>In October 2014, Tor hired Thomson Communications, a Boston-based public relations firm that works with clients ranging from Verizon Wireless to the local healthcare industry. The Tor Project is based in Boston. One of Thomson’s early charges was to fuel press publicity for Tor’s growing relationship with Mozilla.
>Tor’s new initiative comes in the wake of a series of articles from Pando Daily exploring the relationship between the Tor Project and the US government, which developed the technology and continues to provide the bulk of the project’s annual funding.
>>47545124 there's about 300 people in the world who know how to audit security software. Even a competent C programmer with 20 years of general programming would now understand all the nuances of various crypto protocols and be able to find bugs.
How long was Heartbleed in open source? No one even looked for it. It's inevitable that there are bugs in Tor.
>>47545186 >Bugs don't make it a honeypot. sure do when they're introduced on purpose. three letter agencies have teams of people who are figuring out how to introduce bugs so they appear like benign mistakes.
>>47545153 1) There are more than 300, and the people that work on crypto protocols themselves arnt generally programmers they are mathematicians. 2) A couple years. It wasnt that long IRL. 3) there are bugs in everything, but there is more economic incentive to fix bugs than to exploit them. Most patches fix problems that have never been exploited in the wild.
>As we’ve previously reported, the Tor Project received at least $3 million from the State Department from 2007 through 2013 — most of it coming through State Department’s “Democracy, Human Rights and Labor” regime change arm. Tor also took in $3.5 million from the Broadcasting Board of Governors in those same years. Overall, funds from State Department and BBG accounted for over two-thirds of Tor’s budget — that’s not small change.
It's all about regime change around the world. TOR is safe as long as your enemy is not in the US.
>>47545241 it is plenty secure, but the way you are using it may not guarantee anonymity.
There is also a very important distinction between anonymity and security, that people often confuse.
1) Read all of the documents. 2)Tails is the easiest way to use tor effectively. 3) use all the other standard practices one would use to minimize visibility IRL and online. refresh mac address regularly, move locations, use public / unprotected / WEP'd wifi, use cheap disposable laptops.
>>47545252 It clearly shows that the NSA's strategy is not to introduce bugs into Tor, and that even if they did introduce bugs, it has been ineffective. The NSA has failed to backdoor several major encryption protocols: PGP. OTR. Redphone. This we know for sure from leaks of the dossiers they keep on people, showing that OTR/PGP/Redphone transmissions all show up as encrypted and unbroken while other encryption protocols get broken fairly handily. So not only does the NSA have a track record of failing to introduce vulnerabilities into free software, but their own internal documents say that it isn't even their strategy when it comes to Tor. Their strategy is mainly to link tor with pedos and to get people to stop using it. That and other ways to get people to stop using it; like flooding the network, creating a bunch of shitty nodes that slow down traffic, shit like that. Compromising usability rather than security, hoping that people will stop using it.
>>47545278 Exactly, tor is funded by the government to destabilise oppressive governments. But in typical government fashion, the left hand doesn't know what the right is doing. The left hand wants to destabilise governments like iran and the right wants to become as oppressive as iran.
>>47545412 Yeah that's it's headline goal you could say. However it's not a tool that you can apply to one country over another. If you try to aim it at iran you could get saudi arabia too. God forbid if a democracy took over in saudi arabia, the saudis fucking hate the US.
>>47545229 >It might have hidden intentional bugs somewhere in it, so it's a honeypot But you can claim that about every piece of software ever written. What are you going to do, go back to smoke signals and an abacus?
>>47545435 It's not about warrant issuing, it's about threading details together. If they have your IP saying shit about buying drugs, and then your IP using tor, there's a decent enough link there. Next time you use tor they can intercept your mail.
>>47545433 If I were to guess at how tor was applied I would say CIA probably runs around handing out thumb drives with an instruction booklet and a skype contact to people that sound pissed off on twitter.
