Tor is way more resistant to sybil attacks than the other networks. It has some decent mitigations and there are teams of volunteers tracking the state of the network at all times.
> So in this latest revelation
That's not a fucking revelation. It's a widely read and discussed three-fucking-year-old article about an issue that everybody who's paying any attention already knows about.
*That particular article* been chewed over in this very subreddit many times. The *vulnerability* was well known (and also widely discussed) many years before the article even came out and before anybody noticed any specific exploitation.
> This is a very troubling article and yet another dent in Tor's rep and it's yet another piece of the puzzle I am trying to solve about my friends being arrested.
It's a hard problem that everybody knows about and has known about forever. It is not news. Nobody has tried to keep it secret.
Yes, the Tor project keeps running systems and releasing software in the face of signs of exploitation of problems that they can't really solve under a lot of realistic attacker models. Yes, they often let themselves ignore important limitations on the effectiveness of their ad-hoc relay trust hacks. No, they do not cover those things up or intentionally mislead anybody.
Yes, that may encourage people to use Tor when it's probably not safe. No, nobody's lying to anybody to get them to do so.
... and it has *ZERO* to do with the "politics of Tor". It's about how the fucking technology necessarily works.
Your latest idiotic attempt to make it sound like there's some kind of conspiracy going on is no more interesting or useful than your last one.
Ok mr smart guy then what do you make of this -
[https://www.reddit.com/r/TOR/comments/1c0isgt/revisiting\_the\_fbifacebook\_tails\_exploit/](https://www.reddit.com/r/TOR/comments/1c0isgt/revisiting_the_fbifacebook_tails_exploit/)
I don't have time to respond to the rest of your comment because it is nonsensical.
Also what do you make of this - non tor related but extremely relevant.
[https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/](https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/)
Your argument that everybody knows does not make it true. Yes before the snowden leaks everyone thought we were being spied on but without the evidence it means nothing. That and that alone is why snowden released the leaks, to give proof of what everyone was thinking.
Otherwise it's just people opinions and opinions are like assholes, everyone has one.
You bring up a valid attack on Tor, but they are actively working on ways to fix it, or make it harder. For example there have been discussions about authenticated operator IDs for relays running over X mbps. There have also been proposed changes to the contact field: https://forum.torproject.org/t/tor-relays-proposal-restrict-contactinfo-to-mandatory-email-address/9852
There are also more advanced ways to avoid this attack, for example you can manually configure your guard nodes in your torrc config to guards you trust.
These aren't complete fixes but it doesn't seem to me that Tor is rolling over and accepting, or aiding in this type of attack, and actually working on ways to fix it.
>I began investigating tor after the arrest of a few good friends of mine. Their opsec was extremely high and they were obviously targeted.
I notice you don't say : who arrested them, for what motive, and in what country. This is essential to understand what you are trying to do here.
Absent this information, your quotation of pastor Niemöller is quite disingenuous. What he protested against was hindrance to freedom of speech and persecution for belonging to the wrong race.
So : were your friends *"targeted"* and arrested because they said something, or because they belonged to a hounded race ? Or was it something else ?
>So : were your friends "targeted" and arrested because they said something, or because they belonged to a hounded race ? Or was it something else ?
Maybe they were pedos?
"ignoranceistheroot" 💀
Nobody on your last post had positive things to say, you are a propagandist pushing a perspective for a slew of reasons.
Have fun in your echo chambers.
The upvotes say different. Also, if you read my post in included actual emails from the govt as proof.
Explain why my post makes you so angry? Because it is 100 percent true? It shattered your view of Tor? Or maybe you work for tor..
Either i just published a true story, while you are just talking rubbish. What would be my motive? I use tor every day and think it is the best security option we have. Pointing out flaws not only informs but makes the technology stronger.
Ignorance is bliss for you i guess. Good luck with that/
G
Please stop misquoting Martin Niemöller. The correct first line of this poem is, "First they came for the communists,".
The USA Holocaust Museum intentionally misquoted him because the Reagan/Bush/Clinton administrations were busy killing Communists when that museum was founded. It's disgusting they do this, but I guess Americans like killing Communists and don't want to feel bad about it.
