On Wed, Jul 20, 2016 at 1:02 AM Mirimir <[1]mirimir@riseup.net> wrote:

     On 07/19/2016 03:38 PM, juan wrote:
     > On Tue, 19 Jul 2016 03:40:20 -0600
     > Mirimir <[2]mirimir@riseup.net> wrote:
     >
     >> On 07/19/2016 03:15 AM, Zenaan Harkness wrote:
     >>> The dawning inescapable realisation that "he's right" and was
     right
     >>> all along about Tor Inc.
     >>
     >> Well, I wouldn't go that far ;)
     >>
     >> If Tor were actually secure, I could accept that US government
     uses it
     >> for evil.
     >
     >       So Mirimir, what's the problem here? Am I failing to explain
     >       fuckingly basic facts or are you playing dumb?
     >
     >       Tor IS actually secure IF YOU ARE THE FUCKING US MILITARY.
     If
     >       on the other hand you are one of their TARGETS then tor IS
     NOT
     >       SECURE.
     >
     >       Is something unclear?
     What's your evidence for that? I doubt that it's technical, from
     what
     you've shared. So it sounds like just an assumption.

   So much about security is based on probabilities and unknowns, and our
   own privacy is such a personal issue, that I don't think this is
   something that's going to be solved by "evidence." Some people are
   going to be uncomfortable using or supporting Tor no matter what
   because of its history, and now potentially because they blame Tor for
   what happened to Appelbaum.
   Personally, from having talked to people who knew him that I've known
   for years, I am inclined to believe that Appelbaum did at least most of
   what he's accused of. But I blame the community for tolerating it and
   saying nothing at least as much as I blame him. He could not have
   existed without the legions of fanboys who, when they saw him trying to
   force a kiss on a woman, just wished they had such big balls rather
   than being concerned over whether or not she actually wanted that.

     >> It's the same argument that we make about encryption
     >> generally.
     >
     >       No it is not. You are *misaplying* the argument.

   I think that what they are saying is that whether or not crypto is
   effective for a given application depends on the resources your
   adversaries are able and willing to apply to breaking it.

     >> Systems with backdoors can't be secure. And you can't keep
     >> anyone from using anonymity systems without backdoors.
     >
     >       Yes you can if access to the backdoor requires capabilities
     >       that your enemies don't have.
     That's the fallacy about backdoors ;)

   Agreed. It's also the fundamental fallacy behind all of the NSA's
   attempts to weaken crypto.

     So are you arguing that well-designed backdoors are OK? Or are you
     just
     arguing that US military are dumb enough to think so. That they're
     so
     confident about their superior capabilities?

   The latter seems perfectly plausible to me. Groupthink.

     >> As I understand Juan's position, that wouldn't work for him.
     >
     >       What wouldn't work?
     Let's assume, hypothetically, that Tor is secure for everyone. And
     let's
     acknowledge that US military uses it for evil.
     If that were so, would you use and recommend Tor?
     Or would you reject it, because it's used for evil?

References

   1. mailto:mirimir@riseup.net
   2. mailto:mirimir@riseup.net