How Shari Steele Plans To Take Tor Mainstream 94
blottsie writes: Over her career, Shari Steel has taken on United States Department of Justice, the National Security Agency, and the Federal Bureau of Investigation. She built the Electronic Frontier Foundation into an international powerhouse for protecting online rights. Today, she has a new mission, perhaps her heaviest challenge yet: Take the Internet's most powerful privacy tool mainstream. From the Daily Dot article linked, a hint of one reason that bringing Tor mainstream isn't straightforward:
At the heart of Tor's image problems are what's known as "hidden services" -- sites that are only accessible through the Tor network. Hidden services have been home to drug and gun marketplaces, child pornography forums, fraud and hacking sites, and sites where you can place bets on when a high-profile target may be assassinated. While the media tends to focus on the nefarious elements Tor enables, hidden services make up only about 1 percent of the Tor network, according to Steele, and are in no way operated by the Tor Project.
"I'm trying to teach everyone that we need to recognize that we are doing the work of the angels," Steele says. "What we are providing is really important and really great, and there happen to be uses that are residual that aren't what we're doing. We're not creating this for [illegal activity]. And OK, maybe it's being used for that, but that's not what we're about!"
"I'm trying to teach everyone that we need to recognize that we are doing the work of the angels," Steele says. "What we are providing is really important and really great, and there happen to be uses that are residual that aren't what we're doing. We're not creating this for [illegal activity]. And OK, maybe it's being used for that, but that's not what we're about!"
1 percenters (Score:2)
Re:1 percenters (Score:4, Interesting)
Re: (Score:3)
Re: (Score:1)
You don't have any idea who/what the EFF actually is/does, do you?
Re: (Score:1)
Re: (Score:1)
EFF and the ACLU (plus the local chapter) get donations every year - sometimes more often if I read about an issue they're needing help with funding. I am not affiliated with either but I do like to remind folks that both groups are hard at working at helping with our liberties. So, if you've got a buck or two and want to help out, I'm certain they'd appreciate it.
Re: (Score:1)
Thank you. I was, until now, entirely unfamiliar with them. They look like they might be a worthy cause. Free speech means protecting the speech that is not preferred and these folks get funding from the government. So, it's a noble goal and I thank you for bringing it to my attention. I'm in the process of getting some BTC, where I'll wash it, and then I'll push it on to them anonymously in chunks over the weekend and into the coming week*. I need neither a shirt nor recognition. I care not about the tax w
Well, I don't blame the gunmaker (Score:2)
For how someone uses the gun.
But still, you have to wonder about a large-scale gunrunner who knows that his guns are being used to kill civilians in some civil war.
Re:Well, I don't blame the gunmaker (Score:4, Funny)
Re: (Score:2)
Re: (Score:1)
All of you, stop trying to turn this into a discussion about guns. This conversation is about network security. The two technologies could not be more fundamentally different.
Re: (Score:2)
You really think your gun would stop the biggest military (by a margin and then some) on the planet from infringing on what you perceive to be your rights? They'll blow a hole into your history book and your constitution before you can yammer anything about having any kind of "right".
You have no rights anymore. You have privileges. And only until they happen to be in the way of someone important. Then they will simply be removed. The main reason you have that oh so important right to bear arms (or arm bears
Re: (Score:1)
Re: (Score:2)
Dude, face it: You are powerless. You can't even get a sizable number of people to VOTE for something other than The Party, you really think that you have any chance to get a sizable number to get off their fat asses and away from their flatscreen TVs to overthrow the corrupt government? Please.
The main reason you still have that 2nd is that it is a great tool to get some votes because the other party (i.e. the other side of The Party) wants to take your guns away, so vote for us!
Yes, it's a propaganda elem
Re: (Score:2)
Re: (Score:1)
Re: (Score:1)
Re: (Score:3)
I'll bet he gets maimed by one of his own munitions, then captured by guerilla forces, and has to wear an electromagnet in his chest to keep metal from entering his heart. Hopefully he learns from this and uses his knowledge for good instead of evil. You know, an ironic sort of punishment.
Re: (Score:1)
Aside from your cute reference to the plot of Ironman, this STILL HAS NOTHING TO DO WITH NETWORK SECURITY.
Re: (Score:2)
What do you have to wonder about them? They're making a profit, aren't they? And that is their job.
Re: (Score:2)
Selling arms to dictatorships is just one of those things we have to put up with in life.
http://sciencenordic.com/unite... [sciencenordic.com]
The United States arms most dictatorships
January 1, 2012 - 07:00
You'll have to come up with a better reason than that to shut down anonymous networks.
Like, "Because we want to control which dictatorships get arms."
If you want to be on an NSA watchlist... (Score:2)
Re: (Score:1)
I hear that pretty much any VPN or other sort of tunneling or encrypted network traffic pretty much accomplishes the same thing. Probably just posting to discussions about this type of topic Slashdot does it too.
