Delivery-Date: Thu, 06 Nov 2014 17:11:31 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 6F4C01E0A86;
	Thu,  6 Nov 2014 17:11:29 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id E4E292F4DE;
	Thu,  6 Nov 2014 22:11:24 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 13448311BE
 for <tor-talk@lists.torproject.org>; Thu,  6 Nov 2014 22:11:22 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id O93hXtlObhYY for <tor-talk@lists.torproject.org>;
 Thu,  6 Nov 2014 22:11:22 +0000 (UTC)
Received: from jessica.everdot.org (unknown [IPv6:2001:470:1f0b:1c12::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id D51B32EBE0
 for <tor-talk@lists.torproject.org>; Thu,  6 Nov 2014 22:11:21 +0000 (UTC)
Received: from mail.everdot.org (primail.everdot.org [IPv6:2001:470:dc2e:5::2])
 (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by jessica.everdot.org (Postfix) with ESMTPS id 82808FA09E4
 for <tor-talk@lists.torproject.org>; Thu,  6 Nov 2014 23:11:18 +0100 (CET)
Received: from localhost (localhost [127.0.0.1])
 by mail.everdot.org (Postfix) with ESMTP id 904659122E5F
 for <tor-talk@lists.torproject.org>; Thu,  6 Nov 2014 23:11:17 +0100 (CET)
X-Virus-Scanned: amavisd-new at everdot.org
Received: from mail.everdot.org ([127.0.0.1])
 by localhost (everdot.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id gRC1jJbOXlxZ for <tor-talk@lists.torproject.org>;
 Thu,  6 Nov 2014 23:11:08 +0100 (CET)
Received: from meilong (unknown [IPv6:2001:470:dc2e:2:e844:d9d0:40c7:6056])
 (using SSLv3 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mail.everdot.org (Postfix) with ESMTPSA id BCA929122C21
 for <tor-talk@lists.torproject.org>; Thu,  6 Nov 2014 23:11:08 +0100 (CET)
Date: Thu, 6 Nov 2014 23:11:02 +0100
From: =?ISO-8859-1?B?1nl2aW5k?= Saether <oyvinds@everdot.org>
To: tor-talk@lists.torproject.org
Message-ID: <20141106231102.0e52e0bf@meilong>
In-Reply-To: <CAC-Vat6d3U5D3pRBbwzs8gVFuR8ute=T6c3p72k=N1pZuR7SuQ@mail.gmail.com>
References: <20141106180756.42a2541d@meilong>
 <CAC-Vat4akPipbrgoJ_k7EUO7QTx+5xkD-p81J1rPtFk6zqxg8Q@mail.gmail.com>
 <20141106182517.5f66b5c5@meilong>
 <CAC-Vat6d3U5D3pRBbwzs8gVFuR8ute=T6c3p72k=N1pZuR7SuQ@mail.gmail.com>
X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.24; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Subject: Re: [tor-talk] Operation Onymous against hidden services,
 most DarkNet markets are down
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============3865960083272528652=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

--===============3865960083272528652==
Content-Type: multipart/signed; micalg=pgp-sha1;
 boundary="Sig_/orivSatAw/DPI07QqElG0VB"; protocol="application/pgp-signature"

--Sig_/orivSatAw/DPI07QqElG0VB
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

mroq qorm <mroqorm@gmail.com> wrote:
> sure, parallel construction is a problem, also in the SR 1.0 case, but
> let's not get ahead of ourselves and call tor into question again =20

The location hidden services are just ONE of the features Tor provides.

The Tor developers themselves ADMIT that this specific feature is not
particularly secure:

"The long-term keypair of a Hidden Service is an RSA-1024 keypair which
nowadays is considered weak."[1]

I for one think it is PERFECTLY reasonable to question the security of
this particular feature. Just the amount of sites that went down on the
same day should be reason enough to ask some hard questions regarding
the (lack of) security hidden services provide.=20

If the FBI had shut down ONE website then you could explain that away.
Indeed SR2 can be explained with the simple fact that it was a honeypot
from the beginning: They brag about how a Homeland Security person was
involved since BEFORE that site was launched.=20

It is very interesting that absolutely NO information regarding all the
other sites that went down today has been put forward. Could this be
because they do not have any plausible explanation as to how these
sites were found and taken down?

One thing is clear regardless of what happened to these sites: Those
hidden services "need some love" as the Tor people themselves admit.
And I personally recommend not using them until they do.

> just imagine the positive press for LE if they SAVED THE CHILDREN =20

Are there any huge BTC wallets that can be seized by doing so?

[1] https://blog.torproject.org/blog/hidden-services-need-some-love
[2]
http://www.scribd.com/doc/245744857/Blake-Benthall-Criminal-Complaint

--Sig_/orivSatAw/DPI07QqElG0VB
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlRb8foACgkQNBSJHnwv/KrDHACdF4IwroWBUQhl44swDSab8sFo
2BgAoJIXVqZOEERnsarU+sylI2WGyU7O
=QGKT
-----END PGP SIGNATURE-----

--Sig_/orivSatAw/DPI07QqElG0VB--

--===============3865960083272528652==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============3865960083272528652==--

