There are seriously forums full of pedofiles sharing pictures and - maybe worse? - their stories and wisdoms. Maybe out of utter fascination, I spend about few hours on there and I felt like I want to murder all humanity. On one of these forums, there was this alleged "doctor", who adviced people, from what age you can have sex with your children without their doctor to notice. Tips how to kidnap young children. The worst thing was that I just knew that - if they don't do something stupid - they are basically untracable and uncatchable, while I would simply want to catch them all and kill them one by one. (I am sorry for being so expressive.)
There were also some picture forums but really I couldn't stand that, I just wanted to vomit while I was shaking.
I... am not sure why I am writing this. I am all for Tor. But we have to admit - when everything is allowed and anonymous, EVERYTHING is allowed and anonymous. And the dark parts of humanity flow on top. Drug markets, weapon markets, assasin markets (altough I don't know how sersiously to take those), terrorist websites, child porn websites.
But - as hard it is for me to say it - to see that the seriously f...d up child molesters are freely allowed to say really anything there and noone has a chance to catch them just shows that Tor is really anonymous and safe.
I do not know if The Hidden Wiki is still operating, if the dark places I visited are still operating, it is about one year and I did not feel any urge to revisit it again.
These people would exist anyway. Sometimes humanity sucks. Interesting though, TOR allowed you to study them in a way you would never have been able to otherwise. It merely disgusted you, but it could be a valuable resource to someone who studies how people break and thinks about what might be possibly done to help or hinder them.
Perhaps they talk about it so much that they don't get around to doing it--studies on violent pornography and child pornography sometimes find that viewers use them as a safe outlet to actually doing it themselves. But that's a huge gamble. At present, TOR is simply enabling child predators to be better child predators.
Imagine a perfect world. Not a world in which everybody is perfect, that would be boring, but a world in which institutions really function. In such a world you'd expect to find this kind of forums, find them anonymously and relatively easy. They'd be up and running for years. And they'd be fully staffed by people well-versed in finding and helping pedophiles (cops, psychiatrists etc).
You can't check people at birth and see if they have criminal tendencies. It's unethical (and impractical) to watch everybody all the time. What you can do is make sure there are places where they'll gravitate naturally towards, and control them for your benefit.
The right way to dismantle a pedophile network is to arrest everybody, steal their online identities and keep on posting the materials they already have. Otherwise you're just playing whack-a-mole.
This is how law enforcement has been working on carding forums. And while I don't think the enforcement is effective for that, since the financial incentive is always there, I do think there is a finite supply of people willing to prey on children for money and that there's a possibility of capturing the vast majority of them.
Why would they ever meet up? What goods are there to exchange, other than, uhh, tips and tricks? I wish I could share your optimism, but I decidedly don't.
There are "new" images.
There are children.
Unless an actual law enforcement person involved with this confirms it's usually that easy, I file all of this under rationalizations... understandable ones, but still. Because yeah, this stuff can mess you up, and we always seek to return to normality.
It's very easy to say all this until you visited those places. I wouldn't want to, I remember trying to talk with pedophiles in a public, above-board forum, (where they were of course always beating around the bush, it was all about "simply loving children", who have a right to be loved blah blah), and I couldn't even take that for more than one post, I read the replies and thought fuck this, fuck you people, I don't need this in my brain. But that was harmless - the dark, uninhibited underbelly of that? WHOA. I wouldn't have the nerve to read an hour of that - just talking about text here, that's enough for me kthxbye :/ - but I take it seriously, because I think I can kinda imagine how it might be. I know just ranting about it also pointless, but I also disagree with hand-waving it away.
As are their cars, their phones, the air they breathe, etc.
When are smart people going to stop falling into this fallacy?
Not the most attractive canary I could possibly imagine.
I use it not to share pictures nor commit crimes but to do what you say is worse: talk to other pedophiles. Tor permits us a safe support forum.
fatbird says: Whether or not they exist anyway, it seems obvious to me that a supportive peer group is going to increase their effectiveness at predation.
Quite the opposite in fact. Dialogue among pedophiles facilitates two things that you might not have expected:
1. Greater awareness of the draconian consequences which generally result from breaking certain laws, and a corresponding discouragement of doing so in the first place.
2. Most importantly, it gives us role models beyond the ugly stereotypes society has created for us: each other. Since role models are by definition templates for action, this makes it far less likely that we'll act as badly as society would expect.