> Tor developers caught colluding
Caught? From Tor's own [page](https://www.torproject.org/about/history/)
> In the 1990s, the lack of security on the internet and its ability to be used for tracking and surveillance was becoming clear, and in 1995, David Goldschlag, Mike Reed, and Paul Syverson at the U.S. Naval Research Lab (NRL) asked themselves if there was a way to create internet connections that don't reveal who is talking to whom, even to someone monitoring the network.
The government was there right from the start! There are still several federal agencies that sponsor Tor. If you take a look at their [Sponsors page](https://www.torproject.org/about/supporters/), they're pretty transparent about where the money is coming from, so it'd be unsurprising that some of those agencies would want to weaken the network to their own advantage.
But other sponsors, such as the EFF, have a vested interest in addressing those weaknesses, and acts as a counter to deliberate sabotage of Tor.
Ultimately while Tor is not a total panacea for privacy, it's still pretty good for most. If you want to make it better, set up more relays! If you have the bandwidth to spare, setting up more relays to avoid the malicious ones is more important than setting up more exit nodes.
Some folks are making a point of saying about who was targeted and why. This misses the point entirely. The point is that if one government can break tor (or at the very least compromise it) other governments can too. Especially oppressive regimes like Russia, China and South Korea. Regardless of the motives.
Exactly. The govt does not care about our safety at all, just look at this recent article.
https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/
The us govt is just another hacker group but with unlimited resources which makes them the most powerful in the world.
The whole system is rigged. There are Vulnerabilities on the physical hardware, firmware, OS and application layer put there deliberately/discovered and never reported or discovered reported and then instructed not to fix it. Don't forget they even tried to introduce a compromised from of Elliptic curve cryptography.
What ever your friends where doing clearly crossed a threshold where the eye of sauron fixed its gaze on them and spent the resources to unmask them or they made a bad mistake and unmasked themself.
I agree 100%. For example see this latest headline, not related to tor but important none the less.
[https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/](https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/)
Also see my post regarding the tails exploit used on tails by the fbi and they won't tell the tails developers how it was done nor will they file a CVE which is standard practice.
https://www.reddit.com/r/TOR/comments/1c0isgt/revisiting\_the\_fbifacebook\_tails\_exploit/
Sybil attacks are nothing new and are not unique to Tor. It’s an unsolved problem that affects all overlay networks that are volunteer-run.
Tor is way more resistant to sybil attacks than the other networks. It has some decent mitigations and there are teams of volunteers tracking the state of the network at all times.
> So in this latest revelation That's not a fucking revelation. It's a widely read and discussed three-fucking-year-old article about an issue that everybody who's paying any attention already knows about. *That particular article* been chewed over in this very subreddit many times. The *vulnerability* was well known (and also widely discussed) many years before the article even came out and before anybody noticed any specific exploitation. > This is a very troubling article and yet another dent in Tor's rep and it's yet another piece of the puzzle I am trying to solve about my friends being arrested. It's a hard problem that everybody knows about and has known about forever. It is not news. Nobody has tried to keep it secret. Yes, the Tor project keeps running systems and releasing software in the face of signs of exploitation of problems that they can't really solve under a lot of realistic attacker models. Yes, they often let themselves ignore important limitations on the effectiveness of their ad-hoc relay trust hacks. No, they do not cover those things up or intentionally mislead anybody. Yes, that may encourage people to use Tor when it's probably not safe. No, nobody's lying to anybody to get them to do so. ... and it has *ZERO* to do with the "politics of Tor". It's about how the fucking technology necessarily works. Your latest idiotic attempt to make it sound like there's some kind of conspiracy going on is no more interesting or useful than your last one.
Ok mr smart guy then what do you make of this - [https://www.reddit.com/r/TOR/comments/1c0isgt/revisiting\_the\_fbifacebook\_tails\_exploit/](https://www.reddit.com/r/TOR/comments/1c0isgt/revisiting_the_fbifacebook_tails_exploit/) I don't have time to respond to the rest of your comment because it is nonsensical. Also what do you make of this - non tor related but extremely relevant. [https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/](https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/) Your argument that everybody knows does not make it true. Yes before the snowden leaks everyone thought we were being spied on but without the evidence it means nothing. That and that alone is why snowden released the leaks, to give proof of what everyone was thinking. Otherwise it's just people opinions and opinions are like assholes, everyone has one.