>>47545597 conversation at NSA headquarters >let's push bills to weaken cryptography standards >'bill failed' >the new standard is still weak enough to be cracked with ease >phew >let's catch some internet rapists/drug dealers/terrorists >... >... >WHERE ARE THE TERRORISTS? >they seem to only be watching goat porn sir, guantanamo bay detention facilities are currently almost at 90% capacity and 80% of suspects are only being held for streaming bestiality >drats, nobody wants to buy drugs or guns on the internet >let's start a super secure super sicrit club of p2p information tunnels so ALL the criminals can be caught selling drugs and ALL the people who w2b illegal guns will be found out >wow I didn't know 20 something yo white bois could do so much druqs >shutitdown.jpg >fun loving dread pirate roberts gets it in the ass for selling drugs to kiddies and nobody will ever know that IT WAS A TRAP ALL ALONG >promotions to the team who came up with the PR stunt where we actually hacked into TOR w/o having a backdoor already INSIDE THE PROTOCOL :DDDDD >fug look at all these kiddie titties we can fap to
>>47545766 http://en.wikipedia.org/wiki/IBM_Sequoia if the NSA had one scientist with lab access to this computer...they could just send them a years worth of internet traffic on a fucking flashdrive and rofl-lmao on the floor whilst they get the plaintext back as soon as it takes USPS to deliver from point A to point B
>>47545823 They might be able to do it if they had a breakthrough in factoring the product of two primes, which is not inconceivable. but that would have nothing to do with AES, that would be RSA.
If they didnt have a novel undisclosed way to factor the product of two large primes they might optimistically be able to recreate a single 2048-bit RSA key in a year, and they would still need magic NSA fairy dust to do it.
>>47545858 I don't think you get how the most effective bureaucratic in the history of space works. If they see something that COULD work, they make a move and build it. If it were impossible, there would be no datasite on the dawn of the bad publicity they received from Snowden. You wouldn't see a picture on the news of the newest NSA cluster if it wasn't there for SOMETHING. A refresher on the USA justice system as of lately: if you spoke with someone you shouldn't have been spoken with MAYBE, if the way you spoke with person involved mailing your packets through a list of known criminals, and if your conversation is documented but not legible, a copy of your conversation will be held. I'm sure they kept it above ground because the chunk they're taking out of the US treasury extends their annual budget and it would be terrible press if they were found out hiding the fact that they can read the internet's mail.
>>47546019 its a datacenter, not an anomalous exception to thermodynamics.
realistically they are warehousing everything they can, analysing the plaintext and storing the RSA so they can take a crack at the things they think are important in 20 years when they can actually factor a 2048-bit RSA key.
>>47546062 the main problem is that nobody knows how to convert mathematical scenarios into ones that scale computationally or perhaps that nobody is reading this thread other than the NSA and /g/ tech-loli-gy, which could be considered good considering that speculations that could be granted validation from the implications of these implications are potentially mentally and spiritually corrosive.
>>47546158 naw it's speculated that a) the USA government is evil and self contradictory b) the implications of mass surveillance is that they want the metadata, not the content of the messages c) the implications of making a cluster is that they are trying to read the otherwise private messages which would confirm that the USA is actually not a coincidental gathering of the foulest scum to breathe, and is in fact an octopus that wants to eat the planet
>>47546133 no, I will happily dub myself the most aware (read paranoid) tinfoil hat libertarian on /g/. The reason I'm disagreeing with you is because you lack any sort of basic knowledge about anything having to do with writing, googling, computers or that 2^256 is apparently a really big number, and the universe would probably end before you could get a computer to count to it..
>>47546223 >the implications of mass surveillance is that they want the metadata, not the content of the messages Those might be the implications, but the reality is that they collect more than metadata. They collect the content of communications too. With non US data, they collect everything. With US data, they collect everything and say it's only the metadata.
>>47546356 The point is that somebody called AES-256 "exceptionally weak." The fact that now we agree that AES-256 must be bypassed instead of penetrated shows that it is in fact not "exceptionally weak."
>>47546454 for instance >>47545054 is a prime example of clickbait before moot went mainstream it was impossible to do clickbait in 4chan besides epic rolls..having a catalog was the embracing of this epic concept of clickbait tmyk
>>47546482 No, OP is laying bait, not clickbait. OP is baiting for responses. Clickbait is the general technique of creating content for the sole purpose of having someone view it, usually for the generation of revenue through advertisements, although this is not a mandatory factor.
In a broad sense, clickbait is "Baiting for clicks". One of the techniques is descriptive URLs like www.clickbait.com/one-hundred-things-you-will-not-believe-you-have-to-do-before-you-die-that-will-shock-you that usually take their description from the headings of whatever stupid article has been shit out by clickbait.com. Clickbait can also be videos, a youtube link with a description "You HAVE to see this video, you will be shocked at what this fish does with this baited hook". The technique to create clickbait are not part of what clickbait is, it's like saying a car is a rubber tyre when the tyre is just a functional component of the car.
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from them. If you need IP information for a Poster - you need to contact them. This website shows only archived content.
If a post contains personal/copyrighted/illegal content you can contact me at firstname.lastname@example.org with that post and thread number and it will be removed as soon as possible.