I can't claim that all pedophile forums are like this. But the ones I frequent -- which are among the most popular -- are, and the less we're driven underground, the more our dialogue will resemble my description and the less it will resemble yours.
Also, it may sound self serving of me to say this, but the risk of pedophiles on the Internet is waaaay overblown. The behavior most of society considers sexual abuse is far more likely to be from a child's caretakers than some stranger on the Internet. And child pornography, from what I understand (and I really am not stupid enough to download it myself, even with Tor), is mostly the same old images again and again.
You are correct that a child's caretaker is often the culprit.
However, you are dead wrong on Internet pedophiles being overblown. It's quite the opposite. Post a Craigslist or Backpage ad saying you're a 12 year old who wants to meet a mature older man to have sex, and watch the replies pile in from every direction. Or, enter any chat room saying you're a teenage girl and count the seconds until an adult male begins flirting. Or, see how many friend requests and direct messages underage girls get from adult strangers on Facebook.
There's a reason why convicted sex offenders in the US are not allowed to have access to a computer (yes, law enforcement searches their home twice monthly).
And how many who post such an ad are actual children?
Or, see how many friend requests and direct messages underage girls get from adult strangers on Facebook.
Do you have statistics on this, including how many advances actually get anywhere? I know a few underage girls who are on Facebook (no, my reason for this has nothing to do with sexual interest in case you were wondering) and I haven't heard much about this from them.
I'm not saying nothing on the Internet involving a pedophile and a child ever happens which society would judge to be bad. I'm saying it's pretty damn unusual as compared to such events offline, and the risk is, indeed, overblown.
Your comment suggests there is greater value in learning from a pedophile while he is out there victimizing children than there is learning from him behind bars.
There are plenty of interviews of convicted pedophiles that help the public understand their point of view (e.g. http://www.putlocker.com/file/19CQ36KXSUTC0408# - many more in scientific journals, less sensationalized than TV)
There's no such thing as a convicted pedophile, since being a pedophile is not a crime. There is such a thing as a convicted sex offender, and they are the subject of the interviews you speak of. Good luck finding any law abiding pedophile such as myself willing to talk to you without Tor.
To be clear, I'm not a criminal. That seems to have been a source of confusion in this thread.
Anyway, good job about not hurting anyone I guess.
Eww well... I'm male, straight and not into kids. Maybe boring but I guess it's good to be acceptable.
A. An 18 year old falls in love with a 14 year old girl, they're completely comfortable with each other and have some sexual experimentation.
B. A 35 year old captures and rapes a 14 year old girl.
C. 35 year old is attracted to young and innocent, cute-looking girls, and sometimes feels attracted to 10 year old girls on the street in bikinis. He does, however, not deliberately go to swimming pools in order to spot them. He deals with his fetish by watching animated cartoons of young-looking people engaging in consensual sex and dating petite women that have cute manners, well above the age of consent.
Our strategy for dealing with child porn should be aimed at reducing the number of actual children harmed, and turning as many pedophiles from group B into group C as possible. A support group where you can anonymously exchange stories could definitely help.
So long as we, as a society, hold the position that pedophile C is no different from pedophile B, we may pressure people that really don't want to rape children into feeling a kinship with people who do think it is normal to rape children.
Child rape is awful, talking about child rape is unsettling, but having someone proactively monitor my communications is even more unsettling. It feels like a stranger offering me candy.
Besides, for this particular problem, the best solution seems to be what we're already doing - tell as many children as possible that if someone tries to rape them, there are people who will listen and help.
The only value to such a forum is for monitoring and catching them. If by definition the forum isn't useful for that because it's TOR, then that's a giant negative for me in the existence of TOR. If the cost of assisting dissidents is that children get raped... then I don't know that we should be assisting dissidents this way.
I agree with you that I'd like nothing better than to round all these predators up, but it's only through rational thought and discussion that we can figure out the best way to do that.
[HUGE TRIGGER WARNING FOR DESCRIPTION OF ABUSE]
The basic reason why the "give them a safe outlet" arguments don't hold water is because it normalizes the behaviour as they discuss it with like-minded individuals, which leads to easier rationalization and more abuse.
