Tor is no longer secure; the U.S. government paid Carnegie Mellon (CMU) to research ways of de-anonymizing users by inserting specially designed packets into Tor user data at controlled nodes. [1]
Nearly a year-and-a-half after CMU canceled a Black Hat presentation, hints were dropped that CMU's Tor-related efforts may not have been for research purposes only. An anonymous tipster claimed the FBI had paid CMU $1 million to unmask Tor users. A quasi-confirmation popped up during the DOJ's prosecution of Brian Ferrell, who was allegedly assisting Blake Benthall in running Silk Road 2.0. Ferrell and Benthall were both swept up in the wake of a Tor-related FBI raid known as "Operation Onymous," which began a few months after the hastily-cancelled Black Hat talk.
Included in the information handed over to Farrell's legal representative was the following:
On October 13, 2015, the government provided defense counsel a letter indicating that Mr. Farrell’s involvement with Silk Road 2.0 was identified based on information obtained by a “university-based research institute” that operated its own computers on the anonymous network used by Silk Road 2.0.
This was covered by Motherboard[1]. The Tor Project put out the following statement in response: "the Tor network is secure and has only rarely been compromised. The Software Engineering Institute ("SEI") of Carnegie Mellon University (CMU) compromised the network in early 2014 by operating relays and tampering with user traffic. That vulnerability, like all other vulnerabilities, was patched as soon as we learned about it. The Tor network remains the best way for users to protect their privacy and security when communicating online."
I think that Tor, like Bitcoin, will always be vulnerable if a particularly powerful entity is able to obtain a majority of nodes. (Or, in the case of Bitcoin, a majority of hashing power).
And the more troubling aspect is that the courts have accepted the government's arguments that no warrant is required to disclose IP addresses:
> ... Tor users clearly lack a reasonable expectation of privacy in their IP addresses while using the Tor network. In other words, they are taking a significant gamble on any real expectation of privacy under those circumstances.
If both of these statements are true (that the government could easily run a majority of Tor relays, and that the government does not need a subpoena), then any particular vulnerability being patched is irrelevant to the inherent insecurity of the network.
Though note that Tor is also vulnerable to someone who doesn't control a majority of nodes, but can monitor the traffic of a majority of nodes from upstream. This is probably easier to achieve for a global adversary than actual control of the nodes' computation.
This doesn't make it bad software; it's the best we have, and being able to monitor traffic across the entire Internet is a huge ask of an attacker.
Also, remember that the NSA has had that kind of capabilities for a while, yet what came out of the Snowden leaks was “Tor stinks” (read: “We don't know how to break it in any practical sense”).
yup. Though apparently they could deanonymize some folks, but couldn't target the users they wanted.
But I'd expect that to change, a low-latency network like tor that also doesn't create cover traffic just architecturally isn't equipped to deal with something approaching a global passive adversary. Though networks for even that can be built..
The takeaway was indeed that they could deanonymise individual users, but they couldn't target it and it required significant amounts of human effort (i.e. it did not scale).
AFAIK, Tor developers are willing to implement cover traffic; the main reason it hasn't happened so far is that there is no known way to do this that clearly helps against that kind of threat. Until we have this (either from academic research, the Tor Project's own efforts or something else), it would be at best a placebo.
of course; but that's not tor's threat model anyhow. Nevermind the scenario of being mostly taken over; it also obviously falls to traffic analysis by a global passive observer.
In other words, its not gonna protect you from the NSA, ever, nor was it meant to. It might have a fightning chance against the FBI though. Actually it was surprising how in Snowden's files, the NSA was having trouble reliably deanonymizing targeted tor users.
Secure against what or who? Nothing is completely secure.
Your browser isn't secure, and most Tor users are using browsers over it to visit websites. All an attacker has ever needed to do is compromise your browser.
This is why you should use Tor only with a series of VMs, one with internet and tor access to act as a router and the other which can only access the router vm. This lowers the attack surface to just that of Tor's proxy interface and your VM isolation. A physical implementation of this could be done for increased security.
TAILS is not designed to be run in a VM. You can do it but it's not recommended. Whonix on the other hand is designed with VMs in mind. Qubes running Whonix isn't a half bad solution, though a live CD of TAILS is probably best becuause your system will have relatively few traits that can be uniquely profiled to you. https://panopticlick.eff.org
I would not trust Tor (by itself) to hide from the Government but I would trust it if I wanted to hide my IP address from a particular website, for example.
If all you're concerned with is keeping basic information out of the hands of comparatively low-resource adversaries (such as hiding your IP address from single website and its authors/owners) there are low-cost and comparatively simple solutions. For examples, a decent VPN or visit to Starbucks costs <$10. (And there are also free proxies, within limits.)
I thought the whole point of Tor was that it would work against highly capable or motivated adversaries?
I'm just saying that if I was trying to hide data from the government, I would be much more paranoid (in some cases it might be a good idea to use a device not owned by you on somebody's else network, for example)... but in cases where you are facing a low-resource adversary, I would not bother with a non-free VPN when you can have Tor for free which have the potential to be better then a VPN.
Surely, if you're paranoid about hiding data from the government, it should be easy enough to handle by using a secondhand diskless laptop with a USB live distro with no RW filesystem, and then wardriving for people running WEP or WPS on their wifis? Especially WPS is still common and can be cracked quite quickly. With one of those big-patch-antenna USB wifi cards that go for $40 on ebay, you can use an AP from several hundred yards easily.
Why not just point that big patch at a busy coffee shop? There are lots of open wifi spots out there.
Honestly, if you are doing things so naughty (which I don't advocate) that you are worried about state adversaries using lots of resources to track you down, you probably need a level of OpSec that you are not likely to achieve without being supported by another state level espionage agency. But at the very least you should be disguising yourself (in such a way that you still blend in), you should not be accessing an AP within a few hundred miles of where you actually live, you should probably not be driving your personal vehicle anywhere near the AP you log into (instead, using public transport paid with cash and then sitting on a park bench near the AP), you should probably be using a computer you purchased second hand from a thrift store with cash at least 6 months ago, you should probably wear gloves, you should probably dispose of the computer in a public dumpster in a different town than you accessed the AP. Hell, you probably shouldn't even download TAILS from an IP you control, I have no doubt every Tor Bundle and TAILS and WHONIX download is logged for cross referencing. Even with all of that, I honestly doubt that in the current climate a normal, highly careful person could remain anonymous if they were targeted by a major western intelligence agency like the NSA or the GCHQ.
