Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation
Hi, This would make projects such as Ricochet, unMessage, ..., and any other one that uses an onion service as an "identity". And with the already upcoming long addresses, this would make them unusable for any practical purpose to put simply. --Jeff -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation
On Wed, Aug 30, 2017 at 01:18:36PM -0400, Roger Dingledine wrote:
> On Wed, Aug 30, 2017 at 03:07:37PM +0100, Ben Tasker wrote:
> > So his suggestion is portrayed as not sacrificing much, but actually
> > sacrifices quite a lot.
>
> This is a really important point. Thinking of onion space right now as
> the sum total of all that it can be is cutting off all of the future
> innovation.
+1
[snip]
>
> As Alec says, the list of "things that could benefit from having a safe
> communication channel" is both enormous and open-ended. People like to
> use phrases like "dark web" or "dark continent" to evoke mystery and
> intrigue, but really, do you want to use the communications channel where
> you know for sure that you're talking to the person you meant to talk
> to, and you know that it's hard for somebody to eavesdrop on the content
> or the metadata? Or do you want to use the communications channel where
> you don't know who you're talking to, you don't know who is listening,
> and you don't know whether somebody is modifying the traffic?
>
> Calling onion services the "secure web" and everything else the "insecure
> web" isn't very catchy, so maybe we should settle on calling everything
> else (the places where you don't know who you're talking to or who's
> listening) "dark". :)
>
> For those following along who haven't watched our 32c3 onion services
> talk, you might find it enlightening:
> https://media.ccc.de/v/32c3-7322-tor_onion_services_more_useful_than_you_think
> (The Defcon talk has a few more details about the next-generation onion
> service design, but I'm told the video for it won't be up for another
> couple of months.)
In "The Once and Future Onion" I contrast onionspace with "the
less-secure web" rather than the insecure web. I think it's a bit more
accurate term: as one example, there is a difference between an
HTTPS-protected (and HSTS enabled, etc.) site and a vanilla HTTP site.
(I also note that going through Tor Browser in general provides the
ordinary user with more route information than they otherwise
have---indeed authenticated route information. And I underscore this
with the phrase "the alliuminated web".)
This article is for a keynote talk I'll be giving at ESORICS in a few
weeks. The proceedings will be published by Springer and the talk hasn't
been given yet, but you can get the paper right now from
https://www.nrl.navy.mil/itd/chacs/syverson-once-and-future-onion
> I think finding ways to tie onion addresses to normal ("insecure web")
> domains, when a service has both, is really important too. I'd like to
> live in a world where Let's Encrypt gives you an onion altname in your
> https cert by default, and spins up a Tor client by default to let users
> reach your webserver using whichever level of security they prefer.
I also mention this point, as well as integration with HTTPS Everywhere in
"The Once and Future Onion".
[snip]
aloha,
Paul
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation
On Wed, Aug 30, 2017 at 11:28:13AM -0700, Seth David Schoen wrote:
> Roger Dingledine writes:
>
> > I think finding ways to tie onion addresses to normal ("insecure web")
> > domains, when a service has both, is really important too. I'd like to
> > live in a world where Let's Encrypt gives you an onion altname in your
> > https cert by default, and spins up a Tor client by default to let users
> > reach your webserver using whichever level of security they prefer.
>
> Well, I'm still working on being able to write to the CA/B Forum about
> this issue... hopefully we'll find out soon what that community is
> thinking.
As the cryptographic design changes for next generation onion services
are now being rolled out, that
in-my-opinion-never-actually-well-grounded concern will go away. I
cover at a high level, a design for onion altnames in "The Once and
Future Onion" [1] that I think is consistent with the current CA/B
Forum issues about onion addresses. It doesn't cover all desired
cases, so I hope you are successful. But I think it covers a lot of
the ground.
[1] https://www.nrl.navy.mil/itd/chacs/syverson-once-and-future-onion
aloha,
Paul
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Is there any societal use in Bitcoin?
Would the "darknet" be a better place if there was no Bitcoin? Are any of the ethical uses of Bitcoin actually necessary to be done using Bitcoin? Should society make blockchain finance tools illegal? Should Tor activists combat criminal uses of the onion space by impeding its anti-social finance trail? Let's discuss it: http://my.pages.de/illegalblockchains -- E-mail is public! Talk to me in private using encryption: http://loupsycedyglgamf.onion/LynX/ irc://loupsycedyglgamf.onion:67/lynX https://psyced.org:34443/LynX/ -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Is there any societal use in Bitcoin?
Ablative Hosting (clearnet + single hop onion hosting) is planning on utilising Bitcoin, not because we expect our customers to do anything criminal but because banks do and have exerted moralistic control over customers because of the nature of downstream customers / users (e.g. FetLife). Visa / MasterCard etc shouldn't be able to dictate what ones customers publish on their websites, decentralised finance is useful at the very least from this perspective. Original Message On 31 Aug 2017, 12:07, carlo von lynX wrote: > Would the "darknet" be a better place if there was no Bitcoin? Are any of the > ethical uses of Bitcoin actually necessary to be done using Bitcoin? Should > society make blockchain finance tools illegal? Should Tor activists combat > criminal uses of the onion space by impeding its anti-social finance trail? > Let's discuss it: http://my.pages.de/illegalblockchains -- E-mail is public! > Talk to me in private using encryption: http://loupsycedyglgamf.onion/LynX/ > irc://loupsycedyglgamf.onion:67/lynX https://psyced.org:34443/LynX/ -- > tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or > change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation
On 30/08/17 10:07 AM, Ben Tasker wrote:
> On Wed, Aug 30, 2017 at 2:55 PM, Jon Tullett wrote
>> For example the "China Dissident Blog" could choose a stable site hosted
> in the United States or Europe and have it point to the current unvalidated
> name. Or they can just use a friend's Internet site (located in a friendly
> country) for the validated onion name.