Why? Because it takes the most brutal, violent examples of child pornography that the FBI could find - the stuff that from the discussions I've seen even most pedophiles are disgusted by - and uses that as its justification for why child porn is wrong. Now, this is very effective as a shock tactic for convincing the general public that child porn is evil and must be wiped out at any cost. Unfortunately, one of the main ways pedophiles justify acting on their urges is that they're not like the bad child rapists who torture kids for kicks, they actually care about the children they coerce into having sex with them and would "never harm them". (Again, I've seen this happen in multiple discussions and I believe it's even been documented by various researchers.) Documents like that FBI memo which use kids being tortured as their sole justification for why child porn is wrong can only further help them rationalise their actions.
I know SRS over on Reddit use that document to justify why they won't debate child porn and I have a feeling that's where you got it from. They've basically made it impossible to point out just how big a mistake they're making.
It goes on about it for a bit, but here's a good passage:
"There are other insidious dynamics of this crime, discounted by Mr. Hansen: the impact of the
content on the viewer, and the impact the collectors have on each other. In his article, Mr.
Hansen quotes Mr. Stabenow, who essentially suggests that child pornography laws are wrongly
concerned that the images goad the consumers to commit future crimes: “People who watch
movies like Saw and Friday the 13th are being titillated by the act of torture and murder ... That
doesn’t mean that they’re going to go out and commit torture and murder.” The analogy does
not hold water, principally because no one who watches Saw believes that the images of violence
are actually happening, where in child pornography images, real children are actually being
abused. Furthermore, what is the point of any pornography if not to stoke the fires of sexual
Consider the passage you quoted.
"no one who watches Saw believes that the images of violence are actually happening"
Actually, you do believe it, at least for the duration of the film; the concept is known as "suspension of disbelief". Rationally, you know better, but your mind takes a temporary lapse of its senses for the sake of enjoyment. That doesn't change the fact that the violence is realistic enough to pass for the real thing.
"where in child pornography images, real children are actually being abused."
What about animated images or self-taken images? There is plenty of content produced that involves no actual depiction of children, nonetheless the abuse of children. Yet the law seems to state and the courts seem to think, for the most part, possession of images not depicting abuse constitutes the same offense as possession of the genuine article.
"Furthermore, what is the point of any pornography if not to stoke the fires of sexual desire"
I could just as easily say: what is the point of any pornography if not to satisfy sexual desire? Since I too am providing no citations for my claim, one cannot objectively state which of our two statements holds more water.
I appreciate the contribution to the discussion, but ultimately what we have (as is often the case in such matters, to be fair) is a dispute between opinions, lacking any hard evidence for either position. Remember that the position is about child pornography/pedophilia in general, so you can't just cite specific offenders; exceptional cases do not a trend make. Statistics are needed here, but obviously they're going to be hard to come by.
Also, even if we take Ms. Gelber's argument at face value, it essentially boils down to: images of child pornography are very highly correlated with acts of child abuse. If that is true, then I would certainly say it, coupled with the necessary accusations, justifies a police investigation and the issuance of a warrant. However, I do not believe that makes a compelling argument for the act in and of itself to be illegal. Sexual abuse of minors is the crime; possession of its depiction is, at best, a minor offense (invasion of a child's privacy).
On the other hand, violence is not illegal to depict, and there are many professionals who are experts in simulating violence without actually causing harm. This results in violence and rape in this country going down. If violence was hard to simulate, and the only way to create images of violence was to hurt or possibly kill someone, I think we'd be much more likely to treat images of violence in the same way as we treat images of child abuse.
In the end, I think your argument may hold for fabricated or animated images of child abuse, but fails to do so for images of actual abuse. AFAIK, most images in circulation now are of actual children, and as such, we prosecute all images as if they were.
That's not the case for child abuse photos and videos. The articles linked in this post provide plenty of evidence of child abuse offenders producing images and video of their sexual abuse of children for the purpose of sharing it with other offenders.
In the future, if violence became more like child sexual abuse, I would probably support criminalizing possession of the images, initially narrowly, and then growing as the scale of the problem did.
Also I wonder what the prevalence of fake/real violence in our society has on the demand for "snuff". You don't really need to seek out snuff films because you can easily see films that depict horrible things happening to people, completely legally.
I am not pro-child porn here, it just makes for an interesting philosophical/societal topic.
