PortableTor and what else?

Discussion in 'privacy technology' started by ploder, Apr 24, 2009.

Thread Status:
Not open for further replies.
  1. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    So what if they did? It's not like your email contains any illegal or criminal activity does it? :argh:
     
  2. n33m3rz

    n33m3rz Registered Member

    Joined:
    Jan 10, 2009
    Posts:
    114
    Meh, worthless anonymity.
     
  3. n33m3rz

    n33m3rz Registered Member

    Joined:
    Jan 10, 2009
    Posts:
    114
    It used to be illegal to be Jewish in Germany. The law can change any day. Maybe some day the mean old democrat socialists of America will make being republican illegal 0_0.

    Snide political 'humor' aside, the law is fickle morality is a constant.

    My communications are perfectly moral in every way.

    And legal, but unfortunately that requires a timestamp ;-).

    Besides, can communications be illegal in America? I don't send any pictures, or files (torrents for that). Can words be illegal or criminal? I mean, I know a series of binary bits can be illegal (and regardless of my agreement or disagreement with the nature of this legal and philosophical problem, I don't involve myself at all in this), and I know someone can "own" a string of binary bits and "license" it making the transmission illegal. But can a string of non copyrighted binary bits that turns into ascii text be illegal or criminal? I don't think so, at least not in places that respect freedom of speech right? You do respect freedom of speech don't you?
     
    Last edited: Apr 28, 2009
  4. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    Yes, as long as it doesn't contain any motivation for hatred, crime or killings etc.
     
  5. n33m3rz

    n33m3rz Registered Member

    Joined:
    Jan 10, 2009
    Posts:
    114
    I don't hate anyone and certainly don't condone killing. Crime is too broad of a topic for me to take a stance for or against it. What is a crime is decided by a third party I don't trust. What is moral is decided by objective reality (or God, I suppose).

    Besides, I think people have the right to express hate all they want. As for killing, that brings up an issue. Usually I would say the crime is in the action, not in the planning. But if you wait for someone to kill someone before you arrest them, thats bad. Even if you wait for them to try and kill someone and get them on attempted murder, thats still probably a bad idea. I would say that I support freedom of speech in all cases where it doesn't IMMEDIATELY put someone at REAL risk.
     
    Last edited: Apr 28, 2009
  6. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    Well I agree, trying to gain anonymity is worthless and a waste of time, especially as I have nothing to hide and don't access anything illegal on the internet.

    But all I am saying is that when I use www.hidemyass.com I achieve what others are trying to achieve by simply using that website :argh:

    And it also passes all the tests at www.decloak.net which is by far the best tor breaker someone said they have seen.
     
  7. n33m3rz

    n33m3rz Registered Member

    Joined:
    Jan 10, 2009
    Posts:
    114
    Decloak is a good Tor breaker. Hide my ass is a single hop network though, whoever runs it can see what websites you are going to, and see who you are, as can anyone who can compromise it.

    So you are of the opinion that absolutely nothing will keep a person anonymous online? Tor is a waste of time and as easy to cut through as butter with a hot knife.

    And you can stop reminding everyone how law abiding you are in every post, no one cares. I don't see people jumping up and down saying they are criminals or anyone but you jumping up and down saying how law abiding they are lol. Not trying to be a dick keep it up if you like but its rather annoying.
     
  8. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    The point is.. it defeats Decloak :)

    And it wasn't very hard for me to figure out and do ;)
     
  9. Leonid

    Leonid Registered Member

    Joined:
    Dec 23, 2008
    Posts:
    42
    N33m3rz, there is no answer to your question from Steve.

    You got it right I'm afraid. You shouldn't trust commercial VPN more then you trust Tor.

    Actually, it might be significantly easier to get you if you are only relying on commercial VPN (desn't matter how good it is). All that needs to be done is to locate Steve for an example, and point the gun to his head. Authorities can torture him, make threats or even capture his family. They can force him to let them takeover his network silently. And Steve is not anonymous. He's not here incognito. He can be located fairly easy.

