[tor-talk] FBI cracked Tor security
Jon Tullett
jon.tullett at gmail.com
Sat Jul 16 12:07:25 UTC 2016
On 16 July 2016 at 01:46, Joe Btfsplk <joebtfsplk at gmx.com> wrote:
> On 7/15/2016 12:34 AM, Jon Tullett wrote:
>>
>> On 15 July 2016 at 01:23, Joe Btfsplk <joebtfsplk at gmx.com> wrote:
>>>
>>> You're not really suggesting that users under hostile dictatorships or
>>> ones
>>> trying to expose democratic government unconstitutional actions, take
>>> full
>>> responsibility for the ongoing modifying, patching & constant reading
>>> about
>>> weaknesses of Tor Browser "for their own security?"
>>
>> Yeah, I kinda am. Users in such hostile environments absolutely need
>> to take more care to keep themselves secure, and not just online. If
>> you are relying on any product to keep you alive, you definitely
>> should be constantly reading about it.
>
> Respectfully, you're dreaming if you think whistle blowers, political
> activists or citizens under brutal regimes are *necessarily,* or even mostly
> computer geeks. :)
Sure. Nor are they physical security experts, but some have to learn
pretty quickly how to evade pursuit, right? It's not Tor's job to
cover that, either.
Tor is a very specific tool, remember. You can use it for lots of
things, but I'm not sure it's appropriate for the organisers to take
responsibility for education people about every possible use-case,
risk, and adversary. You know your situation best - you need to take
responsibility for understanding your risk profile and taking
appropriate countermeasures, only one of which will be using Tor.
That said, I do think that where attacks are commonplace, or
frequently misunderstood, it makes sense to draw users' attention to
that, not least because there's a very good central facility to
achieve that - the Tor browser's start page and update mechanism. But
there's a balance, and while we may disagree on where the balance
lies, ultimately it's up to the project team to decide.
-J
More information about the tor-talk
mailing list