
Zed Shaw: Why I Don't Use Tor - nathanmarz
http://sheddingbikes.com/posts/1293530004.html
======
poet
It's shit like this Zed...

Two basic claims: Tor is tainted because (1) the concepts the software is
based on were developed with partial funding from the military and (2) Zed
thinks one of the committers is untrustworthy. Guess what? That describes a
huge amount of software, including _Mac OS X and Firefox_. God damn Zed, this
Hitler sandwich shit is pretty weak.

Zed also has a problem with Tor because he thinks there is a "gigantic
percentage of hackers and security experts on the volunteer payroll of a group
who's job is to illegally wiretap people and circumvent the law on behalf of
the government". He thinks some of these people work on Tor and thus Tor is
untrustworthy. Funny though, _his ISP is likely guilty of the same thing_. I
wonder if Zed takes that into account as a part of his paranoid fantasy.

There are serious problems with using Tor and Zed fails to mention any of
them. You'll want to read what Thomas has to say on the subject
(<http://searchyc.com/tptacek>). Specifically, Thomas mentions that a general
problem with tools like Tor is that it identifies your traffic as a subset of
all traffic thats probably worth monitoring. You're essentially adding bright
red neon signs to your most sensitive traffic. The amount of traffic going
through the Tor network is small enough that it is a tractable problem for a
nation state to attempt to monitor all of it. Thomas also goes into how the
incentive structure for these tools is completely broken. The defenders are
academic researchers going for tenure, the attackers are nation states with
millions of dollars to spend, and the users are dissidents that get killed
when the tool fails. Unfortunately, arguments with this level of nuance appear
to escape Zed in this case. I fear he doesn't have the domain knowledge to
write something intelligent about this issue.

~~~
dkarl
Thing is, you don't have to believe Firefox is trustworthy to believe it's
your best bet for surfing the web. The whole point of Tor is to be
trustworthy; hence, there's no point in it if you don't trust it. Plus, like
you said, using Tor may be worse than nothing, so you have to have a pretty
strong motivation and pretty strong trust. Using Firefox or OSX requires no
such trust.

~~~
poet
A comprised web browser or operating system gives the attacker your email
credentials, which by proxy gives them the rest of your life. You're trying to
argue that an untrustworthy browser/OS is not as significant as an
untrustworthy Tor. There isn't such an argument to be made. Browsers and
operating systems require trust.

~~~
dkarl
No, all they require is being just as trustworthy as the other browsers and
operating systems, even if that level is zero. Tor is an extra inconvenience
and calls extra attention to you and therefore requires a credible claim of
providing extra security to make up for the downside.

~~~
poet
Nope. If the trustworthiness of all browsers was zero, people would do their
banking in person. You're trying to get away with arguing only the relative
and not absolute trust of browsers is the only thing that matters. Not gonna
happen.

~~~
dkarl
Security is relative and depends on your particular goals. I may have zero
confidence that the government has not subverted Firefox, but that would not
stop me from using it. If there are government back doors in Firefox, they
aren't being exploited on a large scale for robbery or identity theft, and
that makes it good enough for online banking. It wouldn't make Firefox good
enough for evading government surveillance, but depending on your purposes,
using a web browser you don't trust might be better than not using a web
browser at all.

If someone of sufficient expertise decides to hack you and take your banking
info, they will, just like if someone decides to rob you on the street, they
will. We assume there are vulnerabilities in any piece of software as big as
Firefox. Your security depends on not being a particularly tempting individual
target for highly skilled attackers and staying up-to-date enough to avoid
mass automated attacks, and those factors depend on relative risks that can't
even be objectively measured.

Edit/PS: I am also confident that the government would not insert back doors
that are likely to be found by criminals, because those vulnerabilities would
be exploited by foreign governments and would hurt U.S. commercial interests,
which I imagine is the only kind of mistake that would result in Congress
taking drastic punitive action (slashing budgets, reducing autonomy,
increasing oversight) towards an intelligence agency.

------
dublinclontarf
As someone living on the other side of the Great Firewall of China it's become
VERY clear that a government can effectively censor the internet(without VPN
to get out it's terrible), provided that the government in question put enough
effort into it.

As I said in another comment, the Chinese government has beaten Tor. You can't
download it or even read about it(almost everything Tor related is blocked).
Even when you have it you can't connect, as all bridge IPs are blocked the
moment the gov discovers them.

It's slow as hell to boot and on top of this the Chinese government is still
able to monitor those who can connect with traffic analysis(a Tor weakness).

I'm something of a lazy cipherpunk and had hoped that most services and sites
would have moved onto darknets like i2p by now. But sadly this is not the
case, however it is the place where we finally need to go.

TLDR: I don't use Tor because it don't work, plain and simple. Never mind the
insecurity mentioned by Zed, and no one here is talking about this.

