Delivery-Date: Thu, 18 Aug 2016 22:41:54 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [138.201.14.202])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 95C8A1E03B6;
	Thu, 18 Aug 2016 22:41:51 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id C7DDDE0373;
	Fri, 19 Aug 2016 02:41:45 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id D75A4E0379
 for <tor-talk@lists.torproject.org>; Fri, 19 Aug 2016 02:41:41 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id WIP4LBaBBY7I for <tor-talk@lists.torproject.org>;
 Fri, 19 Aug 2016 02:41:41 +0000 (UTC)
Received: from cock.li (cock.li [185.100.85.212])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 8D263E02EC
 for <tor-talk@lists.torproject.org>; Fri, 19 Aug 2016 02:41:41 +0000 (UTC)
References: <e0ad8702dcf32883954e22b6875e341e@openmailbox.org>
 <20160819020753.GQ11383@moria.seul.org>
To: tor-talk@lists.torproject.org
From: Jeremy Rand <jeremyrand@airmail.cc>
X-Enigmail-Draft-Status: N1110
Message-ID: <9d71abc4-dd70-23ac-b0c0-c7f86969bfd4@airmail.cc>
Date: Fri, 19 Aug 2016 02:42:46 +0000
MIME-Version: 1.0
In-Reply-To: <20160819020753.GQ11383@moria.seul.org>
Subject: Re: [tor-talk] A community concern that needs to be addressed,
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Reply-To: tor-talk@lists.torproject.org
Content-Type: multipart/mixed; boundary="===============7596741785131613050=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7596741785131613050==
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="vJ3G7ihjTbLSJf59dqB1JH0n5lHwpvtnj"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--vJ3G7ihjTbLSJf59dqB1JH0n5lHwpvtnj
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Roger Dingledine:
> On Thu, Aug 18, 2016 at 08:49:04PM -0400, myzeus@openmailbox.org wrote:=

>>  I feel like Tor has become increasingly user-friendly
>> and the Tor Browser Bundle is by far less 'intimidating' to perform
>> first time configuration than it was a few years ago.
>=20
> Yay! Sign me up. There are many millions of people around the world
> who can benefit from the things that Tor Browser can do for them,
> but there's still a lot of work to be done.
>=20
> In fact, wait a minute, I already wrote this text before. :) Here is th=
e
> middle chunk of my blog post from last December 1st -- I still believe
> it all now, and I think it gives us some good ideas for a future roadma=
p
> of Tor's priorities.
>=20
> "We have much more work ahead of us in the coming years. First and
> foremost, we care about our users and the usability of our tools. We
> want to accelerate user growth: The Tor network sees millions of users
> each day, but there are tens of millions more who are waiting for it to=

> be just a little bit faster, more accessible, or easier to install. We
> want to get the word out that Tor is for everyone on the planet.
>=20
> We also need to focus on outreach and education, and on helping our
> allies who focus on public policy to succeed. Tor is still the best
> system in the world against large adversaries like governments, but
> these days the attackers are vastly outspending the defenders across th=
e
> board. So in addition to keeping Tor both strong and usable, we need to=

> provide technical advice and support to groups like EFF and ACLU while
> they work to rein in the parts of our governments that have gone beyond=

> the permissions and limits that our laws meant to give them.
>=20
> From an organization and community angle, we need to improve our stabil=
ity
> by continued work on transparency and communication, strengthening our
> leadership, choosing our priorities well, and becoming more agile and
> adapting to the most important issues as they arise.
>=20
> Taller mountains await after these: We need to tackle the big open
> anonymity problems like correlation attacks, we need to help websites
> learn how to engage with users who care about privacy, and we need to
> demonstrate to governments around the world that we don't have to choos=
e
> between security and privacy."
>=20
> --Roger

Hey Roger,

First off, I fully agree with everything you've said here, especially
the part about how having a technically sound anonymity system isn't the
only battle that needs to be fought here.  I also fully agree with what
Griffin said -- my confidence in Tor (although already very solid
beforehand) has increased substantially based on how this issue has been
handled.

