[tor-talk] FBI cracked Tor security

Mirimir mirimir at riseup.net
Sat Jul 16 12:51:13 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/16/2016 06:00 AM, Jon Tullett wrote:
> On 14 July 2016 at 10:41, Mirimir <mirimir at riseup.net> wrote:
> 
>> There is an aspect of visiting hostile onion sites that's 
>> especially problematic: forcing direct clearnet connections that 
>> reveal users' ISP-assigned IP addresses. It's irresponsible to 
>> continue recommending only vulnerable setups, especially Tor 
>> browser in Windows.
> 
> I think we differ there.

Indeed.

> I don't think it's irresponsible, and I don't think the 
> configuration is designed to be vulnerable.

I never said that Tor browser was designed to be vulnerable. But it
is, and Whonix isn't. And yet, years after Freedom Hosting, there's
very little on the Tor Project site about how to prevent leaks, and
nothing about Whonix.

> I do agree there's room for better awareness, but there's no 
> perfect solution.

I'm hardly asking for perfection. Just a little heads up for the sheep.

> At some point people have to take responsibility for their own 
> safety, and the fact that they're downloading Tor in the first 
> place suggests they are able to do so.

Maybe so. But from what I've seen, you're being far too optimistic.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJXii21AAoJEGINZVEXwuQ+hTwH/jN7siN9OBnZCrnYHi5cwmes
/2shZ64d6j6HipJGNHF6g8LGb55Yax79Ty/7PcKeTpVdyGuZ53iolKn1vuzSNcm2
x/Ff5UpmNvi8yJzjcxnDUPhF9ug9xOHb/x4w64Lw+jCAB1O2mUnytXaS+MkdfdLG
X/nXZ/PdiVMQ9vjHF+eqdTw3amMS3PZar49+sTyUC+TxXsGZjGKwL6f8A6pMy/Oa
3RxJABBw4qTUDFNTpcxZVIYz479wyOQP0FqIDZWq5O3rLOesjrqA0ZteHtyoC+iD
4JQ4EKEzEAy19LzO8AgO+4/X9pHNtcj3keNQ9/kx48pgxhUJYcQCuhhH2wEeEi8=
=dUCu
-----END PGP SIGNATURE-----


More information about the tor-talk mailing list