~~~
JonnieCache
At the end of the day when you're dealing with a government that has
absolutely no qualms about simply taking you away and killing you discreetly,
regardless of who you are, there is no hack clever enough to protect you.

~~~
dublinclontarf
True, but a good Friend to Friend darknet cannot be stopped as long as there
is a network to run it on.

~~~
flatline
If enough people were using it, I'd think that a) some of them would be
government operatives and b) the traffic could be analyzed to identify and
remove internet access from a large number of the participants. I don't know
that much about darknets so maybe the traffic analysis is not so
straightforward.

~~~
Locke1689
It isn't. You can use the analysis algorithms to hide your traffic in a bunch
of garbage. If China banned encrypted traffic it would be easier though.

------
alanh
“@zedshaw If you don't trust Tor because of me, you clearly do not understand
how Tor works. You can BadExit my nodes buddy.”

Appelbaum, <https://twitter.com/#!/ioerror/status/19703396818747392>

~~~
redthrowaway
Am I the only one who is disappointed that two supposedly professional adults
can't manage to have a grown up conversation about this? Reading the back and
forth is pretty disheartening.

~~~
zedshaw
Oh, it's pretty much impossible to have any rational conversation these days.
The majority of the technology speech these days is manipulative, flat out
wrong, very anti free speech, and hyperbolic. When you start from that,
there's just no point trying to be reasonable.

~~~
redthrowaway
While I agree, you started the conversation by breaking Godwin's Law. I don't
think Applebaum paid particularly close attention to your piece, but I
probably wouldn't either in his position. A cursory skimming of your post
reads as, "would you eat a sandwich from Hitler? No? Then why do you use
software from Applebaum?" I don't think that's a fair distillation of your
argument, but it is reasonable to think that someone briefly scanning your
work might think it to be so.

Complaining about tech speech being hyperbolic whilst simultaneously
[implicitly] comparing Applebaum to Hitler is a little ballsy, tbh.

~~~
blasdel
You not only got that backwards, but Godwin's law is not one that can ever be
'broken' — just because you haven't used Hitler in an analogy yet doesn't mean
you aren't asymptotically approaching such a comparison.

Using der Fürher in an internet argument is a _realization_ Godwin's law, not
a violation of it.

------
drats
Ad Hominems are a-ok now are they? Well here's Zed's thought process:

a) Read Greenwald Salon article accusing Wired of having shady connections.

b) Roll that basic premise into a set of wild accusations and things we
already know about Tor.

c) Sit back and enjoy the whole chaos of the troll. When someone attacks bring
out the usual sockpuppets and sycophants to say "but Zed does all this great
coding", "Zed is not like that in real life/conferences".

d) Profit/save on therapist fees by feeding own teenager-like angst and need
for attention.

~~~
zedshaw
Ad hominems are totally alright in my book, especially since everyone loves
doing them to me and then bitching when they're done back.

For example, your post doesn't have a single link giving counter evidence.
You'd think you could bring some of that out but so far, in this entire
thread, there hasn't been _one_ link with counter evidence. There's been links
to our twitter conversation, links to things supporting Tor is crap, links to
discussions of Steganography, but so far I can't see 1, not ONE link with
counter evidence proving me wrong.

I actually would love some, and was hoping I'd get some since I provided
references, but nope. Just bullshit rhetoric and ad hominem from people who
claim to hate bullshit rhetoric and ad hominem. So don't go acting like you're
all above the drama.

~~~
rbanffy
> Ad hominems are totally alright in my book

Zed, find a therapist, please. You are a talented person but your mind needs
debugging.