I think you're right about the extreme level of opsec required, but with that level of opsec I think it would be feasible to avoid being targeted by the intelligence agency in the first place. Which is the key to survival.
Obviously this means you are doing something illegal but undetected, like spying for the Russians or Chinese in the West, spying for the West in Russia or China, etc.
OTOH, if you are doing something like exposing human rights violations in China/Russia/Iran/etc. where, by its very nature, the results of your (in that place) illegal activity are published, you are far more likely to be targeted.
> diskless laptop with a USB live distro with no RW filesystem
Which distro? One known problem is that browsers still transmit their location. If the network and the laptop are hundreds of yards distant, that's an instant red flag. Once that problem is corrected, there may be unknown problems to deal with.
TAILS. And unless you are using GPS, which would be a silly thing to do on a device you were using to achieve maximum anonymity, your laptop has no idea precisely where you are.
> You propose running a Tor node or using Tor internally. Before, this was just something you could do. After Tor’s pivot, you now have to justify why the company should explicitly associate itself with banned HR activism and draw the government’s ire. Using Tor is now an additional mild liability for all of its non-HR users.
Using Tor already marks you as suspicious depending on who's looking, regardless of why you use it. The ideals or mission statement of the Tor project don't change this.
Tor suffers from the same impediment as the Bittorrent protocol; it is used a lot for illegal purposes, so a stigma of illegality surrounds the tool itself. By focusing on the legitimate use of Tor (e.g., as a human rights facilitating tool) the Tor project might actually improve adoption rather than frustrate it.
> Using Tor already marks you as suspicious depending on who's looking, regardless of why you use it
Is this based on experience or assumption? I've had minor issues with Tor and VPNs abroad, when questioned about them. Brushing them off as a "security tool" usually worked.
A "human rights" tool, on the other hand, makes Tor dangerous to be caught using in many parts of East Asia. I find most Westerners (myself included until recently) don't understand the cultural and political sensitivity around the term in certain countries. OP's analogy to the Western treatment of anything rhyming with drugs is spot on.
In the west tor was (or is) seen as a tool access child pornography. I had to explain multiple times why i would support such a evil thing.
This is a very high social cost in the west, and you can't pose with a tor t-shirt (like the dude in the photo) if that the narrative. You will be expelled from your students union instead of celebrated for supporting it. So, a typical westener tor-supporter does not want this image. But the typical westener is no the person that needs tor mosts.
Such a label in east asia would probably help. If the Singaporean police would assume that all tor users a looking for child porn (or just porn, that's illegal there) uses would fall in the vast bin various criminals. But not a political opponents, that are targeted with much more energy. The social cost of consuming (child) porn might be lower than being a dissident. And the prosecution might be less serve.
> This is a very high social cost in the west, and you can't pose with a tor t-shirt (like the dude in the photo) if that the narrative. You will be expelled from your students union instead of celebrated for supporting it. So, a typical westener tor-supporter does not want this image.
I suggest this is overstated, at least as far as Tor is concerned. While there are occasionally news reports about various crimes that utilized Tor as part of the process, more often the generic term "encryption" or "anonymizing software" is used in news reports. I think the general reaction to anyone wearing a Tor T-shirt would be indifference, save maybe one or two curious talkative parties.
I will admit this is anecdotal, but overwhelmingly when Tor has been brought up in the past in my workplace or during discussions, overwhelmingly the response has either been "what's Tor" or "oh Tor. I've heard of that. What is that exactly?". The idea of "expelled from student union" for being a Tor Supporter is completely outside of my understanding of what people in the US even know about Tor. Even so much as having a casual two-way conversation with a non-tech person about Tor seems like a foreign concept. Tor might catch headlines once in awhile, but when it comes to things like online privacy and anonymity, I don't think this is what the lay person thinks of.
I mean, just page through news.google a bit searching for "Tor". The news outlets covering it are pretty much tech-oriented; going just a few pages deep, only politico really mentioned Tor, and that was literally only to say it was used by the hackers during the Clinton email breach, calling it an anonymity tool.
I just don't think there's enough evidence to really say that the general public or even law enforcement really knows what Tor is, much less form an aggressive opinion towards supporters.
"expelled from student union" was a hyperbole. But not much. Being associated with anything child porn, no matter how strange the association might look, is a social death-sentence. And IMHO winds have to change only slightly for that to happen to tor. One Buzzfeed or vice article would probably be enough. As said, I already had very awkward conversation about tor when it was somewhat new.
I remember when internet censorship was about to be introduced in germany. Blocking child porn was the stated intend. It was a good dammed awfull climate. The debate was a mine field. Lot's of people where vehemently opposed, but did voice their oppinion but in their in-groups where they knew people would agree with them.
The major reason we don't have these filter is few brave activists who stated that they, victims of child sexual abuse, think sweeping these crimes under the carpet instead of investigating them is unacceptable. A very, very clever spin. If it weren't for these people the social cost for arguing against censorship infrastructure would simply have been to god dammed high for the most of us.
If I couldn't have pointed to these people and tell that censorship actually makes it all worse I would have feared for my social standing and my physical well-being.
I understand very well Tor folks don't want that. But as said, the western user or developer is probably not the person to care about most.
A late response just in case you check your threads.
I am not discounting your experience, it's more I do feel it's an exception. I do understand that you were using some exaggeration for effect, but my point was more that it's hard to get into an awkward conversation with the General PUblic (in the US at least) about Tor because the general pubic doesn't have the basis to even discuss it.
Perhaps I'm misunderstanding your point a bit (and I'll gladly admit it if I am), but by and large in the US at least, the conversation about Tor by the general public is non-existent. It arises when interested parties need it (for good or bad), but much like "hacking" or "encryption", it's a very poorly understood and disassociated term amongst the general public. Most journaists can't describe what it does, much less how it works. They know that badguys use it for something, sometimes, but even then they can't really narrow down what Tor's function was.
