-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 06/06/2016 08:18 AM, Александр wrote: > Unambiguous and comprehensive response from Jacob Appelbaum himself > to all this dirty slander toward him! If this kind of response > "does not enough" for you, people, - just go fuck yourself. > > http://www.twitlonger.com/show/n_1soorlp > > Jacob Appelbaum · @ioerror 6th Jun 2016 from TwitLonger Berlin, > June 6, 2016 Anyone who is visible on the Internet for any substantial length of time will attract both admirers, wannabe rivals and self appointed "watchdogs" regardless of anything said or done in real life. Widely broadcast accusations backed by no verifiable independent sources only indicate that someone, somewhere is pissed off. To the people who "know" that TOR is a complete sham designed to compromise unwary users, Appelbaum ranks with Hitler, Stalin and Attila the Hun. To those who "know" that TOR is the bestest weapon in the whole Freedom Fighter arsenal, he is the noblest of heroes. Both views are dead wrong. Whether TOR is harmful or helpful depends entirely on how well its users understand both what it does, and what their potential adversaries can do about it. Since the Five Eyes & aligned regimes can easily afford to literally own and monitor a majority of nodes in any distributed anonymous routing network (ask me about the Hydra protocol), neither TOR nor any other planned or proposed anonymizing network provides more than fig leaf security against that particular cluster of adversaries. The same goes for BRICS aligned adversaries. But even against this category of attack, TOR may be a useful component in a physical security protocol for hit-and-run network access. Against less capable surveillance actors, TOR is "good enough" unless the operating system it runs on has itself been compromised. The largest proven security hazard with TOR is that end users will disclose their identity in the content of cleartext at an exit node, either literally or by engaging in stereotyped behavior matching a profile developed from open public sources, i.e. textual analysis attacks. No "airtight" security protocol has ever survived contact with end users. :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJXVawWAAoJEECU6c5Xzmuqnd4H/06n6JWk1NDv8k7+snwAFNYH 8EJed9XNVPe3PSVX1gKX2WIE72tV+LjKzPciY01ld4ze01XAUIhu2Kw5+NsqAnI7 at1AegXZRo73cHO6Ys3YfIQohQMZqfnKDnq2oaBWnkddGd/Ar9PtcneKbXDtLX2A 39+DYCJCB+4OSA+TTpTaZTILHop9N1PAxp7fXNi0KK2QPxKW9ICfNl17wi1TuuSu vmDV5ONiBtheNRiMhwkrwFUNHrz9wvBZnZ6aaz5Zf2IvWT6QvFvUMylQgtxgzBL+ rgBxMD8ASCE79Ka+KEYq+Xw8uBkOf5uJE+L0yEuQUxm/xZmNQXDk+uaiu9VGV8U= =omZK -----END PGP SIGNATURE-----