~~~
tptacek
Ad hom arguments aren't mental illnesses. They're logically fallacious, which
matters a great deal in ritualized forensic arguments but not so much in
informal or general argumentation, where the attributes (particularly:
credibility and authority) of particular stakeholders can often be very
relevant.

~~~
rbanffy
My advice is a friendly one. If Zed has issues that drive him to behaviour
that's considered problematic, that costs him jobs and good will, I say he
should try to look into himself with some professional help. Zed is a very
talented programmer and I hate to see him in situations like the "Rails is a
Ghetto" thing.

And, Thomas, "ritualizing" may be the only way to keep forensics sound. When
you prove something, you want it to remain proved.

~~~
rbanffy
And, BTW, I wouldn't recommend that if I hadn't done it myself. Therapy is a
very enlightening tool.

------
redthrowaway
It's an interesting question. If Project Vigilant had compromised Tor, I'd
expect there to be quite a few pedophiles who had used it to share cp getting
busted. I'm not aware of _any_ such incidents, let alone many. I imagine that
the government wouldn't want to give away that they had it compromised, and so
would simply use the information to compose a list of people to watch for slip
ups, but one would expect to see a rise in the number of arrests, which would
likely get at least _some_ play in the MSM.

Conversely, if the NSA had compromised it one would expect to see no outward
signs, as they a) don't care about pedophiles, b) would claim "national
security" to hide the means of tracking terror suspects from the public's eye,
and c) likely wouldn't tell anyone when they _did_ apprehend someone.

I think it's probably pretty likely that the NSA is running a few nodes, but
that's the risk you take wit something like Tor, just as bittorrent seeders
risk riaa proxies downloading from them.

~~~
narag
I find funny that I was re-reading a novel this morning during the commute,
about a WWII cryptographer and arrived at the point were he sees that the
warning in every secret document was "never take any action that could reveal
the enemy that we can break their encryption".

~~~
redthrowaway
I don't suppose MILINT has gotten any less competent in the last 60-odd years,
but not disclosing that Tor is compromised would seriously hamper using it as
a source for law enforcement, hence my thinking it would be more likely to be
NSA. If so, I doubt we'd ever know, short of somebody leaking it.

~~~
yardie
If there was an organized effort to bust people using Tor then a pattern would
emerge. In so much if they were high-profile targets (political dissidents,
whistleblowers, spies, etc.). If they were cp collectors I don't think anyone
would care enough to do an investigation.

~~~
trotsky
This assumes that political dissidents, whistleblowers and spies are using tor
in any significant numbers. It seems quite unlikely to me that this is true. I
think you'd find that the vast majority of tor traffic is comprised of people
trying to mask their location for criminal reasons, people looking to bypass
local firewall restrictions and people using it as a free VPN.

~~~
yardie
Yes, but even criminals talk. If there were a string of busts and the item
connecting them all was the fact that Tor was used by the criminals then it
would be an easy conclusion to say that Tor has been compromised.

Most of the CP cases are done with a lot social engineering. Instead of having
some sort of super router that can sniff through all the packets its just a
bunch of LEOs in an office trying to gain the confidence of the criminals.

~~~
redthrowaway
This was my thinking as well. The overwhelming majority of cases you hear
about are broken using old-fashioned police work. Even petitioning ISPs for
records seems to be a fairly minor part of the equation.

A pedophile running a hidden TrueCrypt volume and using Tor to trade chid
pornography on onion sites is likely to get caught only if they pull a Bradley
Manning, that is, saying the wrong thing to the wrong person. Unfortunately,
most pedophiles these days that trade in child porn are likely more
technologically advanced than the people responsible for tracking them.

------
mcantelon
>The problem is that Tor's pedigree is less than stellar. First, it was
originally a US Navy project then released to various "hackers" (a word which
in a lot of ways is just synonymous with "NSA collaborator" or at least a
wannabe). Whether the source code started there or just the idea, you have to
ask why the hell the Navy would work on this and then release it.

Goodness me! We should also be examining that DARPA developed honeypot called
Teh Internets and take a second look at that ominous collaborator Sir Tim
Berners-Lee.

Once I got to Zed quoting Project Vigilant's volunteer count I had to laugh.
Zed's bullshit detector needs a tune-up.

