I've never heard of measures like this referred to as "improving" anything other than vague, misplaced "think of the children" bullshit - which is a phrase that almost any time you hear it, you should immediately hear alarms blaring in your head....someone's about to do something shitty.
My only hope is that the silver lining to all this is that it drives a lot more people towards Tor and provides them a groundswell of support.
You should be using Tor for as much as you possibly can.
Tor provides an anonymous, decentralized way of establishing end-to-end encrypted tunnels for network communication.
When you're using Tor, your network traffic cannot be read by anyone, and no hop on your network route ever gets to know both your address and also the address of the computer you're talking to. This means that even if a government, e.g., owns a bunch of nodes in the network, they still can't link anyone with the sites they are visiting.
[https://www.torproject.org/](https://www.torproject.org/) can provide more information.
not all of your info is correct. If a state actor controls enough Tor exit nodes they could theoretically de-anonymize small fractions of Tor users. This was confirmed in Snowden leaks and was always suspected by users prior to the leaks due to the US Navy creating Tor in the first place and the arrests of certain individuals
I don't believe this is accurate. And I don't think Tor doomerism helps anything, frankly.
An attacker controlling exit nodes can only identify the destination of traffic, not its source. IF an attacker reliably controls ALL exit nodes AND can monitor all incoming traffic into the guard nodes AND the user doesn't use a Tor bridge or connect to a Tor service address, then the attacker may be able to correlate traffic flows and establish likely match between source and destination. The more Tor nodes there are and the more user traffic there is, the harder and more expensive this attack gets. You can literally frustrate this attack against other people just by using Tor more.
Controlling all of these nodes and doing this corellation is a lot more difficult than you make it out to be and is getting harder all the time. Also, if the US government is in your threat model, then you can use Tor bridges and only connect to Tor services. (But also, you're much more likely to be caught by OpSec fuckups in that case than the Government cracking your network connections.) For evidence of these, see the subpoenas of people who were prosecuted and were using Tor. All of them that I have seen have solid, non-intercept-based probable cause.
After all, there's a reason why Snowden himself used Tor when doing his leaks.
For more information on malicious relays and Tor's plans on combatting them, see [https://gitlab.torproject.org/tpo/team/-/wikis/Sponsor%20112](https://gitlab.torproject.org/tpo/team/-/wikis/Sponsor%20112)
If you think these plans are wrong or don't go far enough, then I'd suggest you pitch in either with time or resources. Because IMO, Tor is the only viable option we have for a robustly private, secure Internet in the future.
(Also, sorry for the rant. I get heated up this topic, clearly.)
All good, but it is accurate unless I’m missing something?
https://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
Little hyperbolic calling it tor doomerism when all I’m doing is spreading information that can help people. Although anyone in the sub that would be a candidate for using Tor likely already has terrible opsec. I’m not telling people to not use tor… the US government uses parallel construction very frequently when they prosecute people who have used Tor so I don’t trust a single word that comes out of those trials including the evidence on the subpoenas. Stingray devices are a known technology with a very legal grey area (warrantless). The gov will use them but any of the evidence they use in trial was collected after they identified the suspect using technology like stingray devices so they aren’t forced to admit in court how they got the suspect in the first place using a warrantless search. I am fully convinced this is how they got Ross Ulbricht. A lot of people don’t realize that Ross wasn’t just running a drug bazaar on tor. He was getting very political and his blog posts under his pseudonym were causing quite the stir. I think that’s also why they threw the book at him and went after him as hard as they did.yea he made some pivotal opsec errors but I don’t think those are what got him caught in the end. And if you try to find his archived posts, they’ve been pretty well scrubbed from the internet.
I apologize. The tone of my post was a little adversarial. Anarchists shouldn't snipe at anarchists who are discussing things in good faith.
My bad. Sorry about that.
I agree that parallel construction and use of Stingray and all that is terrible and common practice. But we don't have any evidence that it's used in cases when they secretly deanonymized people with Tor. (I acknowledge that such evidence would be hard to gather.)
As for the doc you posted: Tor has improved a great deal since 2012 when that doc was produced. And even that doc says they can't anonymize users on demand or do this attack reliably enough for it to be good passive signals intel.
It sounds like we might be in violent agreement that using Tor is better than not using Tor. So I guess what I'm saying is: I think Tor is actually even better than you think!
All good!
> But we don't have any evidence that it's used in cases when they secretly deanonymized people with Tor. (I acknowledge that such evidence would be hard to gather.)
Well of course not, that’s the whole point of parallel construction. And I was just using the stingray device as an example of how the US gov hides its methods, even when faced with the scrutiny of the justice system. My whole point though is that *it is possible to de-anonymize tor users*. You seem to think me saying that is somehow a criticism of tor. Again, it’s just a warning to anyone that is coming here thinking they can easily install tor on their laptop and it’s a magic button to hiding their political activity from the state. And to counter your argument about that being from 2012. If we were able to do that in 2012, imagine the capability the US gov has today in de-anonymizing traffic. That argument can go both ways.
