Delivery-Date: Mon, 24 Aug 2015 04:08:50 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,FROM_LOCAL_NOVOWEL,HK_RANDOM_FROM,RCVD_IN_DNSWL_MED,
	T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id A4D741E0331;
	Mon, 24 Aug 2015 04:08:48 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 5F5433694B;
	Mon, 24 Aug 2015 08:08:42 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 9960C366CC
 for <tor-talk@lists.torproject.org>; Mon, 24 Aug 2015 08:08:39 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id W-51xqDGpXKn for <tor-talk@lists.torproject.org>;
 Mon, 24 Aug 2015 08:08:39 +0000 (UTC)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com
 [IPv6:2607:f8b0:400d:c09::22d])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 7017D36271
 for <tor-talk@lists.torproject.org>; Mon, 24 Aug 2015 08:08:39 +0000 (UTC)
Received: by qkfh127 with SMTP id h127so63023188qkf.1
 for <tor-talk@lists.torproject.org>; Mon, 24 Aug 2015 01:08:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=Omfo8BZNVb9oosL/Y8fV+H3Z30oG98W7iVSP3okxcnk=;
 b=KfduzYkbUN0iGZ1JfWGoE8FELFTaUe3OHrJcJlIzuzigty63HKIUEQlIfNTakd+2nO
 MiK2im75EPIVjDgk+xenGNVcBKFS7xPZJRTbi937bEwT3hfEXYosdWIIib1dAFtsTcVb
 0meTuTp0PuuWRcTamS9CcUUE7nQEA/PtqEC/4Vm9TZjh+xt6oj/JVtGwaGy3lNNkl3w4
 ahcwW8/nOo1LGQlbjqxeJGcYydTCC45YahXiEb7RFlGglO/bZSo0u+7vXOmzIgboxYHm
 6VKSPRwgGvMjksLn5Fbbv/QC3hK3rgdNzmrQnzlXwEBJ6kMNEN9wylnz6ShMQN544MWZ
 EJZA==
MIME-Version: 1.0
X-Received: by 10.55.49.67 with SMTP id x64mr50359222qkx.24.1440403717132;
 Mon, 24 Aug 2015 01:08:37 -0700 (PDT)
Received: by 10.233.222.2 with HTTP; Mon, 24 Aug 2015 01:08:37 -0700 (PDT)
Received: by 10.233.222.2 with HTTP; Mon, 24 Aug 2015 01:08:37 -0700 (PDT)
In-Reply-To: <d577fdcf7971a1f4df14c3044b172b5a@openmailbox.org>
References: <d577fdcf7971a1f4df14c3044b172b5a@openmailbox.org>
Date: Mon, 24 Aug 2015 01:08:37 -0700
Message-ID: <CAAgxajE8WRoz3hAZrVLL4H2OoaXnLG094XJR-4cgKoV_vjt=nA@mail.gmail.com>
From: Apple Apple <djjdjdjdjdjdjd32@gmail.com>
To: tor-talk@lists.torproject.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] What's to be Done
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

I don't have the means to watch this talk right now so I apologise if my
questions or comments have already been addressed.

While i agree with all of your points, I can't really see many of these
suggestions being taken up by Debian. Especially things like compiling
packages as pie or with asan(lol) or enabling significant grsec and Pax
options. These all come with a non-trivial runtime overhead and will
introduce usability and stability issues by design (I.e. processes will
crash or not start instead of continue in a potentially dangerous way.)

The problem is most users and developers (including the likes of Linus) do
not care at all about security but will hit the roof in rage if the system
is 0.1% slower or this buggy 30 year old Unix application does not work
anymore.

Is it realistic to incorporate real security into such a mainstream distro
Debian or do we need to build/ fork a separate distro?

What is the actual plan to get these things done?
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