------
bjonathan
Full twitter conversation between @zedshaw and @ioerror:
<http://nearmetter.com/ioerror/zedshaw>

(I'm in no way affiliate to NearMetter, it's just the best way I found to
easily read a twitter conversation)

~~~
kirubakaran
Their cockfight theme is brilliant. If they had voting, bystanders can egg the
participants on and add fuel to the fight... not that this particular duo need
to be. When one "wins" votes, this can be displayed
<http://www.ruleworks.co.uk/poultry/images/mating.jpg>

------
g_lined
This, to me, sounds like a classic case of not knowing what you're protecting
against. TOR hides your IP address by preventing the destination server ever
needing to do a TCP/IP handshake. There is no way to complete a TCP/IP
handshake without you revealing your IP address. TOR then also stops the
server you /do/ handshake with knowing the destination of your packet.

This is all TOR is supposed to do. This allows you to be anonymous to the
receiving end, but it does not guarantee it. It is your responsibility to surf
safely, to sanitise your traffic, to encrypt your traffic and do the rest. We
know that most people can be uniquely differentiated by combining all the
available information from their browsers (some of which doesn't need
javascript) <http://panopticlick.eff.org/> . Therefore we know, using TOR or
not, that we need to be careful to do things well when we want to be
anonymous.

There is little in this article which makes me worried about TOR. TOR isn't
the problem, if any of this is true, then the problem is the government
collecting data in various ways. Whether you agree with this is a matter for
yourself to consider and not a reason to avoid using TOR.

------
Flankk
It doesn't matter that Tor was originally a US Navy project. Tor is open
source. DARPA created the internet. Do you think the internet is a conspiracy
by the US government to wiretap American citizens too?

Tor is used in China to access censored data. Tor is used to send encrypted
data anonymously from oppressive countries. Both of these things align
perfectly with the honest motives of Wikileaks.

Step outside your world Zed. Some people have a real _need_ for projects like
Tor.

------
tonfa
Wikileaks is supposed to ensure anonymity to leakers, so I don't see how
contributing to both projects is contradictory...

~~~
anonymous246
The softly stated allegation is that Wikileaks can use their knowledge of Tor
weaknesses to _SNOOP_ and extract traffic not directed at them. At least,
that's what I understood.

------
agl
(I rather suspect that Mr Shaw is trolling, but anyway.)

It's certainly true that humans have all manner of interesting behaviors owing
to the fact that we're smart apes with huge numbers of survival heuristics. I
would pause before taking a sandwich from Hitler, because I'm human, but it's
not pertinent to the question of whether the sandwich is any good. (Except in
as far as you think it more or less likely that the sandwich is poisoned etc.)

So I find the whole first half of the text to be a flabby way of saying that
the arguments of dishonest people need to be evaluated more critically than
those of honest people. But I find that the arguments of honest people need to
be critically evaluated too. I think that the authors of Haystack were honest,
but their assertions turned out to be dangerously wrong. (Which, by the way,
we know thanks to Mr Appelbaum.) So, as a guide, the motives of the author
don't seem to be very useful to me.

Then, in the second half, we find a mixture of arguments that I find valid,
and many that I don't. A sense of vertigo at the amount of trust that we have
to put into software is justified. It is possible to hide major bugs in code
and we're standing on a stack of hardware, kernel, and userland which is
incomprehensible to any one person these days.

It's also true that there are some fairly effective attacks against Tor for
the capable opponent. It's a real-time mix-net, with all the tradeoffs implied
and it generates a lot of research. I recommend reading some papers of the
papers, I find them often to be very good.

But accusing the Tor people of being NSA agents because they once got funding
from the navy doesn't hold water. The Internet was an ARPA funded project.
Military spending has subsidised much of the modern world.

Many people have read through Tor's source and evaluated the protocol etc. Of
course, all those people could be NSA agents too, publishing fake papers. You
could, in fact, be in The Matrix. But you probably aren't.

Some, likely massively exaggerated, secret project might be monitoring every
ISP on the planet and thus able to break any real-time mix net, but they
probably aren't.

Likewise, all the Tor node operators that I have met might all be NSA plants,
but they probably aren't.