>
> Which (IMO) kind of overlooks the additional risk it puts onto them. That
> site may be in a country that respects freedom of speech (and so will stay
> up), but there's now another potential vector for their unfriendly
> government to link their writings back to their real life identity.
There is no country that respects freedom of speech and there is no
country that respects privacy. They all have various legal restrictions
and exceptions for various reasons that change over time, sometimes
drastically. People will argue about such things forever, as we have
seen in these sorts of threads. If we want them we have to fight for
them in the political arena ("policy").
The national spy agencies and corporate entities and
unfriendly/untrained individuals in what you may think of as friendly
countries will trade with your adversaries whatever traffic and metadata
they obtain. You are only as secure as your own and your community's
practices and technology make you ("opsec").
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation
Paul Syverson writes: > As the cryptographic design changes for next generation onion services > are now being rolled out, that > in-my-opinion-never-actually-well-grounded concern will go away. I > cover at a high level, a design for onion altnames in "The Once and > Future Onion" [1] that I think is consistent with the current CA/B > Forum issues about onion addresses. It doesn't cover all desired > cases, so I hope you are successful. But I think it covers a lot of > the ground. > > [1] https://www.nrl.navy.mil/itd/chacs/syverson-once-and-future-onion Thanks, I guess that's Section 5 there. Do you think there should perhaps be a new OID with semantics like "for each identifier that is a subject of this certificate and that contains 'onion' as one DNS label, we performed both clearnet and onion site DV" and so "you can feel free to access the .onion version of this site while also believing that it's run by the same organization as the TLD"? Presumably such an OID could be added by a CA without a new CA/B Forum ballot because it's just asserting an additional check and not reducing the CA's verification obligations. -- Seth Schoen Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] What are you fighting for? was: Re: Neal Krawetz's abcission proposal, and Tor's reputation
krishna e bera:
> There is no country that respects freedom of speech and there is no
> country that respects privacy.
Borders are usually lines drawn on a map by old, usually white, males
with almost complete disregard to the humans living in around the area
crossed by the said line.
Countries are the surfaces delimited by those lines. On maps. Hence the
country can do shit.
What you probably meant is government. But the government is also an
abstraction. It is a list of names on a piece of paper.
What might help shaping your argument is realizing there are people
involved.
Try something like "no politician who wants to be reelected".
Proving a negative is also going to prove pretty damn hard.
Anyway, your discourse is a hysterical one as you conveniently avoid to
define the emotionally loaded terms of "freedom of speech" and
"privacy". You also seem to have no clear idea about who or what is the
subject, again, conveniently omitting it. For one, there are a lot of
places, "countries", where the privacy of the spy agencies is protected
up to the death penalty even if that is outlawed. Or so the people
opposing the government say.
And if you do not write in the vein of the aberrant 18th or 19th century
European philosophers, looking for a "perfect" freedom of speech and
privacy, than you already have that in the States. They are perfectible,
certainly. But without having an idea what should be solved, you end up
like all sorts of revolutionaries, meaning killing people marked as
class enemies.
> They all have various legal restrictions and exceptions for various
> reasons that change over time, sometimes drastically.
Perfect freedom would imply a monotheistic god stance. The moment you
have a community of gods you start having limits to that freedom. What
you should ask yourself is "whom does this restriction help?" and "do I
need this restriction?" Of course, there are many more questions to ask
your self, but this is probably a good starting point.
As you have probably remarked reaching for a solution is not an easy
task. And starting on the path towards the solution implies the effort
to identify the restrictions instead of wallowing in the warm and smelly
waters of convenience. Limiting yourself to some concepts turned into
baseball bats to rise "an against the system" gang will only help the
individuals in power expand their powers.
And yes, the legal restrictions change over time because the individuals
that compose a society, including the society named government, do
change. As a football team during a big game they change as individuals,
but they also can change their minds.
Your remark about "sometimes drastically" is cute. But completely
useless. Given enough time ALL restrictions are drastic.
> People will
> argue about such things forever,
See above. Identify the issues. It is pretty much like the security
models or the bug solving in software development. And I assume the
subscribers of this list are fairly familiar with these concepts.
> as we have seen in these sorts of
> threads.
"We" is a populist way of catching the attention. Which is in sync with
the radiating emotion from the entire post. It will greatly help moving
from emotion to reason. Sure, it will gain you less friends and
followers. But the people liking other people for this sort of discourse
are usually good only at pitchfork gatherings or for burning crosses.
So who is we? You and your husband or wife? You and your parents? You
and your other selfs? You write from one email account. Let the other
sock puppets express themselves. How about avoiding the weasel consensus
and just say "I"?
> If we want them we have to fight for them in the political
> arena ("policy").
And you are only one. And the current political system, at least for the
last 3000 years, is based on majorities. But at some of the issues that
bother you were also born because of fuzzy emotional concepts and half
baked solutions designed to show that "we" do make a change. In the case
of goverments, the word is reform. Do not be mislead by form, it is the
same concept.
The excellent part, and I am grateful to that, is that the Tor
foundation and EFF are making progress with identifying the problems and
finding solutions. It is an uphill battle which forces them to make some
compromises.
Cheers,
Lara
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
