Stop aiding and abetting TLA's - BOYCOT TOR !

Discussion in 'privacy technology' started by Enigm, Jul 18, 2014.

  1. Enigm

    Enigm Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    188
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,057
    Interesting reading! Thanks.
     
  3. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    829
    Location:
    UK
    How about an alternative to tor then?
     
  4. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Most of the monetary connections mentioned in that article are and have been public knowledge. Much of the rest is innuendo, fabricated motives, and scare tactics. Yes, Tor was initially developed by the military. Yes, 3 letter agencies use it. Those statements also apply to the internet itself. Tor is not pro-NSA or anti-user. It's a tool. It's neutral, available to all with equal benefits (and risks) to all. The fact that Snowden and other employees ran relays proves zero. Did they run relays to support surveillance or to fight it? I run an exit node. Does that make me an NSA operative, a terrorist supporter, or a criminal? It's expected that 3 letter agencies and other government intelligence divisions will run Tor nodes. Currently that's the only realistic way they have that can potentially compromise it, by increasing the odds that users traffic will route through compromised nodes. Even that isn't compromising Tor itself. The solution to that problem is in our hands. The more good relays and exits we create, the less likely it becomes that our traffic goes through a compromised node. We can create far more nodes and exits than all the 3 letter agencies combined. If half of those using Tor ran relays and exits, the NSA's ability to compromise it would be all but eliminated.
     
  5. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    I'm sorry, but this is a really bad idea... :thumbd: Just because TOR was developed by military, that doesn't mean that it is useless. If you think like this, you should stop using the internet all together, because it was also developed by a military agency...
     
  6. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    Agreed. I believe TOR is very safe. Snowden insisted that his "reporters" use it exclusively along with tails to access TOR. I spend hours a day on TOR/Whonix. I find it great for what I need. Basic smarts would be to assume any one method is risky; so spread around the risk by partitioning the trust among several providers. Just don't bank on any one method. Obviously be smart about post-exit node activity when you clear the TOR exit node. Duhhhhh!!
     
  7. Randcal

    Randcal Registered Member

    Joined:
    May 29, 2014
    Posts:
    76
    Reminds me of the "Dangers of Bread" list:

    http://www.funnyjunk.com/funny_pictures/1198672/


    I'm pretty curious...What is your setup for that? Where are you getting the bandwidth, and what sort of precautions are you taking to minimize risk? Are you at all worried about legal implications?
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The fact that 3 letter agencies, covert operations, etc use Tor to hide their identity and/or location tells me that Tor itself isn't compromised or backdoored. It would be foolhardy to backdoor it, then trust it against adversaries that can include nations with nearly equal abilities. You'd effectively be compromising yourself in the process.
    @Randcal
    I'm running the exit on my primary PC with residential DSL service which is contrary to the standard advice usually given. IMO, there's 2 ways to view this. Running an exit away from home reduces the chances that your own equipment will be seized, but also requires the purchase of additional equipment and service for a 2nd location. Running the exit from your own equipment does increase the risk to a point but it also allows the Tor traffic to serve as a cover for your own and vice versa. Built in plausible deniability. Unless an adversary is monitoring both my inbound and outbound traffic, it's almost impossible to determine which traffic is actually mine. The NSA could, but not the data hoarders like Google and Facebook. The actual bandwidth my exit contributes is low, usually between 1 and 4 GB per day. What it does add is another location for traffic to exit, another location for the NSA to waste resources monitoring. My actual internet usage is quite low so Tor gets the bulk of my bandwidth. My own traffic is effectively masked by the Tor traffic. I run a reduced exit policy to reduce the chances of it being used by file sharing software or for bulk spamming. The low speed and bandwidth makes it less usable for (porn) movies but is more than sufficient for web browsing, chat, e-mail, etc. Except for power outages, internet service interruptions, and the occasional reboot, the exit has run consistently for the last year. I have yet to see a complaint. The PC itself is secured by a default-deny policy using classic HIPS, a rule based firewall, and web content filtering. It contains very little personal information and nothing of any value to someone else. Regarding the legal implications, Tor is legal here. If they chose to, the authorities could harass me and make things quite miserable, but in the end there's nothing that they could charge me with that would stick. As far as I know, no one in the US has been prosecuted for running a Tor node. Since it is legal, I choose to accept the risk with the reduced exit policy to lower the risk of illegal usage. There is no law against opposing mass surveillance. Running the exit is my way of opposing mass surveillance with more than just words.
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    @noone_particular

    Thanks for running an exit :thumb:

    Have you considered using tor-ramdisk?