And finally the author picks out Mr Appelbaum for special criticism because he
connects him with Wikileaks. I think his assertion that the goals of Tor and
Wikileaks are in conflict is wrong, but we could go around all day trying to
pin down the goals of Wikileaks so that's probably not fruitful. But it does
seem ironic that the author voices support for Wikileaks right after asserting
that such supporters are not to be trusted.

So, while the stack of software is, indeed, large, Tor remains a reasonable
tool to use. If the author is so concerned with the human aspect, the Tor
authors are make regular appearances at conferences and are wonderful people
to meet. So do, and are, node operators in my experience.

Also, on top of Tor, there's a fair chance that the author is using a browser
who's network and SSL stack I've had a hand in. And who knows what kind of
person he's taking a sandwich from now?

~~~
billswift
>So I find the whole first half of the text to be a flabby way of saying that
the arguments of dishonest people need to be evaluated more critically than
those of honest people. But I find that the arguments of honest people need to
be critically evaluated too.

You over-simplified the argument here, I think. I read it more as a person's
_motivations_ need to be considered, not particularly honesty. And nearly
everybody has motivations that may influence how and what information they
present to you.

~~~
CWuestefeld
_a person's motivations need to be considered_

But how can we know a person's actual motivations? Those are internal to the
individual, we can't see them. Heck, in many ways the individual himself
doesn't really understand his own motivations.

Trying to consider motivations is thus completely fruitless. We only have the
history of a person's actions, and to a lesser extent, the history of his
statements, to guide us.

~~~
j_baker
Stop being naive.

What is a used car salesman's motivation? It's reasonable to assume that their
motivation is to get you to buy a used car.

What is a crack addict's motivation? It's reasonable to assume that their
motivation is to get more crack.

These are somewhat extreme cases, but you can almost always tell what a
person's motivation is by observing them. What is a married man's motivation
for not wearing his ring? He either: forgot it, lost it, is having an affair,
or is no longer married. And you can probably tell which if you ask him the
right questions.

~~~
borism
so let's say motivation of the majority of Tor contributors' is helping Web
users stay anonymous.

but there is also minority who wants to surf child pornography undetected.

and then there is really small minority who are there so that NSA can have a
better look at what's happening.

what then will be the end result of the code produced and deployed do you
think?

------
jasonwatkinspdx
It's somewhat informative to compare Zed's response to personal criticisms vs
those he targets with his own criticisms. Follow the chain of twitter replies
and make up your own mind.

~~~
axod
So much name calling and playground idiocy. Just looking at a sample of the
tweets made my head hurt.

Surely most of us don't use Tor because

    
    
      1. It's slow as hell
      2. We're not doing anything illegal or trying to get past
         censorship

~~~
dublinclontarf
Well I did try to use Tor to get past censorship(I'm in China) and it's not
effective here unless you already know someone outside the Chinese network to
connect to (that is not a public ip).

They (Tor) are losing their fight. IMO

~~~
loup-vaillant
Suppose the FreedomBox catches on, and there's a Tor node on half of them.
That could represents millions of Tor exit nodes within 5 years.

That should turn the tide, don't you think?