If I might give some hopefully constructive feedback on this, though:
while it is very important for more usable solutions to be available and
widely advertised on the website (since these solutions are the ones
that increase the anonymity set the most), I feel like a neglected
minority is the set of users who were sufficiently technically skilled
to run Tor Browser Bundle back when it was difficult to use, and whose
technical skill makes them now able to run more complex (though more
secure) systems like Qubes-Whonix.  I feel like this is a legitimate
point made by the Reddit poster -- it would be great for the Tor website
to provide links to more complex systems like Qubes-Whonix, perhaps near
the bottom of the download, and with a note that such systems are are
intended for technically savvy users and will be harder to use, but aim
to provide more security against sophisticated attackers than TBB can.
People like myself, who are more than capable of using Whonix, learned
about it from other sources (e.g. this mailing list), and I'm sure there
are plenty of people with my level of technical sophistication who don't
have the time nor interest to read a mailing list for that info.

Now, I realize that it's easy for me to say this, and that writing such
additions to the website in an accessible way is more difficult.  So,
hopefully no one takes this as grumpiness in any way -- I love the focus
on usable solutions getting the spotlight -- but maybe some kind website
maintainer could give some love to the minority of users who are totally
okay with going through some extra usability issues in order to get
better anonymity?  Even some blogposts would be great -- perhaps some of
the projects like Tails, Qubes, Whonix, and Subgraph might be willing to
collaborate with Tor on some blogposts explaining how the threat models,
usability, and intended audiences differ?  (I imagine quite a lot of the
material could be condensed from the Logan CIJ panel "Future of OS".)

Cheers,
-Jeremy Rand


--vJ3G7ihjTbLSJf59dqB1JH0n5lHwpvtnj
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXtnHWAAoJELPy0WV4bWVw91wP+gPU9sMuIm7r+4ipqJR4TkoJ
JSOnf3Qz2/0w5d2cGS7AmWqWkEc2FLqCKpz9kp/ntLi5QIG0+5kKXSjzELau9tK9
ODQRfwnS3CI9O7UDJEGiRF3sVij5mObEKBZHJfEKeVa5oiUfJ1Mw5iN5aRnvmbG3
fZTAI1cs9NOh55pTffGDGI8+w2+o1UHoiA3dCauJdT/pve1xxHT53HMV4EZUS/70
o++PMfnRr7J9stMH0l3JycAFsdlJoFxJ0Kj73ZRZdSxuYbOYV6lbh7krzHnPiu8n
XExcVgQgMXmDgBPkt+j+AWC/ZFOy0fL7wSZRAI7jVIqdE+OkZKw8K5X/nsk5W7JB
S1dNlkogQD7+FAjABCf3g6wA9SB2NWWxVu6ZQ4C0S7wiGNL7iQNYJ93iM5VSrR4w
WuYb+kbyuRYBuOt7mqyrouxADB43IDXcUDUyE9ZmAzPbbsSWOd4OnzE+WX4eCygP
f673B/Op9NVqq4NzCL3LLtZh6cxDoBhMA7dOanIQfM37wjolUid6gFgfTD3TDc1M
gg0Jp5ETOLiHVk9M/vzWa1FCJ79FQI7qHxk8H9zAtC2968ttu7sZFm1Guy0pJPEI
vL6qh8g5g009WfNNGbYet2VO5L1EPXWr+w3UoCoUSy5iuaUl0M2shvAS6DNdCGYC
jbZ+4MyyqXp7vEL4qgP7
=RxME
-----END PGP SIGNATURE-----

--vJ3G7ihjTbLSJf59dqB1JH0n5lHwpvtnj--

--===============7596741785131613050==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnRvci10YWxrIG1haWxpbmcgbGlzdCAtIHRvci10YWxrQGxpc3RzLnRvcnByb2plY3Qub3Jn
ClRvIHVuc3Vic2NyaWJlIG9yIGNoYW5nZSBvdGhlciBzZXR0aW5ncyBnbyB0bwpodHRwczovL2xp
c3RzLnRvcnByb2plY3Qub3JnL2NnaS1iaW4vbWFpbG1hbi9saXN0aW5mby90b3ItdGFsawo=

--===============7596741785131613050==--