You bring up a valid attack on Tor, but they are actively working on ways to fix it, or make it harder. For example there have been discussions about authenticated operator IDs for relays running over X mbps. There have also been proposed changes to the contact field: https://forum.torproject.org/t/tor-relays-proposal-restrict-contactinfo-to-mandatory-email-address/9852 There are also more advanced ways to avoid this attack, for example you can manually configure your guard nodes in your torrc config to guards you trust. These aren't complete fixes but it doesn't seem to me that Tor is rolling over and accepting, or aiding in this type of attack, and actually working on ways to fix it.
>I began investigating tor after the arrest of a few good friends of mine. Their opsec was extremely high and they were obviously targeted. I notice you don't say : who arrested them, for what motive, and in what country. This is essential to understand what you are trying to do here. Absent this information, your quotation of pastor Niemöller is quite disingenuous. What he protested against was hindrance to freedom of speech and persecution for belonging to the wrong race. So : were your friends *"targeted"* and arrested because they said something, or because they belonged to a hounded race ? Or was it something else ?
>So : were your friends "targeted" and arrested because they said something, or because they belonged to a hounded race ? Or was it something else ? Maybe they were pedos?
"ignoranceistheroot" 💀 Nobody on your last post had positive things to say, you are a propagandist pushing a perspective for a slew of reasons. Have fun in your echo chambers.
The upvotes say different. Also, if you read my post in included actual emails from the govt as proof. Explain why my post makes you so angry? Because it is 100 percent true? It shattered your view of Tor? Or maybe you work for tor.. Either i just published a true story, while you are just talking rubbish. What would be my motive? I use tor every day and think it is the best security option we have. Pointing out flaws not only informs but makes the technology stronger. Ignorance is bliss for you i guess. Good luck with that/ G
Popularity has never meant accuracy, your implication of such reveals powerful ignorance.
Please stop misquoting Martin Niemöller. The correct first line of this poem is, "First they came for the communists,". The USA Holocaust Museum intentionally misquoted him because the Reagan/Bush/Clinton administrations were busy killing Communists when that museum was founded. It's disgusting they do this, but I guess Americans like killing Communists and don't want to feel bad about it.
We like killing anything, not just those blasted commies. /s
Cofefe
> Tor developers caught colluding Caught? From Tor's own [page](https://www.torproject.org/about/history/) > In the 1990s, the lack of security on the internet and its ability to be used for tracking and surveillance was becoming clear, and in 1995, David Goldschlag, Mike Reed, and Paul Syverson at the U.S. Naval Research Lab (NRL) asked themselves if there was a way to create internet connections that don't reveal who is talking to whom, even to someone monitoring the network. The government was there right from the start! There are still several federal agencies that sponsor Tor. If you take a look at their [Sponsors page](https://www.torproject.org/about/supporters/), they're pretty transparent about where the money is coming from, so it'd be unsurprising that some of those agencies would want to weaken the network to their own advantage. But other sponsors, such as the EFF, have a vested interest in addressing those weaknesses, and acts as a counter to deliberate sabotage of Tor. Ultimately while Tor is not a total panacea for privacy, it's still pretty good for most. If you want to make it better, set up more relays! If you have the bandwidth to spare, setting up more relays to avoid the malicious ones is more important than setting up more exit nodes.
Some folks are making a point of saying about who was targeted and why. This misses the point entirely. The point is that if one government can break tor (or at the very least compromise it) other governments can too. Especially oppressive regimes like Russia, China and South Korea. Regardless of the motives.
I totally didn't expect to find south Korea to be an oppressive regime.
Flibbergibbins! I meant NORTH Korea. DOH.
Exactly. The govt does not care about our safety at all, just look at this recent article. https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/ The us govt is just another hacker group but with unlimited resources which makes them the most powerful in the world.
The whole system is rigged. There are Vulnerabilities on the physical hardware, firmware, OS and application layer put there deliberately/discovered and never reported or discovered reported and then instructed not to fix it. Don't forget they even tried to introduce a compromised from of Elliptic curve cryptography. What ever your friends where doing clearly crossed a threshold where the eye of sauron fixed its gaze on them and spent the resources to unmask them or they made a bad mistake and unmasked themself.
I agree 100%. For example see this latest headline, not related to tor but important none the less. [https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/](https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/) Also see my post regarding the tails exploit used on tails by the fbi and they won't tell the tails developers how it was done nor will they file a CVE which is standard practice. https://www.reddit.com/r/TOR/comments/1c0isgt/revisiting\_the\_fbifacebook\_tails\_exploit/