~~~
trotsky
If we're playing the suppose game, what if the chinese government collapses?
That'd turn the tide too, and there's probably a better chance of that
happening then there ever being millions of tor exits.

~~~
loup-vaillant
I'm playing the guessing game because I believe the FreedomBox will happen
(more than 0.9 probability within 5 years). We have the hardware and most of
the software. The final set-up should take a year or so, then we just have to
sell that. And selling will be easy. Who wouldn't want a bit of personal cloud
at home? We don't even need to overthrow Microsoft, or eradicate Windows. No
coercion is required, except with some ISPs.

The Chinese government collapsing within 5 years? That takes a revolution. I
assign less than 0.1 probability to that.

------
trotsky
Regardless of his reasons, I think the result of not trusting tor is
warranted, at least for most of the traditional reasons one might seek out
tor.

The EFF themselves present many of the problems:
<http://www.torproject.org/download/download.html.en#warning>

On top of that, the EFF has demonstrated that they are worried (reasonably)
about the trust given to the global CA structure:
[http://www.eff.org/deeplinks/2010/03/researchers-reveal-
like...](http://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-
governments-fake-ssl)

In terms of protecting your anonymity, even when correctly managing cookies
you may be uniquely identifiable by browser fingerprinting:
<https://panopticlick.eff.org/>

At least the last time I looked, the network appeared quite thin, with much of
your traffic by default traveling through a small collection (perhaps as low
as one) of exit nodes.

TOR also represents a juicy target for eavesdropping by its nature as a
concentrator for people trying to avoid it. If you were a burglar, it would
make sense to stay the hell away from a place the cops had identified as a
hotbed of burglary since they'll probably be concentrating their efforts
there.

And, of course, there is the issue that it's been used in the past to publicly
out users traffic:
[http://www.theregister.co.uk/2007/09/10/misuse_of_tor_led_to...](http://www.theregister.co.uk/2007/09/10/misuse_of_tor_led_to_embassy_password_breach/)

Most of these things apply to other possible solutions, but at least there you
may get the advantage of most users of those services "having nothing to hide"
making them not as juicy a target.

If I was super, super concerned about my privacy and anonymity when sending a
specific few documents or such, I'd most likely take a page out of the black
hat handbook and compromise a few lightly administered servers and use a not
commonly used covert channel.

------
Lagged2Death
"Wikileak's job is to take people's secrets and show them and who's hiding
them to the world."

Here we see the again the conflation of organizations and individuals in an
opinion piece connected to Wikileaks. Why does this happen so regularly?

I don't know anything about Appelbaum, but it's perfectly possible that he
believes in personal privacy and institutional transparency, a not
particularly radical, surprising, or unusual stance which would resolve this
"conflict of interest" perfectly.

~~~
borism
I'm tired of this argument as well - it also goes something like this:

"Assange has founded Wikileaks, so how dare he oppose leaking details of his
alleged sex crimes trial!?"

------
kungfooguru
"I haven't once seen you answer the claims I made."

Woo, Zed is the new Glenn Beck.

------
comice
Remember that Zed Shaw was "a top qualified soldier in the US Army". Maybe Zed
is a bad actor in the pay of the US Army and this article is an attempt to
discredit Tor for their benefit! ;)

~~~
mithaler
Your emoticon indicates you were joking, but in all seriousness, in the
context of discussion about this article, Zed himself makes it a real issue.

------
neild
The problem with Tor, as I see it, is that it can easily make you more
vulnerable rather than less so.

When I access some random website from home, my traffic is vulnerable to
capture and analysis by my ISP, the intervening backbones, and the website
that I am accessing. I don't trust my ISP and the backbone providers not to
examine my traffic, but I do have quite a bit of confidence that they _don't
care_ about me. I'm not very interesting.

If I use Tor, I add another party who can capture and examine my traffic: The
Tor exit node.

I most emphatically do not trust random Tor exit nodes not to examine my
traffic. I'm quite confident that the NSA and other government organizations
run their own Tor exit nodes--after all, a stream of traffic generated by
people who are interested in hiding their activities is likely to be quite
interesting.

I can encrypt my traffic...but not all of it, and do I really want to trust
that everything important is properly encrypted?

If I had something to hide, I'd do so by blending into the crowd, not by
slapping a big "I'm trying to hide" label on my traffic and sending it to the
people most likely to be interested in it.

------
dkarl
Funny, I think in terms of my "informational immune system" all the time, and
the one time I used it here I got downvoted into oblivion (though it looks
like I recovered a bit!): <http://news.ycombinator.org/item?id=2006412>

Geeks are opposed to certain sources of knowledge, probably because they see
themselves as on the receiving end of bad assumptions based on their clothes
and mannerisms, and I agree with them that it's always best to avoid
subjective judgments when possible. However, there are so many situations in
life where you can't audit the source code yourself, and when there's serious
risk, you have to make use of the information you have. You can't investigate
the provenance of the cheese sandwich, and even if you could, do you really
want to spend your whole life playing Sherlock Holmes? I'm thankful for open
source and the people who read code, but I am not going to read the source
code of every damn piece of software I use. Sometimes I'm just going to say,
"The only source for this software is a shareware site in a country I've never
heard of, and it claims to come bundled with porn, so I do not feel
comfortable installing it on my Windows PC no matter how good some guy on
4chan says it is." Nothing against porn or countries I've never heard of, but
my Spidey sense is tingling.

------
limmeau
So why use OpenSSL, then? It's been written by people I don't know. Some of
them may be Vigilants. Some of them may be secret members of the Wikileaks
team. One of them even studied only 12km from the BND headquarters. It has had
exploitable holes before.