The discussion on any privacy tool is muddied by child porn - there's no doubt about it. And while the threatening question of "what do you have to hide?" when it comes to encryption isn't anywhere near as damning as the association with child porn, I imagine it's a brief and short taste of something much much worse.
However, I think realistically most of the Western Population is oblivious to what Tor actually is, just like they don't really understand Apple's device encryption, they don't understand why Heartbleed was bad (it just was), and so on. Some persons may have a strong opinion, and these strong opinions can certainly be dangerous. But I don't think the majority of the population would be swayed.
This generalized labelling is about the only way the US government can sway opinion because they flood television with these phrases. And because most of the US believe anything they see on TV without question, the government gets some semblance of control. The same thing happened with bitcoin, tor, Marijuana, etc. Basically anything that hasn't or can't be heavily monetized and taxed without upsetting some other company.
I bet if some large corporation came out with it, the government would have no problems. Because they could probably convince that company to let them monitor everything
Sure, Tor traffic has always been suspicious, but that suspicious traffic has traditionally been without an attached political label. By branding Tor as a tool specifically for HR campaigns, you risk drawing additional ire from regimes considered to have a poor HR record.
Wouldn't a regime with a poor human rights track record consider any use of technology which hides who you are communicating with as warranting further investigation regardless of the ideals behind it? I don't think they are that naive.
Have you ever been to China? There's a plenty of people who work there and have to use various proxies to do so, is the Chinese government cracking down on them? Nah, they'll just mess with those connections a little to keep up appearances.
But hey, if you decide to use a proxy that screams "I'M A POLITICAL DISSIDENT" with every packet you send they might just get interested.
Governments that have a reason to be concerned about Tor are already concerned about Tor. And governments that are concerned about Tor won't be more or less concerned because of its mission statement.
I don't think so. You are probably from the west. Image what your government would do against tor if tor changed it's missions statement to be about circumventing drug laws. I'm very sure serveral liberal democracies where hell-bend to ban tor.
/edit: We had a massshooting in germany recently. We currently have a debate about police tool against the "dark web" as a source of firearms. Before that the goverment was not concerned about tor at all. After that it was very. The narrative about tor changed only slightly, and the governments stance changed rapidly. And the missions statment is a very strong source of narrative.
Goverments are not either good (supporting Freedom) or evil (supressing it's people), but do both things to some extend. It's not like Singapore wants a little freedom as possible for it's citizens. It just has very un-western values. If it though that tor does not get to much in the way it won't do much. OTOH German goverment might attac tor.
I'd argue the chances China cares about Tor being used to attack US based firms is an order of magnitude lower than when it is used to circumvent HR restrictions. If Tor is marketed as a general anonymity tool, it seems less likely to be targeted than an HR specific tool. Remember, these policy makers and enforcers aren't typically the most technically savvy.
> If Tor is marketed as a general anonymity tool, it seems less likely to be targeted than an HR specific tool
I would be surprised if the Chinese government cared about how Tor was being marketed. The change might help with propaganda but it won't change internal policy. What they care about is how it is actually used in China, and I'm sure they understand this better than anyone else except for perhaps the Tor Project.
That was the author's argument, that Singapore is against the Western view of human rights, so running human rights software would be seen as subversive by the government. He then undermines his argument to instead promote the privacy aspect of Tor by saying that the Singaporean government is fanatically anti-corruption. Privacy hides corruption, so promoting that aspect of the tool doesn't make sense either.
Author here.
In short, Singapore authorities view Privacy as a double-edged sword. They recognize it's power for anti-corruption (which they love), but dislike the human-rights angle and possibility for breaking the law. Realistically they'll do a balancing act.
As long as one can convincing argue that weight of the things they like about Tor exceed the weight of the things they dislike about Tor, you're good. Tor's pivot to emphasize human rights makes that comparison much harder to win.
In what way is privacy anti-corruption? My point was that having better privacy makes corruption easier, which is why saying the Singaporean government is taking aim at corruption undermines your argument. If you can untraceably accept payment for a deal that was set up and negotiated without the possibility of eavesdropping, you've got the perfect tools for corruption.
Good point. To answer you directly---in short they like whistleblowing.
More long-form they like some of the protection features---e.g., protection against corporate espionage from China/USA. They probably also like to use such technologies to spy on their neighbors in efforts to leverage that information to negotiate better trade deals.
Using Tor already marks you as suspicious depending on who's looking, regardless of why you use it.
This is a curious construction, one that I can't pin down to any kind of secondary-language issues. "Using Tor" is not the subject of that sentence, "who's looking" is. So, some people see Tor as suspicious. Who are those people, and why is it a problem? Law enforcement...anybody else?
What does it mean for Tor traffic to be demeaned by law enforcement (or $chosen_group) as by-default suspicious, and is this a good use of their time and resources? Is it a good way to solve crimes? History tells us that law enforcement, and by extension the government, will use bigotry to effect prosecutorial goals at least as readily as they will shoe-leather investigation. Defining Tor as suspicious-with-exceptions operates in the same sphere as asset forfeitture: prove you ain't.
Point being, I think it's important to be clear what is happening with Tor as a character in the wider world of politics and policy, and "using Tor" is something that I don't think needs to be justified. Passive voice also elides these serious issues by pinning results on nebulous activity.
> "Using Tor" is not the subject of that sentence, "who's looking" is.
"Using [Tor]" actually is the subject of that sentence. "Who's looking" is not the subject even of the dependent clause in which it occurs; "depending on" is introducing an adverbial clause, in which "who" is the subject, "is" is the verb, and "looking" is the predicate.
> Passive voice also elides these serious issues by pinning results on nebulous activity.
The passive voice is not used in the sentence quoted.
I recommend preferring rhetorical techniques other than grammatical analysis; even for someone with a solid understanding of a language's grammar, picking apart the way something is said tends not to advance the discussion as well as repling to content would, however dubiously it may be expressed.