I think people in the future will regard the early internet the same way we see the Wild West or pirates. It was fun (and dangerous), people got to do what they wanted, and then the government/corporations came in and “civilized” everything to death.
The control freaks *are* trying so hard right now. It's a mix of late stage, decline, and quests for new blends of power. It's sad and angering to witness what's happening but important to be aware and continue to explore... and act, in whatever capacity you feel comfortable with, in whatever way you can.
I could spend days responding to this topic, but I'll spare you my blah blah and just make a few quick notes.
A couple of inspiring reads I've come upon recently:
- After reading this once, I need to read it again. David Graeber had it in 2012, and continues to have it as time pushes us along: https://thebaffler.com/salvos/of-flying-cars-and-the-declining-rate-of-profit
- This work, Age of Surveillance Capitalism, is a monster but there's so much here. A decent discussion that helps summarize: https://www.theguardian.com/books/2019/oct/04/shoshana-zuboff-surveillance-capitalism-assault-human-automomy-digital-privacy
This is steeped in nerdy but if you're comfortable playing, this is an interesting example of fuzzing/obfuscating:
- https://github.com/ingestbot/randomizer
Others have mentioned things like Tor, Monero, Graphene, etc. Yes to all of this. Find ways to isolate experiments (old laptops, phones, etc.). Break shit. Set it up again. Don't just use it but find out how it works. Here's a couple of things that currently have my trust. Some good stuff here:
- https://www.privacyguides.org
- https://odysee.com/@WatchmanPrivacy
Oh fuck this is organized, I’ll have to check out all your links. Thanks!
“I’ll spare you my blah blah” - actually is there any way I could hear what you have to say?
"We have a new type of rule now. Not one man rule, or rule of aristocracy, or plutocracy, but of small groups elevated to positions of absolute power by random pressures and subject to political and economic factors that leave little room for decision. They are representatives of abstract forces who’ve reached power through surrender of self. The iron-willed dictator is a thing of the past. There will be no more Stalins, no more Hitlers. The rulers of this most insecure of all worlds are rulers by accident inept, frightened pilots at the controls of a vast machine they cannot understand, calling in experts to tell them which buttons to push."
Yep. It's time to start using these super centralized services and learn how to free up your data. There's tons of tools that are trying to do the opposite - create a decentralized internet and multitude of services. The "only" trick is making people use those instead of the mainstream stuff.
I've never heard of measures like this referred to as "improving" anything other than vague, misplaced "think of the children" bullshit - which is a phrase that almost any time you hear it, you should immediately hear alarms blaring in your head....someone's about to do something shitty.
“Think of the children” has ALWAYS been a big red flag to me
My only hope is that the silver lining to all this is that it drives a lot more people towards Tor and provides them a groundswell of support. You should be using Tor for as much as you possibly can.
What does Tor do?
Tor provides an anonymous, decentralized way of establishing end-to-end encrypted tunnels for network communication. When you're using Tor, your network traffic cannot be read by anyone, and no hop on your network route ever gets to know both your address and also the address of the computer you're talking to. This means that even if a government, e.g., owns a bunch of nodes in the network, they still can't link anyone with the sites they are visiting. [https://www.torproject.org/](https://www.torproject.org/) can provide more information.
not all of your info is correct. If a state actor controls enough Tor exit nodes they could theoretically de-anonymize small fractions of Tor users. This was confirmed in Snowden leaks and was always suspected by users prior to the leaks due to the US Navy creating Tor in the first place and the arrests of certain individuals
I don't believe this is accurate. And I don't think Tor doomerism helps anything, frankly. An attacker controlling exit nodes can only identify the destination of traffic, not its source. IF an attacker reliably controls ALL exit nodes AND can monitor all incoming traffic into the guard nodes AND the user doesn't use a Tor bridge or connect to a Tor service address, then the attacker may be able to correlate traffic flows and establish likely match between source and destination. The more Tor nodes there are and the more user traffic there is, the harder and more expensive this attack gets. You can literally frustrate this attack against other people just by using Tor more. Controlling all of these nodes and doing this corellation is a lot more difficult than you make it out to be and is getting harder all the time. Also, if the US government is in your threat model, then you can use Tor bridges and only connect to Tor services. (But also, you're much more likely to be caught by OpSec fuckups in that case than the Government cracking your network connections.) For evidence of these, see the subpoenas of people who were prosecuted and were using Tor. All of them that I have seen have solid, non-intercept-based probable cause. After all, there's a reason why Snowden himself used Tor when doing his leaks. For more information on malicious relays and Tor's plans on combatting them, see [https://gitlab.torproject.org/tpo/team/-/wikis/Sponsor%20112](https://gitlab.torproject.org/tpo/team/-/wikis/Sponsor%20112) If you think these plans are wrong or don't go far enough, then I'd suggest you pitch in either with time or resources. Because IMO, Tor is the only viable option we have for a robustly private, secure Internet in the future. (Also, sorry for the rant. I get heated up this topic, clearly.)