I remember when I was rather fresh on the internet, ran into Stileproject of all things (don't google that if you don't know it, it can be summed up as porn and gore, plus "funny mutilation" and midgets), and ended up seeing a video of someone having their throat cut, while someone had a boot on their head - it was very real, in Russia by the sounds of it. Then there was a beheading, and of course stonings from them middle east. I was shocked, but I could also not not look, if that makes any sense.
That was 12 years ago, and I still feel helpless and angry thinking of it, I still remember more of these videos than I care to. The idea of someone watching such videos, and actually laughing, chills me to the bone. But I'm under no delusion that that was not the primary reason for their circulation.
Sometimes humanity sucks.. and I'm torn between my right to learn about the banal cruelty that actually exists in the world, and not wanting such things to be glorified.
Seriously, though, if you think about it from this perspective then you'll agree that Tor is a great thing. Instead of working knee deep in the dirt, risking their real lives finding highly suspective local small groups of child abusers and infiltrating them, officers can do their jobs sipping lattes under air conditioner and risking no more than their avatars.
It shows that the groups who go after and prosecute these people don't have the resources or motivation to get to all of them.
When you have a very significant target of the US (near the wanted level of Bin Landen) or China talking freely on Tor without getting caught, then perhaps you can rule it as being seriously anonymous.
I don't know about other countries, but in the US I generally only hear about people getting prosecuted for CP and similar crimes when they are caught in the act or when somehow the computer files get accidentally discovered or reported by some 3rd party.
However, the bar doesn't have to be quite that high in order for Tor to be considered de-facto anonymous. There is an order of magnitude separating the resources available to a local police force and the entire DoD. Criminals guilty of capital offenses might only garner the attention of the former, whereas someone at a 'Bin Laden' level of notoriety would be chased with the near-limitless resources of a superpower's defense apparatus.
That was a ridiculously reckless thing for you to do. You've opened yourself up to a variety of legal sanctions.
Knowingly, deliberately, breaking the law is a bafflingly dumb thing to do, especially when the consequences to your life would be so severe.
Imagine police raiding your home right now, and removing all computer items, and keeping those for several months (maybe years). Even without trial or conviction you'll have been put through a horrible experience.
Breaking any random law is also not much of a big deal. People break traffic laws all the time. People chose to break laws they consider unjust.
But choosing to break a law about images of child sexual abuse is a stupid thing to do. Being caught will lead to severe repercussions, with life long consequences.
Those consequences include criminal conviction and criminal record, having to register on a sex offenders list, potentially losing the employment he has, loss of employment opportunity in future, loss of travel opportunity, social stigma, etc etc etc.
That's the risk; what's the gain? "I was curious to see what was available"?
Would you not shed a tear for the OP then?
No, but seriously-- is it off that I can be made a felon because I clicked the wrong link? Yes. Does that make the laws forbidding the possession of child pornography dumb? No. If there were a reliable way to find out who they all were -- which is a fairy-tale scenario, so we're clear -- would I have a problem with anyone who looked for child pornography on the Internet being brought in for questioning? Nope. Because it is that bad.
Have you had a look at how widely the age of consent varies around the world? There have been cases of 17 year olds in the US being jailed for sex with their 15 year old girlfriends. In Islamic countries there are 8 year olds getting married. It just isn't that cut and dried, and I don't believe the state should be involved in policing ANY aspect of people's sex lives. Yes, I am an anarchist - of the Lew Rockwell type ;)
And of course, there's a glut of images that teenagers upload of themselves, without any perpetrator or victim, and understandably this is treated as a very low priority by law enforcement. It's also an issue of some consternation to consumers of child pornography, which is why there are clear divisions in the community between content involving "jailbait" (13-17), pubescent (10-13), pre-pubescent (6-10), toddlers (2-6), and babies (0-1). (Honestly, it makes me a bit sick just writing that. I wish I didn't know this.)
I don't see a gray area here: I feel absolutely comfortable with pursuing individuals who search for images featuring pre-pubescent children being penetrated sexually. If they wind up having sought these images without any intention to molest children, then, like the man who walks into a bank with a mask and gun to make a legitimate withdrawal, they can damn well explain themselves.
This is not an overreach of the state; this is exactly what the state should be doing.
One of these things, is not like the others...
If either existed (in brick and motor or amazon style stores) I would frequent both regularly.