> This is a curious construction, one that I can't pin down to any kind of secondary-language issues. "Using Tor" is not the subject of that sentence, "who's looking" is.
> Passive voice also elides these serious issues by pinning results on nebulous activity.
No, no, no.
Firethief has already largely covered this, but: "Subject" and "passive voice" are grammatical terms. They have to do with the syntax of a sentence. Not with who performed an action, or whether that agency was clearly expressed in the sentence. There is nothing necessarily agency-hiding about the passive voice; conversely, one can hide agency quite well without using it.
Basically, go read some Language Log, they talk about this all the time. Hell, they've got a whole category for people complaining about the passive voice while not actually being able to identify when a sentence uses it: http://languagelog.ldc.upenn.edu/nll/?cat=54
The thing is, Tor is slow as balls, makes the web unreliable (lots of Capatchas), is not meant for use on sites you log in to (which is most things on the internet these days), requires extra software, and usually requires the use of more obscure search engines (because of previously mentioned Capatchas). That's the cost. So what's the reward? Anonymity. What users are willing to pay a high cost for that kind of anonymity? Usually the kinds of users who are trying to hide from the kinds of people who look at Tor users with suspicion.
Don't get me wrong, I like Tor, but I also understand the pragmatism in law enforcement being a bit interested in people trying that hard to hide what they are doing online.
> Imagine Tor published a policy document stating: “The Tor Project proudly advances drug-use by creating and deploying usable anonymity and privacy technologies so people around the world can circumvent local drug laws.”
"Imagine"? If you think this is hypothetical, bub, I have some bad news for you about the current perception of Tor.
When I think "Tor user" I think of illicit pornography, black market drugs, and human rights activists. Those are pretty much your options. What nation is okay with the first two, but not the third?
"Oh shit, we knew he was moving $2m USD in heroin, but we had no idea he was documenting human rights abuses! Apprehend him!" Please.
That may indeed be the public perception of Tor, but the project never publicly aligned itself with the distribution of child porn or illicit drugs. The author's point is that the explicit public alignment with Western notions of human rights is likely to harm the Tor project in countries where "human rights" are perceived as Western imperialism. The extent to which Tor's adoption of the human rights marquee might make a difference in the way these countries treat Tor is unclear, but it is at least a valid concern.
Frankly, there are a lot of better reasons -- mostly technical -- to doubt the efficacy and long-term future of Tor. But the recent politicization and drama certainly doesn't help it.
Those countries aren't stupid. Surely they already know of Tor's applications here. Certainly China puts significant effort into blocking it, for one example I'm familiar with.
I agree with you. But I was surprised that the author was able to run a Tor relay in Singapore without significant interference. That tells me that at least one authoritarian country was willing to turn a blind eye on Tor and some of its shadier uses. Will the new greater emphasis on human rights cause Singapore's authorities to give it greater scrutiny? Maybe, maybe not. But it certainly won't help.
You can run relays in Singapore. But you'll first want to leave your cellphone number with the police so they give you a call before visiting you at home.
After the pivot there remain two Singapore relays run by brave operators.
> Will the new greater emphasis on human rights cause Singapore's authorities to give it greater scrutiny? Maybe, maybe not. But it certainly won't help.
Yep. That's the argument. Their pivot is not the end of the world, but it definitely hurts.
Why wouldn't they want a relay? They are not 'turning a blind eye'. Every byte in and out is analysed, and the characteristics of every session gathered.
The profile of Tor demands that the developers stay anonymous, so that they cannot be targeted in any way.
They already need to have policies/processes to vet code coming over the internet, so there's no need to know contributors in person. It's better to not know anyone in person, in order to not compromise the goals in any way or challenge someone's safety.
Also, if Tor devs would never have interacted in person, then the alleged sexual offenses wouldn't have happened during Tor meets but some other event the accused was present at, keeping Tor free of such non-technical events.
Just like reverse engineers, emulator devs, un-free codec devs are smart to operate anonymously, so should Tor devs, and it would force them to adopt needed policies for vetting random contributions properly.
Those are just the people that have spoken publicly about their exit. Many others (given the nature of Tor) are not going to come forward publicly. They simply stop contributing and disappear.
Jacob was a distraction and excuse.
A Distraction so people would focus on that instead of what was happening with the project
A excuse to implement massive Social Justice and what I believe to be long term Pro Government reforms/policies within the project.
To be honest, when the "inspirational" hipster speeches started, I stopped going to the Tor talks at conferences. Roger was the perfect spokesman, nerdy but giving very understandable presentations, more concerned with transporting information than wearing the right scarf to tight pants.
These types of issues come up a lot in well-meaning organizations. What they don't realize is: "You an include the most people by having the narrowest platform."
So if you're a "privacy technology" group, anything not related to privacy technology should not be part of your focus.
Ever Civil War, for example, has two (or more sides). Now the Tor group has to pick one. If they were simply interested in privacy technology, they wouldn't have to.
You see a similar thing with Codes of Conduct, or "inclusiveness" initiatives. Why can't a Python conference be about Python and only about Python?
It is sad to watch the Tor Project implode. While it in no way impacts the project as I was a very very very very minor user of Tor in the first place, I have removed any and all installations of Tor from my systems, and will no longer donate to or support them in any way
Tor has lost their mission, which should have been Privacy above all else.
Today they seem to be more focused on Social Justice, and less about privacy.
I don't see this as an implosion. I am not fond of the majority of SJW rhetoric as a lot of the defenses seen in those circles seem to be constructed as thought-terminating cliché.
I have much respect for Virgil, but I also think Tor is in need of a rebrand at home.
Ancap/cypherpunk messages are not agreeable to the mainstream, and they do not maintain a project when it becomes this close to mainstream. The common Western observer begins to equate the network with the abusive practices inherent in anonymous communication. The average user sees "Tor" and thinks "child porn" or "drug dealers", or "Mr. Robot" hacker types. These are things that economic resources that have to answer to Western political authorities will run from, and if the project needs funding, it needs to have a feel-good message that supporters can parrot to politicians and others that actually have power.
