I agree that we need to make Tor so simple and so bulletproof that it is not possible to use something like timing to make deductions. The fact that only one student may have used Tor introduces another vulnerability that needs to be removed in some manner. We do need to use examples of people using Tor for evil purposes to learn how to make it useful for people who use it for good purposes. We can not distinguish between the two, but we will never know if we have succeeded unless we have examples of failures. -- Christopher Booth
On Thursday, January 2, 2014 6:41 PM, Tempest <temp...@bitmessage.ch> wrote: t...@bitmessage.ch: > > In the spirit of Jake's 29c3 talk, I think we can decide as a community > not to brush off high-profile attacks against people using Tor with > arguments like "oh, it was an old Firefox vulnerability and some users > weren't running the latest available code" or "oh, obviously universities, > companies, and maybe ISPs retain enough data to make 'standard police > work' enough to de-anonymize someone using Tor." "rtfm" applies since info on torproject.org, in addition to other sources, mentions the threats you are concerned about in regards to identity correlation. some people will read it. some won't. it should not take a genius to understand that signing in to any service with identifying credentials for the purpose of net connectivity is not the smartest of methods if your networking activity could result in you being prosecuted. i'm not implying i'm against any steps to make the process more user friendly. but, in this example of the alleged bomber, it just doesn't really apply. this is someone who acted in haste without taking the time to rtfm. as hard as you may try, you cannot protect against that. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