    Don't you think that the above scenario is significantly more probable then controlling half of Tor network?
     
  10. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Leonid, Your reply is false and full of shoddy assumptions. First and foremost, I do not have the power to reverse the XeroBank network to correlate clients and their data. It takes multiple admins and live session tracking. Further, if I was put under pressure, XeroBank would be covertly notified without alerting anyone by my taking of a non-action, which would revoke what little access to internal systems I do have (like support tickets/forum/svn).

    You need to realize this isn't our first rodeo like all the other services you are familiar with or that crop up overnight with some VPN offering.

    Further, VPNs are significantly better to trust than tor because of the profit incentive/disincentive relationship. Free public participation networks are generally less safe than privately controlled networks. Giving away something for nothing is suspicious, and tor traffic is always interesting to hackers and trivial to eavesdrop.

    I will publicly offer 70% correlation of the tor network traffic to real live users, for sale, at $30,000 - $50k per month. Anyone can achieve that, legally, quickly. Tor integrity is for sale because anyone can participate and collude, thus defeating it entirely. Our network integrity is not for sale at any price. Can you think of any intelligence agency with the resources that would like to buy the integrity of the tor network? Now ask yourself if they have the resources, capability, and motivation, why wouldn't they... ... or have they already?
     
  11. n33m3rz

    n33m3rz Registered Member

    Joined:
    Jan 10, 2009
    Posts:
    114
    Sure intelligence agencies have nodes. The cool thing about intelligence agencies is that every country has many of them. One thing I know about intelligence agencies is they are extremely fraternal organizations and they do not like to share information between themselves, in country even, much less outside of the country. Do you think Chinese intelligence is going to cooperate with American intelligence? Hell, most intelligence agencies inside the country are not going to share much information between each other.

    So if an American intelligence agency has a hundred nodes, its likely that a Chinese agency does as well. Also a Russian agency. Other countries are likely to have a significant number as well although China USA and Russia seem to have the most dedicated intelligence operations. I am sure Germany federal government also has a ton of nodes. All the intelligence agencies combined probably have an equal amount of nodes as non-affiliated individuals who just want to contribute to Tor. Then there is probably a minority of people who are running exits to sniff unencrypted data, and do other malicious things.

    It's a statistical game for sure, but the wonderful thing about it is that no one organization has a monopoly on the things people would want to break Tor for, and the organizations are on similar footing.

    I don't care if all three nodes in my path are run by intelligence agencies. FBI can run one, Chinese intelligence can run another and some carder can run my exit for all I care. They are not going to cooperate together, and the carder isn't going to find **** because all my communications are end to end encrypted. I don't think trust matters much for an anonymity network, at least in the pure sense. I don't trust the people that are running my nodes. But I do trust that the people running my nodes, the majority of the time, are not colluding together to try and break my anonymity. Although they may be trying to break my anonymity by themselves, the statistical fact of the matter is even someone with 50% of the tor nodes isn't going to be able to trace me back 50% of the time.

    2000 total nodes would result in 1,331,334,000 possible circuits (that does assume every node can exit though, so the math isn't totally right).

    1,000 compromised nodes would result in 166,167,000 possible circuits that are totally compromised.

    1,331,334,000 /166,167,000 = 1 / 8 circuits are compromised if 1 / 2 of nodes are compromised.

    for hidden services with 2,000 total nodes there are

    88,224,108,612,632,992 possible circuits (And that holds true as exit nodes are made irrelevant).

    Someone with 1,000 nodes will = 1,368,173,298,991,500 compromised circuits.


    88,224,108,612,632,992 / 1,368,173,298,991,50 = 1 / 644 circuits are compromised when hidden services are accessed, and that assumes someone owns HALF the Tor network.

    So I guess the moral of the story is use hidden services, heh.
     