I, too, am an anarchocapitalist cypherpunk type. But I'm realistic enough to recognize you can only push that platform so far as an organization scales. Most people still won't care.
Full disclosure: I am not affiliated with Tor, but I have run relays in the past and will likely run more in the future.
> I have much respect for Virgil, but I also think Tor is in need of a rebrand at home.
Thanks! I love you too.
> These are things that economic resources that have to answer to Western political authorities will run from, and if the project needs funding, it needs to have a feel-good message that supporters can parrot to politicians and others that actually have power.
This is a totally reasonable response. I would be delighted if Tor Project could make a pronouncement like this.
As a reply, I saw no indication they were having trouble appeasing western authorities---e.g., they had no trouble getting DARPA money for the big MEMEX project. They are voluntarily cutting themselves off from defense because they dislike the politics of the funders. Instead, they are piloting themselves into a position where they are forced to take money from human-rights funders just to stay afloat. And becoming "Human Rights Watch for Nerds", makes Tor work vastly more difficult in the Asia Pacific.
I agree with you that Tor could use a rebrand, but this is a poor choice of one.
The problem is that the average or "mainstream" person does not care about privacy, or even human rights. Not really.
The second they learn that tor can and will be used to spread "hate speech" or the classic CP, Drugs, Terrorism, the "mainstream" will (and is currently) demand that Tor sacrifice privacy in the name of defending Social Justice, stopping terrorism, ending CP, or catching drug dealers.
Under new board of Tor, and this new direction I fear Tor will cave to these demands.
Edit..
and just to be clear. Social Justice is not the same as Human Rights. People of late seem to be confusing the 2.
So long as the technology continues to work I will continue to support it through donations and running nodes. People who need services like Tor do not care about mission statements or director drama. They need something to protect their privacy and Tor does that. Until that changes you should continue to support the network.
Clearly you do not follow the Project closely or the inner workings of the Project if you believe Jacob Applebaum was the only person in the project forced or kicked out.
Sad, isn't it? It's even sadder that there are people who use terms like "social justice" as epithets. I don't know that I've ever met one of these "SJWs" in real life (and I live in the Bay Area FFS) but I've met so many effing people who have somehow convinced themselves that not only do these people exist, but they exist in such large numbers as to have an influence on what other people are or are not allowed to say.
At this point I'm 99% sure that (a) SJW backlash is some form of mass hysteria where large groups of people have convinced themselves and each other that these people exist in vastly greater numbers than they actually do (I'm talking multiple orders of magnitude) and (b) many of the most vocal anti-SJW warriors (let's call them ASJWWs) are simply people who at some point in their lives had experiences where they were being a-holes (probably without realizing it), and somebody called them out on it, but rather than learning from the experience and feeling slightly guilty about being a jerk, they decided it was all a big conspiracy against courageous truth-tellers such as themselves.
All based on anecdotal evidence of course, but I'm old enough (and have lived in every corner of the US, around pretty much every demographic there is) to have accumulated an embarrassing amount of anecdotal evidence on this topic.
Having taught in academia/higher education before moving to the private sector, these clowns use public shaming techniques to silence people of differing opinions using threats of intimidation and violence.
It's completely anti-ethical to a healthy society where free speech is stifled socially, to say nothing of a lack of govt interference.
So, either there's a global conspiracy to silence you, or you might be immature and/or kind of a jerk. Go back and read what you literally just wrote right here on HN; one of these is far more likely than the other.
Try none of the above! There is no "large scale movement" that I can see, this literally only exists in your imagination. If you say something that pisses people off, you could blame their negative reaction on (1) some abstract "movement" that is brainwashing people on a large scale, or (2) you could be voicing an unpopular opinion, or (3) you could be deeply wrong in whatever this truth is that you feel like you can't say. Just because someone takes exception to something you say doesn't mean that there's some grand conspiracy to silence you, although I'm sure believing that makes you feel better about yourself.
There is a difference between "taking an exception" and shouting someone down
Here are some example in everyday real life that have occurred recently and been recorded, situations like I link below happen every day, and are often never recorded. There are also HUGE numbers of people that self censor so as to not draw that attention of the rabid SJW.
It should be pointed out, that the people shooting the video believed they were in the right, believe they where showing the world a bigot, or racist, or misogynist. They believe their actions is the proper reaction to encountering such a person. So the question I posit to you is. Do you agree with their actions, would you agree with their actions if the target of their rage would have actually been a racist, or misogynist?
If you believe these are proper reactions, and the persons in the video are simply "calling out" behavior they dislike, then you prove my point that you are infact a SJW and can not identify them because of that fact.
The people highlighted in the video are I admit extreme example, but not too extreme. SJW is a raising trend, it started probably 10 years or so ago in Universities, and is spread on a massive scale to HR dept's in major companies, and to every day interactions like the ones shown in the video.
I hope Tor Project Inc can resolve the issues it faces.
After a bumpy start, Rotorproject[1] is starting to iron out a plan. It's my hope that Rotorproject can help Tor Inc resolve it's issues while simultaneously providing alternatives to the current (technical) monoculture in terms of easily usable anonymity.
I think advancing human rights are a reasonable goal, but when I've seen political activism as a specific project goal, I've yet to see long term success.
This is an interesting point I hadn't considered but I'm skeptical the rebranding will substantially change anything for people living in repressive countries. Governments that flag someone as suspicious or arrest someone for using Tor would have done so before the rebranding. These governments don't need to convince a jury or an impartial judge that Tor is a dissident network. They are already well aware of how Tor is used to circumvent the government firewall both by commoners who just want to watch YouTube videos and by activists to communicate.
I've been advised to cease using Tor when travelling to certain places.
Previously, I could have a reasonable conversation around "securing sensitive but non-threatening communications". The rebrand makes the tool dangerous to be caught using. The OP's comparison between Western treatment of anything drug related and certain cultures' reactions to the term "human rights" is spot on.
I'd never thought of it in the terms that the article author presents, but I think he has a point.
If you are a reporter, you have a very good reason to use Tor. When searched at a border or by some police force, having tools made for privacy and security is going to be expected. Having tools for human rights activists is going to cause trouble.