~~~
zedshaw
I don't use OpenSSL in software I wrote if I don't have to. :-)

------
trustfundbaby
Great ... I'm going to have to stop using the internet now, since it came from
a United States Department of Defense project.

------
fbcocq
It's reasonable to assume that if Hitler wanted you to die, he wouldn't poison
you with a sandwitch and risk being called a woman behind his back.

Anyway, motivations do not matter one bit when it comes to evaluating whom to
trust with your data, if it's not safe by _design_ then it's not safe period.

------
JonnieCache
Tor is not exactly an ideal solution to the problem of privacy, as zed has
pointed out. It is however a great solution to the closely related problems of
anonymity and legal deniability.

If you're running an international criminal network I imagine it's ideal.

------
Raphael
So what does he use that's better than Tor?

~~~
mahmud
His indoor voice, I am guessing.

------
iuguy
Am I wrong in taking the cheese sandwich from Hitler if it's a very good
cheese sandwich? After all, I'm writing this on a Mac, a platform owned by a
company that has interesting views on what people should and shouldn't be able
to do with their own kit. I buy Windows from Microsoft (which according to
many Usenet postings is clearly the closest thing to accepting a cheese
sandwich from Hitler, especially in the Linux groups).

I think Zed's fallen wide of the mark here. He's failed to address the
technical failings with Tor, instead opting to launch his own ad hominem
attack on Jacob Applebaum (who's done more than just work on Tor and
Wikileaks) and the history of the project as a US Navy tool.

If he has such a problem with Tor then it's worth auditing the code and seeing
for yourself. It's not perfect, but Tor has it's uses. If you really need the
kind of anonymity to protect something life threatening then don't use Tor
(due to it's failings in the cheese sandwich quality department, not because
of it's history or contributors).

------
rincewind
I have heard that China runs lots of nodes in order to a) spy on people who
want to hide from the chinese government and b) spy on foreigners and c) make
life harder for western intelligence agencies. Maybe every secret police or
spy organization runs exit nodes and you just have to use those from a
government that has no interest in you.

------
samuel
Huh? Where's the conflict between Wikileaks and Tor? Wikileaks publishes
goverment's secrets. Goverments sniff(presumably) citizens' communications,
both content and session data. Tor helps citizens to leak those secrets hiding
their session data.

Where is the conflict?

------
pulpfiction
Well, Mr. Zed Shaw is trolling. No doubt about that.

I wonder how he makes the conspiracy theories about NSA when Tor is open
source? He is free to investigate the source code for 'backdoors'.

Such conspiracy theories and trolling are nothing but desperate attempts for
attention.

~~~
tptacek
It's a myth that having the source code for a cryptosystem is going to allow
you to spot backdoors. Crypto flaws have hidden for many, many years in far
more important projects than Tor. Crypto flaws are very subtle; you can create
a backdoor in a crypto routine simply by changing the way it happens to
influence the L1 cache.

------
comice
Even if the meandering list of risks Zed documents are serious and cannot be
mitigated, Tor still is useful for all kinds of situations.

This article isn't that useful without knowing the nature of what Zed doesn't
use Tor for.

------
yardie
OMG! The government created something useful therefore it can only,
fundamentally, be a trojan horse. While I'm sure there could be some crackers
out there trying to insert bad code. I also believe these things tend not to
stick around for long. Especially when blame says "Hey, I've inserted code
here, here and here. Try not to read me too closely."

I've tried Tor in the past and I stopped because:

* It's really slow.

* It's the chatroulette of really questionnable material. You stumble into some shit and think WTF?!

* The amount of traffic it generated caused my shitty router to slow down significantly or crash completely.

~~~
shareme
If wikileaks can snoop tor nodes to get its first data release than that is in
fact a trojan horse..no imagination required..

~~~
loup-vaillant
As I understood it, some of the guys who leaked material for Wikileaks did so
by using Tor normally, like would a Chinese journalist. Wikileaks doesn't need
to crack or misuse Tor in any way to receive leaks through it.

