Two Different Instructors On Using Tor Crypto Etc...

Mirimir mirimir at riseup.net
Wed Jul 20 01:13:27 PDT 2016


On 07/19/2016 03:34 PM, juan wrote:
> On Tue, 19 Jul 2016 03:31:09 -0600
> Mirimir <mirimir at riseup.net> wrote:
> 
>> On 07/18/2016 03:39 PM, juan wrote:
>>> On Mon, 18 Jul 2016 04:45:19 -0600
>>> Mirimir <mirimir at riseup.net> wrote:
>>>
>>>> My current working hypothesis is that Tor is not broken/breakable
>>>> by design.
>>>
>>>
>>> 	keep sucking mirimir - your friend syverson isn't fully
>>> 	satisfied yet.
>>
>> He's not my friend, Juan. He works for the fucking US Navy, after all.
>>
>> But I do respect him. Think about it. He and his friends got US
>> military funding for a project that provided deniable and secure
>> communication, but only by making it public, for use by both funders
>> and their enemies.
> 
> 	Oh come on Mirimir. As 'we' know, they did the only thing they
> 	could have done. 
> 
> 	The only way for them to be able to exploit their users as
> 	cover is by making the system 'public' and 'free'. They didn't
> 	do it because of ANY altruistic and humanitarian motivation.
> 	They had no other choice, and it was good propaganda to boot!

I didn't say that there was anything altruistic or humanitarian about
it. And yes, they did what they had to do.

> 	So, 
> 
> 	1) They need human shields, their abused 'users'

Yes, they do. All Tor users do, actually.

> 	2) The system doesn't pose a threat to 'GPAs' - that is the
> 	system doesn't pose a threat to its owner, the US military.

Maybe it does, and maybe it doesn't. I can't imagine how you know. I do
agree that it's prudent to be suspicious. But no better alternatives
have been implemented. So the best option that I see is layering stuff.
Route Tor through nested VPNs. Route Mixmaster, Pond, Bitmessage, etc
through Tor. Encrypt private stuff with GnuPG.

>> It might be that this vulnerability was crucial for selling it to US
>> military. But that's distinguishable from the argument that it's
>> intentionally designed to be vulnerable. 
> 
> 	The distinction looks rather subtle. It's actually invisible and
> 	non-existent from my point of view...

Maybe so.

>> There's also the fact that
>> nobody has come up with anything practical that's not vulnerable to
>> global adversaries. 
> 
> 	Hardly surprising cosidering how powerful the US government is
> 	and how far its control over 'industry' and 'academy' goes. It
> 	includes the 'community' of sold out 'hackers' too.

If your assessment is correct, we are truly fucked :(

> 	Also, it should be obvious that having bad and *subsidized*
> 	systems like tor fucks up the 'market' for security.

Yes, it does :(

>> So it seems unlikely that he had such a design
>> that he put aside as unsellable.
>>
> 
> 



More information about the cypherpunks mailing list