Weapons are like drugs, they don't necessarily hurt anyone unless you plan to invade my home or threaten me. Assassination implies that the sole goal is killing a target, buying a gun can be for protection, for a collection, for fun and hobby, for sustenance, ect.
http://www.collectorsfirearms.com/ -- Mostly Military and Older Weaponry.
http://www.aimsurplus.com/default.aspx -- C&R, Military and Black Rifles
http://www.budsgunshop.com/catalog/index.php -- Modern Firearms from almost all medium and large manufactures
http://www.cdnninvestments.com/ -- Whole sale gun catolog.
Other good cheap vendors (in addition to the above) are http://www.jgsales.com and for ammo, http://www.ammoman.com/ and http://www.luckygunner.com/
While b is not very probable, I can actually imagine that c is a pretty easy option to put many decent people off using tor.
Spider the web and then correlate less-anonymous writings with the stuff the ringleaders are saying on the Darknet.
As part of another gig I worked on ways to track people, or more commonly to work out if two distinct users were actually the same human, and I'm almost salivating at the thought of all the potential ways authorities could bring some of these people to justice.
Don't know if it resulted in someone being caught by the police or not, but definitely subtler methods such as statistical analysis of writing style are not the only way to get a lead from those forums.
I urge caution against amateur investigations, but it'd be interesting to see what software tools could be written to help law enforcement do a better job.
Statistical analysis of text
You'd have missed out on the opportunity to work with Feynman if you'd declined work at the Manhattan Project.
To use the good old reductio ad absurdum, would you be willing to kill a random stranger if it meant you would get to work with Albert Einstein?
So yeah, you'd need a huge amount of certainty that this was "the guy", and, frankly, storing enough data about individual writing styles for comparison means it's highly unlikely (right now) that this would be possible to do from a technical perspective, and potentially ethically dubious even if the technology were there - what constitutes "public data" on the internet from a privacy and data protection perspective?
And then again I am unsure if simply visiting and contributing to such a forum could get you in any trouble, legally.
Tips to evade:
Something you did not take into consideration.
As if the most gut-wrenching bits were written by feds, which you surely did not mean to imply, how does it matter if even 80% were feds?
Once you write, you give something of you away.
Well, that's allowed on the normal internet for the most part.
I don't even know where to begin. Technically, you can say whatever you want, but you cannot expect to avoid persecution (or prosecution) if you do.
Maybe you're in Canada or some more oppressive place though.
People seem to be increasingly conditioned by fear, and increasingly cowardly. What happened to sentiments like "Live free or die!" ?
 http://www.scribd.com/doc/84134934/Hammond-Jeremy-Complaint - Tor info starts at sec 37.
They already knew who he was before they found the TOR traffic. Thats why they had a PEN/TRAP warrant, and wireless and physical surveilance in place.
Do you think the TOR information was neccessary for an identification? Surely you do not think it was sufficient?
It looks like you're just doing your wordpress thing, fancying your dogs. Just watch how much data you tunnel this way. 500 gig in a month might raise some eyebrows.
Also remember to use your regular un-vpn'd connection to visit ILoveAhmadinejad.com on a fairly regular basis so not all your traffic goes to this mysterious blog.
With SSH tunnel, if your connection fails, no traffic will escape regardless.
In the first case you are just one in a huge number of people using SSH to avoid sniffers. With Tor the authorities know you're doing something you'd rather not be seen doing. It's a much, much bigger red flag.
I don't accept the authority of any random gang of thugs over me, from whatever part of the world, period.
Yes, Tor has CP, but I didn't look for it so I didn't find it. Same with all manner of other illegal content, pretty sure it's there.
I2P and Freenet are more interesting than Tor, though, because they are truly P2P. Freenet is basically a distributed hash table (DHT) for HTML, CSS, image, and other files. It filters scripts and cross-origin requests out of HTML before serving them. I2P is like Tor, but everyone's a relay node (truly P2P, no central origin), and it's faster, but I haven't tried I2P. I have been on Freenet... it's slower than Tor!
My assumption is that the open web has it too - but given tor isn't a single place with a directory to everywhere, I don't see how you could stumble on it accidentally at all.
Also, yes, I think the open web probably has CP too, but Tor's anonymity means that CP is probably up for longer there, I suppose.
I've never visited any such sites, this is mostly speculation.
If you look at the project's publication history, it was almost from the jump (and continues to be today) a project intended to frustrate online censorship. The DOD, via both DARPA and the NRL, continues to sponsor the project.
And don't you try to tell me that the Navy doesn't try to protect its king.
