@rugk
Difficult to explain briefly, which is perhaps why so many donāt understand, but security and trust are tricky. Not that itās particularly complex - just that it requires making weighted decisions (never trust blindly), thought, and an attention span greater than Twitter. For a good introduction to trust and security read Bruce Schneierās Liars and Outliers.
No system is completely secure and the weakest point in any secure system is invariably the meat bag that uses it. Most Tor users are clueless about OpSec - most donāt follow the Tor guidelines, and very few use Qubes OS (and even then, improperly). Very, very few untrained people use it from deniable locations and single use machines (a VM provides limited protection from firmware ābugsā on the bare-metal).
Tor has many insecurities (a major one being) - but the greatest one is that people use it more than once from the same machine and same location - which is not what it was originally designed for (tacking more functions onto it doesnāt extend the security model - just the insecurities).
So why do so many defend itās security without providing technical reasons (including the non-Navy developers)? See my original reference to Bruceās explanation of trust and security - also consider that convenience is the enemy of security. That few arrests have included evidence gathered by compromising Tor sessions should provide as much comfort as traffic stops leading to arrests being labelled as ārandomā (see parallel construction).
Iām not going to give instructions on proper OpSec (which includes boring stuff like Risk Management). Like encryption the only way to determine the expertise of the source is to check their track record of defeating it - but most will simply follow the greatest number of lemmings (Tor is "hiding in a crowd"1) instead of hiring an expert, ensuring they know enough to determine if the expert it right, and then following the expert advice. Because that would be inconvenientā¦
tl;dr Proper use of Tor is āreasonablyā secure. For now. 1Unless internet traffic is recorded, and ISPs forced to retain billing records for government then future problems are of no concern. Iād strongly suggest if people are truly concerned about hiding their browsing from all - forever, that they take it very seriously, and consider that just downloading some software, no matter how good, is not the solution.
I think Tor tries to make this easier very much. E.g. take the recent introduction of the "Security slider".
Still the issue itself is of course about users and not about Tor.
You say this as if it would be a requirement to use Tor. I also doubt that most Freenet users use Quebes OS.
All in all is Quebes OS also really not related to Tor (except taht it has the ability to use Tor). So maybe we can say: "Few use Tails or Whonix"
What the hell what security requirements do you have? Why not use it from an air-gapped-machine.
Are you going to be the next Whisleblower or what?
You should consider that Tor users may have different threat models, different security requirements. They are different people, have different attackers, may ordinary users or experts, may militaries or whisleblowers and so on...
And you should adjust your behaviour (or OpSec) according to your threat model. That's the only useful thing you can do and should do. EFF has a very good guide about this.
You prove your claim by providing one source. So at first let me say you: Yes, of course every software has vulnerabilities and that's why such papers are great. When published (or sometimes better: before) these vulns can be fixed (if possible) or used for further improvement of the concept and so on. Also Tor is moving and constantly improving the security so you cannot blame them today and keep this opinion for the whole future.
And - needless to say - of course also Freenet has vuln. I don't see any basically - conceptional - difference here, which would be necessary to support the claim "Freenet is better than Tor" (because that's basically what you said).
As for the one paper you gave I read the Tor summary and it sounds like a kinda theoretical attack:
The first big question [...]: is their website fingerprinting classifier actually accurate in practice? They consider a world of 1000 front pages, but ahmia.fi and other onion-space crawlers have found millions of pages by looking beyond front pages. Their 2.9% false positive rate becomes enormous in the face of this many pagesāand the result is that the vast majority of the classification guesses will be mistakes.
For example, if the user loads ten pages, and the classifier outputs a guess for each web page she loads, will it output a stream of "She went to Facebook!" "She went to Riseup!" "She went to Wildleaks!" while actually she was just reading posts in a Bitcoin forum the whole time?
In any case I'd say this is not a "mayor" insecurity/vulnerability.
As said above, this depends on the thread model. You cannot generalize it the way you do.
Additional this is still no difference to FreeNet. How can you blame Tor for the things Tor users do wrong?
You also can't blame Freenet for the things Freenet users do wrong.
Can you provide a source for this claim?
Which functions?
Ah all right, veeery funny...
Wait...
So I just had a look at this article to see what you mean and okay: Yes, no door in your house in convenient and the door protects your security, but I would take care to transfer this model to security software.
Maybe security software should not be convenient, but the UX must is an important aspect of security software:
āIf you write security software without taking the user experience into account, you end up harming your security. It is a vulnerability to not consider how the user will use your software,ā Brooks said.
