
> <https://www.torproject.org/> is tantamount to false advertising:
> | Anonymity Online
> |
> | Protect your privacy. Defend yourself against network surveillance
> | and traffic analysis.
> | Tor prevents people from learning your location or browsing habits.

I never liked those statements. I don't expect the user to know
why I or we don't, that takes an investment. But at least give
them a damn link right there alongside them that says
"Learn about the limitations of Tor" or something similar,
out to a nice open wiki page on the subject so they can start.
Not just "Learn more about Tor" out to an overview containing
a tiny "staying anonymous" section with no links, docs or
text to further support itself.
Even in there "fast enough for web browsing" is a bad qualifier.

Creating concise correct current text that holds up to parsing
is work, and there are degrees involved. But in a leading "privacy"
and "anonymity" app with certain remarked use cases beyond
surfing example.com all day, not doing so as an integrated
project component is kinda unexcusable.

> Cynical folk note that so far, the US and its allies are
> the only known global adversary. And claim that this is self-serving
> bullshit.
> it's becoming harder to escape the conclusion that Tor Project either
> doesn't want to mitigate this risk, or doesn't have the contractual
> freedom to do so.

Interesting to note that because former reasonably well
known and accepted decades of humanitarian investment
by some of these states has been reinvested into decades
of things like drone strikes... it makes it harder for projects
like Tor to freely make the case that their project existance
and use case is even valid for human rights and so on when
states are trending bashing those rights and their validity.

Right of anonymity and privacy, let alone legal and technical
extant versions of same, seems a very tenuous thing. And the
latter especially, is not something you can just brush on a
frontpage and say it exists.

More information about the cypherpunks mailing list