I have no sources on either, but it does seem plausible that solution similar or exactly the same in the concept was used for communication during warfare.
Actually a creator and core developer of Tor is from the Navy. The implementation came from this person as much as it did from arma and nickm (the other 2 creators)
There are more households sharing CP in your community than there are bus stops. (We can roughly map IPs of known CP files advertised over torrent networks.)
There are too few innovators in this space because specifics on CP networks are privy to law enforcement, and investigators are often patrol cops who get promoted into a child crimes unit.
It's fine (and true) to say these technologies are used for many more things than CP, but that's not an excuse to turn a blind eye to it, anymore than Craigslist does to child exploitation.
I don't know much about US law, but in my country it's illegal to even look at an image, even if it is part of a private investigation.
I'm sure that many would volunteer to help, but not while they'd risk jail time themselves
For instance, if I gave you a specific file name/size/hash (but not showing you the actual image), could you find out who possesses it, is distributing it, and anything about their location or identity that would aid law enforcement in catching the bandit?
Sorry if I'm wrong, but I find that hard to believe. Any amount of CP is a problem IMO, but I don't think it's that bad. In my metropolitan area there's around 1,671,683 people, and I'd be surprised to learn there's 1000 honest-to-god pedos.
We have methods of rating each marker (e.g. how many CP files, how many are teen, child, nudity vs. intercourse, etc). Of those 200, there are a handful of the worst offenders that law enforcement will use resources to pursue, a group in the middle that have downloaded a large number where victims are 12-18, and then those who have just a few random files from the known list.
Does that help?
Sorry if this is a dumb question, but what does that mean? There are 200 servers with that stuff in your city? If you know their IP can't you get a warrant and shut them down? I find it strange that the police know about so many people doing this stuff but don't do anything about it but maybe that's not what you mean? It seems pretty cut and dry if someone is advertising illegal stuff.
There is an interesting story in "Three Felonies a Day" where an employer discovers child pornography on an employee's computer. They contact their attorney, and the lawyer deletes the offending contact to protect the company. He then alerts authorities to the employee. The attorney is eventual prosecuted for evidence tampering. It's an absurd Catch 22.
There's a lot of time and resources spent in between the time of identifying that an IP address is broadcasting CP to having all the information you need to bust down the right door and lock up the guy for a long time.
The promoters rationale is that the protection it provides the endangered good user is worth having to put up with the disgusting ones.
The IP address seen by a server on the regular Internet that you contact through TOR is that of some exit node.
> Is it possible for me to get in trouble for because someone else's traffic exits from my home network?
Not unless you run an exit node yourself. The standard TOR client software does not launch an exit node by default.
If you do enable it, my presumption is that by demonstrating that you have tor running you can show that traffic from your connection is as likely to not be you as to be you - but I'm not sure if this is backed up by law, or has been tested in court.
Also, a business entity wouldn't help in the chance of criminal investigation, which means the money spent creating a business entity would be for naught.
He's talking about SSL here, right? For the record, this is completely incorrect. If "they" have access to a trusted CA (and circumstantial evidence says they do), they can MITM and snoop on whatever they want.
SSL encryption is not secure against state-sponsored attackers and sophisticated criminal enterprises.
Your claim also only applies to the f'd up CA bundle that browsers ship by default, it's not a property of SSL/TLS.
Anyone that chooses to take part in such things is at a heightened risk, no matter what they are doing.
There is no guaranteed right to privacy, regardless what your government decrees or what the tool you're using claims to do.
Those using Tor will be caught and charged as if they are enabling what the others are doing.
This sounds very much like a warning from Big Brother.
Be warned, Biggie, when the revolution comes, you just might find yourself with an appointment with the guillotine.
As for the guillotine, if big brother (which isn't me, I might add) goes on the chopping block, there is always another to take his place. The more people fight for privacy and the more people hack and cause damage, the greater big brother becomes to compensate. It was said that the meek will inherit the earth, and it is true.
You are wrong:
"Privacy is a fundamental human right recognized in the UN Declaration of Human Rights, the International Convenant on Civil and Political Rights and in many other international and regional treaties. Privacy underpins human dignity and other key values such as freedom of association and freedom of speech. It has become one of the most important human rights issues of the modern age. The publication of this report reflects the growing importance, diversity and complexity of this fundamental right. "
You call it meekness, I call it cowardice.
