Re: Tor notice
On Mon, 09 Aug 2010 22:35:50 -0600 Jim jimmy...@copper.net wrote: Would it make sense to add that link, or some other link, to the message Tor prints out so the casual user can get some idea of what the message means? Perhaps more relevant is this, http://dud.inf.tu-dresden.de/Anon_Terminology.shtml -- Andrew Lewman The Tor Project pgp 0x31B0974B +1-781-352-0568 Website: https://www.torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject Skype: lewmanator *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor notice
If they would say Do rely on it for strong anonymity would you feel more secure? :-) 2010/8/9 spacemarc spacem...@gmail.com Hi all, why in every Tor version (a/b/stable) there is Do not rely on it for strong anonymity? If not Tor, what should we use for strong anonymity? excluding Freenet and cryptography apps. regards *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ -- Michael Gomboc pgp-id: 0x5D41FDF8
Re: Tor notice
On Mon, Aug 09, 2010 at 09:48:24PM +0200, spacem...@gmail.com wrote 0.4K bytes in 9 lines about: : why in every Tor version (a/b/stable) there is Do not rely on it for : strong anonymity? If not Tor, what should we use for strong : anonymity? excluding Freenet and cryptography apps. The challenge here is to define strong anonymity. A possible current definition is a state of not being identifiable within an anonymity set. This anonymity is considered strong if it is resistant to all known attacks on anonymity. I think Roger wrote that line in the source to simply remind people that Tor has a defined threat model, given the anonymity research field is still growing, and that low-latency anonymity is inherently open to some attacks, tor is not strong anonymity. Tor raises the bar for de-anonymizing you to many attacks on your anonymity on the actual internet today. This is a fine place to start to understand what Tor does and does not provide, https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#AnonymityandSecurity Many other tools simply state they are anonymous, without mentioning any of the RD on current anonymity attacks, their success probabilities, and design flaws. If you're interested in learning more about the current state of the field of anonymity in research, start here; http://freehaven.net/anonbib/full/topic.html All tools have design goals and threat models. Many just don't clearly state what these goals and threats are to the user, but brush it under the rug as perfect anonymity, or some other hyperbole. Disclaimer: Roger, Nick, and Steven are the anonymity researchers, their opinion overrules mine. -- Andrew Lewman The Tor Project pgp 0x31B0974B +1-781-352-0568 Website: https://www.torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject Skype: lewmanator *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor notice
and...@torproject.org wrote: On Mon, Aug 09, 2010 at 09:48:24PM +0200, spacem...@gmail.com wrote 0.4K bytes in 9 lines about: : why in every Tor version (a/b/stable) there is Do not rely on it for : strong anonymity? If not Tor, what should we use for strong : anonymity? excluding Freenet and cryptography apps. Many other tools simply state they are anonymous, without mentioning any of the RD on current anonymity attacks, their success probabilities, and design flaws. If you're interested in learning more about the current state of the field of anonymity in research, start here; http://freehaven.net/anonbib/full/topic.html Would it make sense to add that link, or some other link, to the message Tor prints out so the casual user can get some idea of what the message means? Jim *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/