On 14 July 2016 at 21:17, Joe Btfsplk <joebtfs...@gmx.com> wrote: > On 7/14/2016 1:23 AM, Jon Tullett wrote: >> >> >> I think what you'll find in such cases is that the FBI generally crack >> the servers hosting the illicit material, not Tor itself. >> > 1. Wasn't this discussed back when it occurred? As to how they did (or > likely did) identify the Tor / Tor Browser users for the porn arrests? > Or am I thinking of bringing down Silk Road & some other sites?
Yes indeed. I linked to such an article in another email in this thread. > 2. Aren't statements (from anyone) like, "... generally crack the servers > hosting the illicit material, not Tor itself," sort of a matter of > semantics? Depends on the context, I guess. To the user, maybe, but in the context of this (Tor) community, the distinction matters. Browser vulns and server exploits are common. Tor's crypto is not, AFAIK, known to be compromised. If a law enforcement agency cracked Tor, it would be a very significant development indeed. The same agency using browser exploits doesn't move the security needle at all; we already know they do that. The issue of who should be responsible for alerting a user to possible risks is debatable. Tor's job, after all, is not to keep users secure; it's to keep them anonymous. I don't speak for the Tor project, but I expect the assumption is that users should take responsibility for their own security, just as they should take responsibility for antivirus, patching, and brushing their teeth :) -J -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