As for Tor we have an example I already mentioned earlier: The security slider. It is easy/easier to understand, to configure, helps users to make the right choice and... yes, it is also somehow convenient. It makes the software understandable for users and that's what matters, because otherwise you have the users you describe, which are using the software wrong.
BTW: The security-slider is also a good example of users setting their own security level (based on their threat model). I think this thing, is really great.
Sorry, but this article is very long and covers also much other aspects. It would be good if you could quote the part you're referring to.
In case this "1" should refer to the ISP & internet traffic collection I don't see any connection to Tor here.
Additionally:
It is. Depending on the country you are it may be legal (retention laws) or may be done in secret (eh, there was someone called Snowden...) or maybe... not recorded(?).
At least there is one instance, which has one reason...
Besides of that: You know that the whole principle of Tor depends on many "lemmings" using it? You know that each Tor user is hiding in a crowd of "lemmings"?
Did you do that before using Freenet? Or before deciding to use Freenet?
I don't see this mentioned in your previous text, but interesting statement.
It just seems to contradict t to this statement:
So is Tor an option, or is not it? You leave us in confusion here.
tl;dr: You mostly only say that Tor users are doing it wrong. This may or may not be right, but it does certainly not explain why FreeNet is better than Tor. You also have not expressed any critique of any conceptional aspect of Tor.
Maybe you should try out the security slider of Tor...
No - the issue is about both the user and the system. A weakness in either is a weakness. Security is binary - either it's secure, or it's not. Degrees are irrelevant if it can eventually be compromised. And yes, I'm very much aware of current record retention laws (I'm sorry you missed the sarcasm) - and cynical about them being meta-data only.
[quote="rugk, post:24, topic:17976, full:true"]
You say this as if it would be a requirement to use Tor. I also doubt that most Freenet users use Quebes OS.[/quote]
There is no "requirement" to using Tor. It would be a requirement for maintaining secrecy when persistently using Tor in the same requirement.
[quote="rugk, post:24, topic:17976, full:true"]what security requirements do you have? [/quote] That a secure process be secure. Not relatively or partially. Good OpSec negates targeted firmware exploits, Van Eck phreaking, or other emotionally over-invested goal-shifting arguments.
[quote="rugk, post:24, topic:17976, full:true"]
And you should adjust your behaviour (or OpSec) according to your threat model. [/quote] Which is just rehashing what I said about Risk Management.
[quote="rugk, post:24, topic:17976, full:true"]You prove your claim by providing one source.[/quote]A lack of evidence often only proves a lack of basic research.
[quote="rugk, post:24, topic:17976, full:true"]
And - needless to say - of course also Freenet has vuln.[/quote]
Yes. Apropos of what? No system is perfectly secure - whether it's secure enough for the intended purpose is another thing. In this discussion it's whether what you do can be ever attributed to you.
[quote="rugk, post:24, topic:17976, full:true"] I don't see any basically - conceptional - difference here[/quote] The models are completely different. Don't confuse invite only with public.
[quote="rugk, post:24, topic:17976, full:true"]Their 2.9% false positive rate becomes[/quote]... a grave concern. If you're crossing the road and you know that someone is trying to run you down, but they have a 20% error rate - do you feel comfortable? It's not about whether someone can determine what you do upsets them by following all that you do. It's whether they can monitor particular sites and identify visitors... knowing they can within 97% should be a concern.
I have. I have you read Tao Wang response? Hopefully you didn't skim read Mike's post and miss it, or baulk at a wall of words larger than Bruce's short essay (which you asked me to cherry pick for you).
Some balance - Layering will reduce/remove the problem, and, Schneier on-board will, hopefully, remove some ofthestaffingproblems.
[quote="rugk, post:24, topic:17976, full:true"]
You also can't blame software(sic) for the things software(sic users do wrong.
[/quote]Please don't falsely quote me.
[quote="rugk, post:24, topic:17976, full:true"]
Can you provide a source for this claim?
[/quote] Are you seriously suggesting that if I can't supply a Top Secret original design specification that the following is not true? to cloak the online identity of government agents and informants while they are in the field
emphasis mine.
More information is available, or ask the source.
Forward security.
George Kadianakis, Damian Johnson, Andrea Shepard, David Chasteen, Moritz Bartl, Erinn Clark, Jacob Appelbaum, and many other "ex-"spooks/Tor developers. I don't see anything worth laughing about.
Context is important. See my earlier comment about the Twitter problem.
Again, context.
My original response was polite, considered, and brief. If you wish to continue this discussion seriously please post to Schneier's forum.
The models are completely different. Don't confuse invite only with public.