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Oh we are on reddit now.
Re: (Score:1)
Yeah ... it's important that women - particularly those in the public eye - match up to expectations on sexual attractiveness. Otherwise, how will guys know who to mate with?
Why can't people be even a little bit nice?
Re: (Score:2)
Actually, I was thinking of Roger Daltry [pinimg.com].
Re: (Score:2)
Make it 5 and I'll fire up Photoshop.
Didn't the NSA already break Tor? (Score:2)
I'm fairly sure that I read somewhere quite a while back that Tor was already broken by one or other of the organs of the US government, and some people doing something illegal via Tor got caught and prosecuted. No?
Re: (Score:2)
Re: (Score:2)
"The NSA does keep claiming to have broken Tor"
The NSA has never made such a claim and there is no evidence that TOR has been broken by the NSA or anyone else.
However, I wouldn't be surprised if the NSA could figure out how to compromise TOR since the government has been involved with the TOR project since it's inception. It was originally designed and built by the US Naval Research Laboratory. Their stated purpose at the time was to protect US intelligence communications. Onion routing was originally devel
Re: (Score:2)
Re: (Score:2)
It is not. Get your facts straight.
Re: (Score:2)
I may not be totally correct about Tor but at least I'm not an arrogant dick like you.
Re: (Score:1)
You are clueless and shoot off your mouth and the person pointing it out is an "arrogant dick"? Are you campaigning for equal credibility for idiots and morons or what?
Re: (Score:2)
Gotta be honest here... You're really being the dick in this situation. Read their post again. Note the question mark? Heaven forfend, someone try to learn something when we're always telling people that if they don't know they should ask and learn. (Or just directing them to the manual.) However, in all fairness, a number of articles have made it a bit confusing and one might believe that TOR has been broken. By all accounts, it hasn't so long as you remain on the .onion domains. Exiting the network might
Re: (Score:2)
Re: (Score:1)
I won't argue but I will add that you're right, it's not uncommon. However, I've communicated with 'em before and they're usually not a dick. Even I'm a dick sometimes. Though, often it's my poor articulation that makes it seem like it was intentional but sometimes I'm still a dick. I suspect they were just grumpy or drunk. ;-)
Re: (Score:2)
>> You are clueless and shoot off your mouth
No, I simply asked a question.
>> and the person pointing it out is an "arrogant dick"?
exactly. See the way you did it, both originally and just then.
>> Are you campaigning for equal credibility for idiots and morons or what?
Thanks for just further confirming my assertion that you are, in fact, an arrogant dick.
Re: (Score:2)
Well, it's not Tor itself that's the problem it's poor OpSec that was the issue causing the identity of the site owner to leak out. And there's another one involving an Apache module that is configured to listen to requests from localhost by default, except that Tor dark sites do exactly that so
Re: (Score:1)
Re: (Score:2)
The US gov origins and fronts for funding for onion routing to help US backed NGO's, spies, freedom groups, color revolutions.
https://pando.com/2014/07/16/t... [pando.com]
As for the NSA, GCHQ? Why would anything the US gov created be left out of their reach? Collect it all is the mission. A lot of nations globally have given or got asked or offered to share their entire telco systems a
Re: (Score:1)
You don't want to know.
The work of angels? (Score:2)
My problems with it. (Score:4, Interesting)
I'm a big advocate for TOR and what they try to do but there are some big obstacles.
* Speed sucks.
* There are no good search engines.
* Exit nodes are widely blocked and/or monitored.
I saw a good BBC documentary that explains TOR in laymen's terms https://www.youtube.com/watch?v=rZhmuGVSdaY [youtube.com] if anyone is interested.
Re: (Score:1)
It sounds like you haven't used it in a while. It's gotten a lot better. Tor is really fast now and while sites blocking exit nodes is a problem it's probably more important that hidden service work be improved. There are ways to get around sites that block Tor for those who actually need to access public web sites over Tor. On the other hand the people who really need to remain anonymous in order to publish content have no such ability to protect themselves adequately against attack. It's the weak spot of
Re: (Score:2)
Speed is okay for general browsing, especially since you would normally have full ad-blocking enabled and scripts disabled. For searching, I presume you mean for hidden services because google works with Tor, and well... Maybe the reason most of those sites don't make themselves available for indexing by search engines is because they don't want to be found that way.
As for exit node monitoring, it's really only an issue for n00bs. Maybe the Tor Browser bundle should block non-HTTPS sites by default.
1/3 Image, 1/3 Society,1/3 Tech (Score:5, Interesting)
Tor's issues with respect to going mainstream, in my opinion, are as follows:
1.) It's complicated. Yes, it can be streamlined, which is the goal, but even if it were, it's still inherently more complicated than "not using Tor".
2.) No need. "I'm just browsing Facebook and paying bills online...and if someone is really snooping that traffic, what difference does it make?"