1. Are users of .onion services protected from the server just as well as the hidden service is protected?
2. What reassurances are there that tormail is not a honeypot?
An .onion server, AFAIK, might have the IP of the end point your traffic ended up going through to reach the .onion server, but not of the point of origin.
The vulnerability with Tor, as a user, comes from folks operating the Tor nodes. Adrian Lamo, the guy that sold out Bradley Manning, was running Tor nodes at one points (that's not how he got wind of Manning, but my guess is he wasn't running the Tor nodes for altruistic reasons).
Correct. All any tor node gets with any traffic is the immediate node that it came from, and the immediate node that it is going to - only one hop in each direction.
If you get a packet from node C, to give to node E, that packet will be encrypted so that only E can decrypt it. They then "unwrap it" (like pass the parcel, or an onion) to reveal its next destination, F - and this unwrapped one is encrypted so that only F can read it.
(note: precise technical details almost certainly incorrect, but the principle is accurate)
None, which is why you should always use PGP. The advantage of tormail is they provide a free onion interface to email.
2) there is zero reassurance, there is also zero reassurance gmail isnt sending all your mail to the NSA, etc. TOR helps you ensure you can keep you tormail and your clearnet identities as separate as possible, alternatively, run your own service.
(Of course, that rests on the security of prime-number encryption, which may not be the best assumption when dealing with the NSA, but that's another discussion.)
Assume anyone can read those emails you're sending on Tor, and act accordingly (i.e. no information that could identify you).
2. No idea.
If you want to understand more details about how exactly you create these "extending" routes and "circuits", the design docs are here:
In particular, the above picture is a little naive because you cannot send three open envelopes to the exit node for the return trip without the exit node learning who you are by peeking inside.
That is "censorship", no?
Tor is also the solution to your Twitter API woes. Like it or not. I'm sure many SEO people use it to get around Google's restrictions. These are not necessarily uses that infringe anyone's IP. Twitter is UGC. And Google caches the entire web, indiscriminantly.
Tor, like the 'net itself, is controversial. It can be used for bad things. It can also be used for good things. It could be used to break criminal laws, or to enable copyright infringment. It could be used to violate TOS that may or may not be enforceable in civil court. Or it could be used just to evade idiosyncratic censorship by some webmaster that has no legal basis whatsoever. (This comment itself is being posted through Tor.) It is, however, any way you look at it, useful.
There may be an "intended purpose" for Tor. But as with almost all software, that means little. Users decide how they will use it. And that is unpredictable.
Did the folks at MIT, when they developed Tor, say to themselves, "You know, this will be used to commit crime"? Probably. But they also probably envisioned some other uses that were of undisputed benefit to society.
As someone else said, MIT is still behind Tor. Grep the source for the Tor client for IP numbers. You will find that some belong to MIT. My understanding is that Tor is controlled by a small group (maybe only one person) because like anything else that uses a network, there has to be a bootstrap, a "root" that hands out the initial addresses. And anyone that uses the Tor trusts that root. Somewhere there is/are a few people with a great responsibility on their hands: they make Tor possible, for better, or worse.
More people need to use Tor for non-criminal purposes. Using Tor as a workaround for censorship, whether it is on HN, or in some oppressed country is to be expected. If you are the censor, and you don't like it, ban Tor. It is not difficult.
HN does not ban Tor.
One of the great myths on the 'net is that an IP address equates to a machine or a customer account. False. It represents an interface, which is itself an ephemeral concept. Interfaces can be created, cloned or destroyed at the blink of an eye.
This may all be frightening or it may be exciting, it all depends on how you look at it. It shouldn't matter whether you are a good samaritan or a criminal. It is just technology. Abstract tools. A hammer can be used to build something or it can be used to destroy something. It has no moral sensibility on its own.
That's up to you, the user.
As a Tor user (I can't post to HN without it), it bothers me that others are using it for criminal purposes. But when I look at hammer, I see a tool for creation, not destruction. I think like a carpenter. What can we build?
The hammer has no consciousness of its own, any more than Tor does.
I am quite optimistic though about the development of mesh networks such as http://project-byzantium.org
Of course it will only take one state to declare it illegal, and there will be plenty of cowardly fools urging each other NEVER to use it, because it's just too DANGEROUS, and anyway, TERRORISTS find it useful for pursuing their nefarious and immoral activities.
I will keep on ignoring them.