------
Tichy
I didn't understand the part where Wikileaks and Tor are supposed to have
different goals. I thought the point of Wikileaks was to publish information
anonymously - surely Tor would be suitable to help with that (Tor as it is
supposed to work)?

I must admit that I am simply too chicken to use Tor. In Germany I think it
can actually get you in trouble if some pedophile exits through your node.

Also last I checked, there really were some issues with the security model.
That was quite a long time ago, not sure if they have been fixed now.

~~~
flawawa2
Using Tor does not mean that you are an exit node. You have to actually set
that up and it is warning you about it. Using Tor as a client only is safe and
secure.

If people do bad things through your exit node, you are in danger regardless
where you live. The law enforcement must be aware of what your server was
doing. Its understanding varies from place to place.

~~~
Tichy
OK, then I guess I made that decision to chicken out about running an exit
node. It seems a bit parasitic to not run one and still participate, though?

~~~
natep
The Tor nodes are not anonymous, so nobody expects users of a Tor node to run
their own...they're trying to be anonymous.

------
noonespecial
It's important to remember that TOR is an _anonymizer_ not an encryption
scheme. It hides who you are not what you say. Think of it as using Hitlers
wifi while you eat that sandwich.

------
wazoox
_> P.S. I have a long bet that SELinux is an NSA backdoor. Any takers?_

I don't know if it's an NSA backdoor, but there were several security alerts
related to SELinux. I don't understand why all common distros use this. I
don't, I compile my kernels from unpatched vanilla source.

~~~
est
> there were several security alerts related to SELinux.

Can you elaborate?

~~~
wazoox
There were several security advisories in the past years, of various privilege
escalation or other security holes that were actually in SELinux and not
present in the vanilla source. I didn't keep a log of the details but you
probably can find them in the advisories archives.

~~~
TheCondor
Holes SELinux created? Or holes where SELinux was circumvented in new or
changed functionality?

I'm not aware of any time SELinux has actually introduced a new hole.

~~~
wazoox
I don't remember precisely, just that the proof of concepts simply didn't work
on a kernel without SELinux. When the proof of concept is for instance a
privilege escalation, this is quite significant.

------
JulianMorrison
I'd eat the sandwich.

------
krosaen
track the follow up twitter bickering between Zed and Appelbaum:
[http://bettween.com/ioerror/zedshaw/Dec-21-2010/Dec-28-2010/...](http://bettween.com/ioerror/zedshaw/Dec-21-2010/Dec-28-2010/desc)

------
ajays
I, for one, would like to point out to Mr. Shaw (and others) that the Swastika
is a religious symbol to a lot of people ; maybe even 20% of all humanity (the
Hindus, for one).

Just because the Swastika was co-opted by Hitler and his cronies means nothing
to most people outside the western world (which is in a minority).

Secondly (while I have this soapbox): whether you take the sandwich from
Hitler or not depends on whether Hitler is your "Der Fuhrer" or not (remember,
he's long dead, so time travel is involved in Mr. Shaw's hypotheticals). If
Hitler is your Fuhrer, then you _better_ take that sammich and eat it if he
offers it to you! :-D

------
mfukar
I find the fact that mr shaw chose today (see 27c3) to voice his "concerns"
further adds to the amusement of his endeavour.

------
kungfooguru
Haha, oh, Zed. Pretty sure the military STILL uses Tor. Oh no! What could the
Navy or army have use for a tool that protects them from surveillance?! Oh
right, everything...

It was all fun and games when Zed was talking shit about Ruby but he's jumped
the shark. It was bad enough when he freaked out because someone was
converting his books code to Ruby from Python. Free code but not free book?

~~~
trotsky
The report is that "A branch of the U.S. Navy uses Tor for open source
intelligence gathering". All this means is that they use it to obscure their
origin IP address from a website when they are collecting publicly available
information (so that people don't look at their logs and see a huge navy.mil
spider or the like) and has nothing to do with anti-surveillance or a
sophisticated attacker being able to track them.

------
ra
What are the alternatives?

------
ahn
Not even a good troll. He didn't even mention that arma was at NSA.

