On Thu, Jul 29, 2010 at 2:16 PM, punkle jones <punkle.jo...@gmail.com> wrote:
> ...
> It's time, finally, for every website to start supporting SSL.  What reasons
> are there not to support it nowadays?

money/time, lack of hardware acceleration, certificate management,
cross-browser or historical client compatibility, nullification of
in-line/transparent caching infrastructure, probably lots more
reasons...

i agree with your sentiment for the most part.


> Unless there are bad folks out there actively matching entries to exits and
> making the info available to your ISP/the guys in suits (there's no reason
> to entirely doubt this possibility - why not be paranoid?), there won't be a
> whole heck of a lot of info if you're using TOR.  The standard warnings
> still apply:  https://www.torproject.org/download.html.en#Warning

traffic confirmation is pretty easy. as for active attacks both near
and far end via this route, that's a different question. it does
happen, but if you're in that kind of spotlight Tor use is the least
of your worries :P


> This is a very deep topic that IMO goes far beyond simply using TOR and
> stopping conspicuous behaviors to stymie tracking.  I'm no expert on
> breaking anonymity, so hopefully some of those will chime in.  Kyle
> Williams, or coderman maybe?

hah; sadly i lack the discipline to be "expert" in this subject.
you've seen the anobib, right?

in general i agree that at the level of scrutiny being discussed here
you're either off the radar in the Tor crowd or screwed totally and
entirely via all of the other weaker links in your protections. and
that's generously assuming your threat model is sufficient and
prudent.

they don't give out NSL's for just any whim or fancy after all...
***********************************************************************
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Reply via email to