    I trust that you keep offsite backups, just in case.
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Questions like this come up from time to time. Here's what I wrote on tor-talk in late 2013, with Paul Syverson's reply:
    https://lists.torproject.org/pipermail/tor-talk/2013-September/030097.html
     
  11. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I've looked at Tor-ramdisk, but don't have a spare PC with enough RAM available right now. When I have more time, I'm going to set up a better hardware firewall and install Tor there. As for backups, there's very little on my PC that's important. The few items that do matter are backed up several times.
     
  12. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    This also just in: The first computer had its roots deep in code breaking for military operations during WW2!
    https://en.wikipedia.org/wiki/Colossus_computer

    A lot of the stuff we use can find its roots from goverments or war time things. Why? Because you're going to have a ton of funding and collaboration from such projects.
     
  13. blainefry

    blainefry Registered Member

    Joined:
    Jan 25, 2014
    Posts:
    165
    OMG!!!!

    COMPUTERS ARE UNSAFE!!! This proves it. If you believe the government involvement in the advent of computers is just a coincidence and doesn't mean every system is compromised, you're just an ignorant rube. You're just aiding and abetting TLAs!

    EVERYONE STOP USING COMPUTERS!
     
  14. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
  15. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    687
    Of course. :) One things for certain, reality will sooner or later hit us all in the face....
     
  16. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    What are TLA's?
     
  17. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Three Letter Agencies. They are 100% evil!
     
  18. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    AHHH Gotcha :thumb:
     
  19. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    Not really, there is just a "Wild West" way of operating them that went unnoticed until Snowden popped up. They are very necessary to the overall security and defense of nations but, like any powerful organization, they are subject to abuses of that power. I wonder why no one talks about the CSS or the DIA? It's not like the NSA and GCHQ are the only game in town. About TOR, it can't be trusted in my view, and it isn't just because the TLAs use it as well. I feel it's because there are too few nodes out there and because the TLAs use it. Those two things together make it risky, nor is it that useful in reality for the overall population who are more at risk of unnecessary surveillance. Its only saving grace is that it's free and, if you so choose, you can fire it right up without doing anything else. I doubt it would be discussed much if it weren't for those two things.
     
  20. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Guess I should've used CAPS as well, cause it was sarcasm. I'll aid and abet my privacy any day.
     
  21. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If one applied the logic that it's unsafe because 3-letter agencies use it, everything we use is unsafe. The key word is "use". They don't own it. They don't control its development. As for the 2nd issue, too few nodes, the fault here is our own and the solution lies with us.
     
  22. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
  23. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    My point is that most things we use daily have government development back stories, which again, is just simply the result of massive funding, mass collaboration and available resources while in an arms race with other countries. That doesn't mean they're malicious to the end user and people shouldn't use them, I'm not saying that. (less your sarcasm is in agreement with my sarcasm of my whole "computers have a government backstory, look out people!" )

    Basically, it'd be insane to think Tor started out as a grass roots project put together by some bored hippies.

    edit

    My god, I never really grasped how scary that is. They (anyone who has the money and time, in many countries) are farming exits for leaked information for sure.
     
  24. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I'm glad to finally see Tor with over 1000 exits on a consistent basis. Encouraging as that is, all of those quantities need to increase by a factor of 10 or better. Over 2 million users but only 0.26% willing to run a relay and 0.05% willing to run an exit. One exit for every 2000 users. Come on people. Freedom isn't free.
     
  25. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    Whether you meant it or not, sadly a lot of people do believe it and that doesn't really help matters.

    @NoOne, again it isn't solely because TLAs use it. You're right, if we worried about avoiding every agency we'd have to quit doing anything online and stop using phones, credit cards etc. It's that there are 2 million people trying to use less than 10,000 nodes that is the biggest problem. They don't have to own TOR to cause a problem. All they have to do is own/intercept the majority of the nodes, with no one else volunteering to operate more of them. I'm afraid that all the coverage of mass surveillance and the common recommendation to use TOR because it is free, coupled with the usual public reaction of "How can I be safe?" instead of "How can I help and be safe?" will just make that problem worse. What if we suddenly had 10 million TOR users, and still had the less than 10,000 nodes..that no one can say for sure aren't compromised? That's a hell of a potential for surveillance with little way of ever knowing who you're connecting to. You're also right that freedom isn't free, but most people are more content to let someone else pay the price.
     
Loading...