    Last edited: May 1, 2009
  12. JokersWild

    JokersWild Registered Member

    Joined:
    Nov 10, 2008
    Posts:
    23
    Tony, I think you're suffering from bad logic.

    You wrote:

    "Well I agree, trying to gain anonymity is worthless and a waste of time, especially as I have nothing to hide and don't access anything illegal on the internet."

    "A better question you need to ask yourself is... why on Earth do you need to be anonymous on the internet?"

    To say "I have nothing to hide my life is an open book. Anonymity is for those who are doing something illegal."

    That's totally flawed. Anonymity is like a gun. A gun is neutral. It's usage depends on the intent of a user. A gun can be used to commit robbery or murder. A gun could also be used in defense of one's life and property. A gun may be used in the noble defense of one's country under attack from an evil marauding army. Banning all guns is certainly not the answer.

    Consider the situation where one lives in a politically repressive country. The need to keep your identity a secret in sensitive communications is a matter of life and death. Opposition to the state is a crime and illegal. During the uprisings in Burma a few years back, many correspondents and bloggers used Tor. Communications were under severe state censorship. Opposition to the state meant certain death or imprisonment.

    Many such as myself, really DO have nothing to hide. But I resent wholesale state surveillance. My communications are legal, but by God, they are mine and they are private. I give no consent to my emails being scanned, the web sites I visit being tracked and my phone calls being monitored. There may be little I can can do, but try I will.

    Nothing in life is foolproof or secure. There are no guarantees.
    Death is certain in life, but does that make life futile?

    Anonymity may be a slippery slope, but please do not think breaking anonymity under certain anonymity schemes is a trivial matter.

    In McIntyre v. Ohio Elections Commission the US Supreme Court wrote:

    "Protections for anonymous speech are vital to democratic discourse. Allowing dissenters to shield their identities frees them to express critical, minority views . . . Anonymity is a shield from the tyranny of the majority. . . . It thus exemplifies the purpose behind the Bill of Rights, and of the First Amendment in particular: to protect unpopular individuals from retaliation . . . at the hand of an intolerant society. "

    It is a noble cause, a worthy endeavor.
     
  13. Leonid

    Leonid Registered Member

    Joined:
    Dec 23, 2008
    Posts:
    42
    Steve, it's a matter of trust. I don't trust you when you are claiming that your network can't be taken over by cops.

    On the contrary, private networks are able to monitor their customers much more easily.

    At least Tor has published its own weaknesses. Tor developers are even encouraging users to read about it. While you are making claims that your network is unbreakable.
     
  14. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Leonid, it's not that I am saying our network is unbreakable, but that I am saying it is much harder to break, and we know it because we've broken those other networks, so we're defacto experts on that subject.

    It is not analagous to other networks, so drawing analogies to other networks isn't going to be a good comparison. Because it is a private multi-hop mixed/multiplexed VPN, it's very different than other VPNs, Tor, and JAP. Tor is a project first of all, and public network that runs on monetary and resource donations, and depends on the kindness of others to participate in their network by routing traffic for others. It's socialistic. So they have an academic and fiduciary responsibility to explain themselves. You want the same from a private corporation, but typically you won't find any business who wants to tell you how they do what it is they do. But I think you're more interested in the properties of the network, and a threat assessment, yes? You're right that it would help to have a whitepaper to discuss the threats and benefits of the network. I would like to write that up with Mr. Herzog, our CSO.

    NOTE: I started writing out what the threats were and this quickly became a 2 page long entry. I think I'll start writing the threat-model whitepaper.
     
  15. ploder

    ploder Registered Member

    Joined:
    Apr 11, 2009
    Posts:
    38
    Sorry guys, but since I started this topic do you mind helping me answer my question in post#3 about why TorVM gives me that error? I'm using Win2K pro sp4
     
  16. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    sorry

    user8616_pic277_1214037416.jpg
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.