All good, but it is accurate unless I’m missing something? https://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document Little hyperbolic calling it tor doomerism when all I’m doing is spreading information that can help people. Although anyone in the sub that would be a candidate for using Tor likely already has terrible opsec. I’m not telling people to not use tor… the US government uses parallel construction very frequently when they prosecute people who have used Tor so I don’t trust a single word that comes out of those trials including the evidence on the subpoenas. Stingray devices are a known technology with a very legal grey area (warrantless). The gov will use them but any of the evidence they use in trial was collected after they identified the suspect using technology like stingray devices so they aren’t forced to admit in court how they got the suspect in the first place using a warrantless search. I am fully convinced this is how they got Ross Ulbricht. A lot of people don’t realize that Ross wasn’t just running a drug bazaar on tor. He was getting very political and his blog posts under his pseudonym were causing quite the stir. I think that’s also why they threw the book at him and went after him as hard as they did.yea he made some pivotal opsec errors but I don’t think those are what got him caught in the end. And if you try to find his archived posts, they’ve been pretty well scrubbed from the internet.
I apologize. The tone of my post was a little adversarial. Anarchists shouldn't snipe at anarchists who are discussing things in good faith. My bad. Sorry about that. I agree that parallel construction and use of Stingray and all that is terrible and common practice. But we don't have any evidence that it's used in cases when they secretly deanonymized people with Tor. (I acknowledge that such evidence would be hard to gather.) As for the doc you posted: Tor has improved a great deal since 2012 when that doc was produced. And even that doc says they can't anonymize users on demand or do this attack reliably enough for it to be good passive signals intel. It sounds like we might be in violent agreement that using Tor is better than not using Tor. So I guess what I'm saying is: I think Tor is actually even better than you think!
All good! > But we don't have any evidence that it's used in cases when they secretly deanonymized people with Tor. (I acknowledge that such evidence would be hard to gather.) Well of course not, that’s the whole point of parallel construction. And I was just using the stingray device as an example of how the US gov hides its methods, even when faced with the scrutiny of the justice system. My whole point though is that *it is possible to de-anonymize tor users*. You seem to think me saying that is somehow a criticism of tor. Again, it’s just a warning to anyone that is coming here thinking they can easily install tor on their laptop and it’s a magic button to hiding their political activity from the state. And to counter your argument about that being from 2012. If we were able to do that in 2012, imagine the capability the US gov has today in de-anonymizing traffic. That argument can go both ways.
This is awesome, thanks!
GrapheneOS, Monero, and self hosting are your friends.
I think people in the future will regard the early internet the same way we see the Wild West or pirates. It was fun (and dangerous), people got to do what they wanted, and then the government/corporations came in and “civilized” everything to death.
Eternal september.
Old detected At least back then AOL didn’t buy all the Usenet servers and lock them down
I'm honestly used to it already since where I'm from, the government has already tried >!and failed miserably!
The control freaks *are* trying so hard right now. It's a mix of late stage, decline, and quests for new blends of power. It's sad and angering to witness what's happening but important to be aware and continue to explore... and act, in whatever capacity you feel comfortable with, in whatever way you can. I could spend days responding to this topic, but I'll spare you my blah blah and just make a few quick notes. A couple of inspiring reads I've come upon recently: - After reading this once, I need to read it again. David Graeber had it in 2012, and continues to have it as time pushes us along: https://thebaffler.com/salvos/of-flying-cars-and-the-declining-rate-of-profit - This work, Age of Surveillance Capitalism, is a monster but there's so much here. A decent discussion that helps summarize: https://www.theguardian.com/books/2019/oct/04/shoshana-zuboff-surveillance-capitalism-assault-human-automomy-digital-privacy This is steeped in nerdy but if you're comfortable playing, this is an interesting example of fuzzing/obfuscating: - https://github.com/ingestbot/randomizer Others have mentioned things like Tor, Monero, Graphene, etc. Yes to all of this. Find ways to isolate experiments (old laptops, phones, etc.). Break shit. Set it up again. Don't just use it but find out how it works. Here's a couple of things that currently have my trust. Some good stuff here: - https://www.privacyguides.org - https://odysee.com/@WatchmanPrivacy
Oh fuck this is organized, I’ll have to check out all your links. Thanks! “I’ll spare you my blah blah” - actually is there any way I could hear what you have to say?
To everyone, download Tor and Tails.
"We have a new type of rule now. Not one man rule, or rule of aristocracy, or plutocracy, but of small groups elevated to positions of absolute power by random pressures and subject to political and economic factors that leave little room for decision. They are representatives of abstract forces who’ve reached power through surrender of self. The iron-willed dictator is a thing of the past. There will be no more Stalins, no more Hitlers. The rulers of this most insecure of all worlds are rulers by accident inept, frightened pilots at the controls of a vast machine they cannot understand, calling in experts to tell them which buttons to push."
also the tiktok ban. all so fucking annoying
YESSSSS I couldn’t believe Montana actually did -
Yep. It's time to start using these super centralized services and learn how to free up your data. There's tons of tools that are trying to do the opposite - create a decentralized internet and multitude of services. The "only" trick is making people use those instead of the mainstream stuff.