Delivery-Date: Tue, 05 May 2015 11:15:50 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id D36C31E0445
	for <archiver@seul.org>; Tue,  5 May 2015 11:15:48 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 8721C34E16;
	Tue,  5 May 2015 15:15:44 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id BAB5B34DF6
 for <tor-talk@lists.torproject.org>; Tue,  5 May 2015 15:15:40 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 913lZSFC8RiR for <tor-talk@lists.torproject.org>;
 Tue,  5 May 2015 15:15:40 +0000 (UTC)
Received: from plane.gmane.org (plane.gmane.org [80.91.229.3])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 822E534AA5
 for <tor-talk@lists.torproject.org>; Tue,  5 May 2015 15:15:40 +0000 (UTC)
Received: from list by plane.gmane.org with local (Exim 4.69)
 (envelope-from <gno-or-talk-2@m.gmane.org>) id 1YpeZH-0007Cn-8i
 for tor-talk@lists.torproject.org; Tue, 05 May 2015 17:15:31 +0200
Received: from 81-89-96-91.blue.kundencontroller.de ([81.89.96.91])
 by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <tor-talk@lists.torproject.org>; Tue, 05 May 2015 17:15:31 +0200
Received: from wgreenhouse by 81-89-96-91.blue.kundencontroller.de with local
 (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
 for <tor-talk@lists.torproject.org>; Tue, 05 May 2015 17:15:31 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: tor-talk@lists.torproject.org
From: W. Greenhouse <wgreenhouse@riseup.net>
Date: Tue, 05 May 2015 15:15:07 +0000
Lines: 31
Message-ID: <87ioc79htw.fsf@example.com>
References: <camtdts-_bhhxb76-_us8gx6ydh2dppmh4-d6utibqghjaulrna@mail.gmail.com>
 <3d3832de66f.000004abbeatthebastards@inbox.com>
 <cajvra1ssz4rmw=s8yqyhkuakvyzbzaxlqfj_fawg3xuccsm90w@mail.gmail.com>
 <5545929b.10805@riseup.net>
 <camtdts9j65qtapqtk+tazq4o=spf9jxsrbhgz6xx8svjc6_ahq@mail.gmail.com>
 <camtdts9jo4rypqx+esro4pho2zag6gytjwdsxslenaq6a+026w@mail.gmail.com>
 <camtdts9mqhmkq+fqn7-gkmugnr3nhf_2a-fqunr_h0txa4pa7g@mail.gmail.com>
 <cajvra1s2um0d=om3bmf0ronowrdi41fvac=jprwuq9z+cb8vwa@mail.gmail.com>
 <CAMTdTS86dvRjiAOCJEeqSo-fX77XDZvKNWxTPOVsy+OFRR3pOg@mail.gmail.com>
 <3EBC4A37DD1.000005A8beatthebastards@inbox.com>
 <CAMTdTS8=A+j0wzpHn08gmYjoJMKtgH_K7b=_9nAdadGirXO1Cw@mail.gmail.com>
 <874mnsbkqc.fsf@example.com> <87zj5ka5u3.fsf@example.com>
 <CAMTdTS_rBxgKx=8=GDezvFCAR6gdasTo6cHkFPca8+-u15rZPw@mail.gmail.com>
 <20150505072215.C45DEAE41B@smtp.postman.i2p>
 <20150505114925.3682DAE418@smtp.postman.i2p>
 <CAMTdTS8g4JFUpczzp9dga_6WibNw1GZ3pg0AxcCVCd4wbJK8dA@mail.gmail.com>
Mime-Version: 1.0
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: 81-89-96-91.blue.kundencontroller.de
X-Archive: encrypt
Cancel-Lock: sha1:e1ZdywkU2DR382tTFLvFB1XTof8=
Subject: Re: [tor-talk] Meeting Snowden in Princeton
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

benjamin barber <barberb@barberb.com> writes:

> I dislike the notion of the central directory auth, while not a SINGLE
> point of failure, relying on someone else to know who to trust, is great
> until you discover that the trust was underserved.

You're welcome to dislike it, but as str4d just confirmed,
there's currently no decentralized solution that offers an equivalent ability
to prevent takeovers of the network by dumping bandwidth onto the network.
It was interesting to hear about some of the alternatives
that don't rely on a directory authority concept,
but it sounds like none are as mature yet.

> Operational security also seems to be glossed over to laypersons,

I agree, but the basic problem is that threat modelling is hard.
I think Tor (in its FAQ and other documents) is open as to its limitations,
which has not always been the case with other technologies/networks.
And of course even exhaustive documentation of opsec
(which would somehow have to foresee every application Tor was put to)
won't stop people motivated by profit or blinded by hubris from cutting corners.

https://ssd.eff.org/en/module/introduction-threat-modeling
is a nice introductory text, but it's just that, an introduction.
Ultimately the advice has to be tailored to the particular user(s).

> which is why I use to a solar powered computers running tor, that I
> network with a private VPN server that I have running in germany.

This for example sounds like doing some stuff that sounded good at the time,
absent any particular threat model.

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