There is something that baffles me in these kind of posts.
Why do you act like it's the west obligation to solve your social problems?
TOR was created in the west, its main contributors are from the west and now - and very rightly so - the people in front of TOR identified the eroding of personal privacy as an eroding of our human rights in the west and they want to change that.
It's good for the west, is good for the TOR creators and main contributors. If it's not good in the Orient or middle East, then instead of complaining you should be creating and contributing to projects that help your purposes and your social advancement.
> For example, say you’re a sysadmin at a local business wishing to further secure its comms. You propose running a Tor node or using Tor internally.
I had to stifle a giggle at this 'example'. I have to wonder how many 'local businesses' so value their comms that they want to hide their origin at the expense of significantly downgrading their bandwidth... and what do these 'local businesses' look like?
Virgil seems to be willfully ignorant. Tor needs greater political support in the West because of second crypto wars. Tor also needs more funding that is available for work on privacy and anonymity to support use cases like Securedrop. Too much of Tor's current funding is tied to censorship resistance applications of Tor.
People can be wrong without being willfully ignorant. There's no reason to assume bad faith. You could make a perfectly good argument along the lines of what you say without that accusation. Why add it in?
(Note that you haven't actually fully made that argument. We have multiple competing concerns here (as we always do[0]). Virgil has made an argument based on one; you are trying to make an argument based on another. The question then is, which one outweighs the other? Since neither of you are actually responding to the other's arguments, merely expressing different concerns, it is impossible to tell from your arguments alone. (To put it another way, in pg's "Hierarchy of Disagreement"[1], you're purely counterarguing with no attempt at refutation.) Calling Virgil "willfully ignorant" makes it sound like his argument carries no weight or has already been refuted, but this is not the case.)
Okay, if Tor decides they'd pare back of the rest of the world to "focus at home", that would be a perfectly fine thing, logically consistent thing to do
However, this argument doesn't generate any virtue points. My sole claims about Tor are (1) they've pivoted and (2) their short-sightedness. They want to be rah-rah human-rights, but their angle of pursuit of human-rights is, ironically, notably counter-productive.
The author's argument that the Tor Project is throwing its users under a bus isn't convincing. The Tor tools and the reasons to use them haven't changed with the introduction of the Tor Project's new mission statement and social contract. The profile of a Tor user hasn't changed and nor has the meaning of Tor's traffic on the network. A Tor user confronted by the Authorities is still able to give "privacy" as their reason for its use. An at risk Tor user is still at risk and it is far from clear that the Tor Project's stated mission increases their risk.
I think the author conflates the risk to Tor users with the risk to Tor Project members and volunteers. It may well be true that the latter groups are at greater risk.
And yet some mid level autocratic bureaucrats in various totalitarian countries will now label Tor as a threat to state control and hence will treat any users with suspicion regardless of what said users claim to be using Tor for. Mid level bureaucrats largely don't understand the nuances of technology and cryptography but they certainly understand a political statement when they see one.
And so while it might be click bait to say that this will wind up killing someone but at the same time you can say that it is far from impossible.
Anyone trusting Tor for anything anymore is asking for trouble. Their new branding and associated bravado is just weak-sauce attempts at projecting technical soundness in the face of getting their tech butt-torn by the CMU hack. You can google the details of the hack yourself.
Anyone, with even an iota of self-preservation in them, is best served staying away from this identity-leaking crapware. There is no gentle way of putting it. Tor is fundamentally and practically compromisable, do not trust it for guarding your anonymity against a determined adversary.
No. I don't have any suggestions for alternatives either.
This attitude from someone representing the Tor project is, to put it mildly, terrifying.
But I guess fundraising matters more than lives of actual real human beings.[1]
[1] I'm inclined to believe the author slightly exaggerates the risk, but the reply completely neglects to address that issue. Trying to shift blame on local governments is hardly an option when those are the ones you're trying to defy.
If you have concerns about HN moderation you're welcome to email us at hn@ycombinator.com and make your case, but please don't take potshots like this on the site.
Are we to accept all allegations levelled against others as unimpeachable truth by default? If so, what legitimate means do the accused have to clear their names? You are calling a man a "rapist" solely on the basis of allegations. Presume innocence.
No we shouldn't, but has he charged the women who have come forward with slander? If not why not? Should we believe his denials? Shouldn't we presume the women to be innocent of slander?
Presumption of innocence is a red herring. It's a legal principle, not an ethical principle.
In real, messy situations without sufficient evidence or will to overcome the "legal" presumption of innocence, we are forced to make heuristic decisions (and inaction/ignoring the allegations is such a decision). THe decision can be more than black and white, too. For example that Applebaum is not rapist, and maybe hasn't done anything outright illegal, but has probably exhibited ethically questionable behaviour that would more than sufficient grounds for not wanting him associated with your project.
People in the movement describe him as someone who likes to experiment with sex. As one who usually gets what he wants. "I’ve also seen him be inconsiderate of other people’s feelings," said one person who knows him well, "or be overly persistent about asking for permission to do things other people didn’t want to do." But, he added, Mr. Appelbaum asks for permission.
===
As an aside: Presumption of innocence is not how society works. Say a friend tells you that a particular plumber in your village cheated him out of some money, so you should avoid that plumber, would you disregard the advice because your friend didn't secure a conviction against the plumber? If you're hiring and a trusted friend tells you that XYZ was harassing women at his last job, nothing outright illegal, but definitely toxic atmosphere, would you disregard that advice because of a presumption of innocence? So the real question isn't presumption of innocence, but the trustworthiness of (sometimes anonymous) sources. That's a hard judgement call to make. People who parade "presumption of innocence" around instead of thinking about that judgement call essentially advocate never trusting any allegations of improper behaviour. Tellingly I have seen that fallacy used overwhelmingly when it comes to sexual misbehaviour. Calling it victim blaming misses the point as well of course, because that presumes that the accuser is a victim. Anyone have a good term for that?
> Tellingly I have seen that fallacy used overwhelmingly when it comes to sexual misbehaviour.