3.) Location data is convenient. As much as I hate Google tracking me, I'd much prefer knowing about restaurants near me when I'm hungry, than ones in Malaysia.
4.) Many people's first encounters with Tor are the result of ransomware...which are usually a traumatic experience. That's not exactly great marketing.
5.) Tor slows down browsing significantly; adding additional users would exacerbate the issue.
6.) Even the "good guys" have questions about the utility of Tor (compromised exit nodes, honeypots, etc.)
7.) Tricky on mobile devices.
Honestly, I see Tor's problems having much less to do with technological problems than with sociological ones. For most people, Shari would have to establish a need for them to use Tor. I don't see her being effective in that - not because of who she is, but because of her audience.
Re:1/3 Image, 1/3 Society,1/3 Tech (Score:4, Interesting)
Tor is useful when you need it and really have no better choice, but its not going to be a mass solution. There's too many things you have to get right for it to work the way it is intended and not expose you to discovery.
And yes, it is slow. Painfully slow.
Another thing I consider when I look at encrypted or otherwise more purposely "secure" transmission methods is that if you're using them, you're now in a group of people that is passing more "interesting" traffic. Observers may or may not be able to read what you are saying, but they're a whole lot more interested in whatever it is you are saying, if you show that you're taking more than the usual precautions with it.
It also means that even if they can't see you, there are specific Tor .onion sites which are only a small subset of the Internet, and those sites can become infected with malware that talks back to the investigators, as it has been seen in the past. In that way, a Tor user may be more likely to get caught in the dragnet and investigated. And it doesn't have to be something like a Silk Road type of site either, although you're certainly a target if you look at one of those kind of sites.
So, when I hear of people trying to take this sort of thing mainstream, I can totally see why you'd want to do that. It makes it less likely that you're a higher priority surveillance target just for using it.
Unfortunately, most people have to have a good reason to be inconvenienced in this manner during normal transmission of data because they just want to send a message or look at a site and don't care who knows where they browse. We'll need something a lot more user friendly (and more secure) than Tor for that sort of adoption.
Re: (Score:2)
5.) Tor slows down browsing significantly; adding additional users would exacerbate the issue.
This. I've tried to use Tor several times over the last 10 years, it's always been so slow I gave up on it before getting 3-4 pages.
Re: (Score:1)
1) My grandmother thought the VCR was complicated
2) "what difference does it make?" Is that you Hillary? (It makes a lot of difference, I'll spare you the details)
3) Having the restaurants location data and knowing where it is in relationship to yourself is convenient. ____, inc recording and storing the details of your location is the problem
4) In my life, sadly of which too much is spent online, I have never encountered 'Tor ransomware'. But maybe this is a reality for some?
5) My understanding of Tor is l
Re: (Score:2)
1) My grandmother thought the VCR was complicated
Yes, there will always be those who cannot adapt. However, the problem attempting to be solved is that there is a majority of people for whom Tor is prohibitively complicated.
2) "what difference does it make?" Is that you Hillary? (It makes a lot of difference, I'll spare you the details)
No, it's not Hillary. I too know it makes a difference. The problem is that the perception of the implications for most people is that they are trivial. Hence, why this is a social issue as much as a technological one.
3) Having the restaurants location data and knowing where it is in relationship to yourself is convenient. ____, inc recording and storing the details of your location is the problem
Yes, but Tor doesn't solve this problem. Running a Google search through Tor will show me restaurants near the exit nod
Re: (Score:2)
I think perhaps you misunderstand the goal of Tor. It's not really aiming to be the default way people browse the web. We should concentrate on other technologies for that, like making sure everywhere uses HTTPS properly.
Tor is ideal for low bandwidth stuff like messaging and browsing simple but important web sites. It's useful when you need to communicate privately and securely, even if it isn't always perfect. So there are two important points here:
1. Even if it isn't always used perfectly, it still preve
Re: (Score:2)
Corporate TOR sponsorship (Score:2)
Comment (Score:1)
So unrelated to the story specifically, but this is a discussion about a woman in technology who actually does stuff? She's not complaining about SJW issues; she's out there fighting the fight with us-- for us! So for once, we can relax and not have a big feminism discussion just because a woman is doing something tech-wise.
Thank you, Shari.
Tor's problem is not hidden services (Score:1)
Tor's problem is not hidden services.
Tor's problems:
1. Speed sucks. Since *ANY* node can be used in the pathway, your speed is limited to the upload speed of the slowest node you are using. Since you have no control by default over which nodes are used, you cannot prevent this.
Scarily, when I was playing/using Tor, the best results came from limiting my usage to only half a dozen nodes. Never mind the goal of security here.
The work-around: Use an IP-like system, where your stream is sent over many links, an
That's not my department, said Werner von Braun (Score:1)
From the OP: "We're not creating this for [illegal activity]. And OK, maybe it's being used for that, but that's not what we're about!"
https://www.youtube.com/watch?... [youtube.com]