This is because unlike most other categories of criminal conduct, allegations of sexual misconduct are particularly damaging to the accused, owing to the enormity of the crime and its effects on genuine victims. We might expect, then, to require a higher quality or quantity of evidence versus 'lesser crimes', no? But this isn't the case.
If somebody in the public sphere is accused of shoplifting, f.i., you would hear many a person declare said somebody "innocent until proven guilty!". In the case of sexual assault and rape, however, there exists a very loud minority that appear to hold we should accept all allegations without reservation – or, at least, those we deem "trustworthy" based on a vague nothingness. After all, if they were a friend of yours, you would take their word for it. Right?
Regardless, I am not in fact saying we should necessarily require evidence before we believe any allegation. I am more concerned with how we communicate our beliefs, especially in public. I might happen to believe Appelbaum's accusers are telling the truth, but it's decidedly not okay to assert that he is "a rapist" on the basis of nothing. People like to turn rape accusations into a little game of odds, but at the end of the discussion the fact remains: anybody can accuse anyone of anything.
If your standard for private individuals censuring someone is unimpeachable truth of wrongdoing, there is pretty much no way for that standard to be met. Private individuals can't conduct criminal investigations, compel testimony, or do any of the things that make it possible for courts to do their jobs. (And in the case of sexual assault, courts are terrible at punishing the guilty.)
Innocent until proven guilty is a thing because the cost of a wrong criminal conviction are absolutely devastating to an innocent person.
In a civil situation, the cost of not censuring a sexual predator is absolutely devastating for the people hurt by them. The converse cost of a wrong censure are much lower then they are in the criminal case.
The fact of the matter is, given how rare rape accusations are, if one person accuses another of rape, you can think of it as a tossup. If ten people accuse one person of rape, odds are much better then 50/50 that they are a rapist.
50/50 odds shouldn't put someone in jail, but I sure as hell wouldn't want to ever see that person as part of my community. The personal cost of this to them is nothing, compared to, say, a felony and a decade in state prison.
I'm not suggesting that is my standard. I'm suggesting, before declaring an individual to be a "rapist" and discussing their alleged crimes as if they were the unimpeachable truth, we ought at the very least to require something more than mere allegations. Ideally, this would of course occur in a criminal trial.
What if I were to accuse you, right now, of rape – having others corroborate my story? Are you ready to accept being 'censured', being the subject of despicable verbal attack, based on the "50/50 odds" I am telling the truth? Abominable.
> The converse cost of a wrong censure are much lower then they are in the criminal case
I suggest you read up on the effects false sexual assault allegations have on the accused. People lose their jobs, their livelihoods, their friends. Is being falsely imprisoned worse? Yes. Much worse? No.
I've directly known 2 people whom I believe were falsely accused of rape. Might be my region; southern Ontario. Also one did go as far as getting thrown out of court (in favor of the presumably falsely accused)
Not by multiple people, true. & both are completely unrelated people. Case was thrown out because the girl's story was completely inconsistent & lacked any evidence
To be clear, I'm not responding about Applebaum. I don't know much about the situation, but yes, multiple accusations does imply much more than a single case. I don't know how much opportunity there was for collusion. I was responding to your assertion that rape accusation is rare. Similarly many, including myself, think Assange was victim to a smear campaign. Sex gets muddy, especially if alcohol is involved
Getting removed from a leadership position in the TOR project is not losing your livelihood. If you're any good, you'll have little trouble getting a day job.
Far more employers are willing to hire someone with a history of harassment, then they are to hire an ex-con. If worst comes to worst, there's always flipping burgers. A few years from now, most won't remember. A felony, on the other hand, will always be on your record.
Losing earning potential is one thing. Losing your freedom is something entirely different.
>If you're any good, you'll have little trouble getting a day job.
This makes no sense. What you are advocating for, that extra-judicial punishment corrects for cases where judicial punishment isn't likely to occur, would equally apply to the next job he would be a candidate for. Being kicked from TOR isn't a one-off thing. His name is now permanently associated with a crime from which has had neither a fair hearing, nor any ability to defend himself. If TOR is justified in booting him without any sort of objective process, so is every subsequent company. You can't absolve yourself from the consequences of what you're advocating.
>Losing earning potential is one thing. Losing your freedom is something entirely different.
Not really. How free are you if you must become a low wage-slave just to survive?
Half this country are low wage-slaves - comparing their lives to doing a decade in prison is hyperbolic, and quite demeaning.
Being a lead of a prominent public project carries with it a lot more scrutiny of your behavior then being a line code monkey in an insurance corp. And it's not like he is blackballed from making a living.
Of course, if the many scathing, independent accounts of his behaviour are to be believed, he probably would have been fired long before things got to this point in any serious organization.
As it turns out, he did get his day in social court - the TOR project reviewed the allegations, and found enough of them to be true to fire him.
Consider the consequences of what you're advocating for. We have a prominent community figure that is accused by over a dozen people of harassment and sexual harassment (Let's leave the rape accusation out of this). And the right response it to shrug our shoulders, and say: "No conviction, no censure?"
How will you get a conviction, when harassment, and sexual harassment are not crimes? What kind of behaviour would justify social censure, exactly?
>As it turns out, he did get his day in social court
Unfortunately they're certainly more concerned with publicity and image rather than considering the evidence objectively. Which is the problem here.
>What kind of behaviour would justify social censure, exactly?
To me, not much. I honestly can't think of anything off the top of my head that should warrant "social censure" that wouldn't rise to the level of criminal behavior. One of the problems is that social censure does not inherently recognize proportionality. And so once the mob is unleashed, it often reacts far more than is warranted. We invented the notion of a judicial system precisely because of this problem. We should not be retreating back to mob justice now.
We need to accept that we cannot provide justice or retribution for all forms of bad and unjust behavior.
Really? You wouldn't throw out a creep who makes half the room feel uncomfortable from your next gathering with friends? A hobby club? A conference? A workplace?
What you're doing is creating a safe space for predators - they can do whatever they wish, without repercussions.
> We need to accept that we cannot provide justice or retribution for all forms of bad and unjust behavior.
Which is exactly why we need to look at the bigger picture. Sexual harassment is a huge problem. Compared to it, the human cost false accusations of sexual harassment is small.
There's a difference between setting a standard of behavior for a particular event and enforcing that behavior, and what you're referring to when it comes denying someone the possibility of working in tech because of things he may or may not have done in his personal life. There is a wide chasm you must bridge before throwing out creeps in conferences means we should prevent them from getting employment in tech.
There where several accusations. None of them was brought to the police, and at least one of them, a major, if not the major accusation turned out to be false.
Another accusation (or more?) have been questioned by witnesses.
I'm willing to believe he's a jerk anytime, but most accusations have absolutely no credibility for me. Especially because no victim went to the police. And if people don't do that I don't believe they are interested in a investigation. And, no, the german police is not a hell hole where no rape vicitm could go to. Quite the opposite.
The whole thing is a huge mess. But unless you have very good reasons to do so don't call applebaum a rapist. (AFAIK neither does the tor inc investigation do this) No, you don't have to like him. I don't do either.
Stop trolling. Crimes deserve investigations. This is in the best interest of the victim.
And no, I'm not believing anything just because somebody told so. Everything else is patological naivety, expeciall if the source has a bad track record.
Formally accused is a reasonably well defined concept. It is when accusations are brought before a ruling body with jurisdiction to receive the accusations in question. Usually before a government body of some sort, most commonly the police.
if I understand the situation correct only 1 person has accusation of rape,
The rest of the accusations are unwanted sexual advancements, with at-least one of them having been refuted by the actual "victim" as the report was from a 3rd party to misrepresented the situation.
Here is a good Multi-part series that is worth a read through
>My question is why do you think we should default to not believing rape victims?
Where I live, we have the principle that the accused is innocent until proven guilty. It is a legal right as well as a human right under under the UN's Universal Declaration of Human Rights, article 11.
Frankly, this trend of accusation = guilt that has popped up among today's youth is rather disturbing. Hopefully, enough of them will be bitten by it for them to re-learn the lessons of history that caused the presumption of innocence to become the standard.
Social ostracism can be a very efficient tool to strip people of a lot of things that are kinda important; and an accusation as serious as this is particularly potent in that regard. I mean, how many organizations would hire a guy whose name was prominently featured alongside the word "rape" in mass media?
Now, I'm not saying that you should adopt the "beyond reasonable doubt" standard and all that stuff. But I don't think it's reasonable to just blindly believe any accusation, either. Just as you owe the alleged victim to hear their side of the story, you also owe the alleged perpetrator to hear theirs, and at least try to see which one makes more sense.
Ah. I see the problem here. You are mistaking a court of law for society outside its doors. The criminal justice system must treat any subject before it as innocent until proven guilty, the rest of us do not have such restrictions. We operate is a fuzzy place where reputation is a strong determinant in whether heresay matters, where a pattern of suspicious behaviour is sufficient to decide not to associate with someone, and where OJ actually did kill his ex-wife.
I'm curious what you think about private discrimination on account of race, then (e.g. when hotels and restaurants were turning away black customers, back in 50s in US - not because the law said so, but because they could).
Discrimination in commercial transactions within the public marketplace are illegal (c.f. Katzenbach v. McClung, et al) and discriminatory membership requirements for "private" clubs that operate in public is unpleasant, but I have no idea how to fix that particular problem legally so we solve it with the previously noted social pressure (aka "mob justice") and this seems to work reasonably well. OTOH, the state does not get to tell you who your friends will be or who you should be spending your time with.
They are illegal, yes. I was wondering whether OP also treats it as "just freedom of association", since fundamentally refusing to serve some customer for any reason whatsoever is exactly that - and yet most people would agree that, done on such scale, it violates people's rights, too.
There's a difference between discrimination - ie, different treatment based on the group, class, or category to which that person is perceived to belong to rather than on individual merit - and choosing not to associate oneself with a specific individual.
I think you, in turn, are mistaking the legal concept for the general principle. We have the legal right to be presumed innocent – true. However, most people would additionally advance the principle that we, outside legal proceedings, ought to expect hard evidence to accompany allegations of wrongdoing.
I didn't want to sound provocative, I was hoping for what I got – a small discussion around the subject. When this event occurred the story got flagged (or deleted?) as soon as it reached the front page, multiple times. I don't appreciate this kind of censorship, especially since knowing whether the Tor org can be trusted is very useful information for one of my side projects.
On-topic, there've been multiple rape scandals online in the past few years, and the truth can often be hard to discern.
Why should we default to believing an accusation of anyone on any matter in particular absent proof? Is burden of proof not always on the accuser, rather than the accused?
Shouldn't we default to believing that people are innocent until proven guilty in a court of law? Or at least until all of the evidence has had a chance to be revealed?
Quick review of weaknesses listed on the Wikipedia page for Tor make it pretty obvious that Tor is a threat to majority of users that if discovered be face serious, if not life threatening, responses.
It's common for people to have too much trust in technical solutions, even when the solution includes stark warnings on its download page. It's even worse with VPNs and 'secure' email providers.
Tor can still be useful as a building block of the next thing, but people should start demanding something better than Tor.
How terrifying would status quo power holders find a free, universally available and readily usable software tool that provided real and uncrackable anonymity for anyone?
Nearly a year-and-a-half after CMU canceled a Black Hat presentation, hints were dropped that CMU's Tor-related efforts may not have been for research purposes only. An anonymous tipster claimed the FBI had paid CMU $1 million to unmask Tor users. A quasi-confirmation popped up during the DOJ's prosecution of Brian Ferrell, who was allegedly assisting Blake Benthall in running Silk Road 2.0. Ferrell and Benthall were both swept up in the wake of a Tor-related FBI raid known as "Operation Onymous," which began a few months after the hastily-cancelled Black Hat talk.
Included in the information handed over to Farrell's legal representative was the following:
On October 13, 2015, the government provided defense counsel a letter indicating that Mr. Farrell’s involvement with Silk Road 2.0 was identified based on information obtained by a “university-based research institute” that operated its own computers on the anonymous network used by Silk Road 2.0.
[1] https://www.techdirt.com/articles/20160225/07295633707/silk-...