Tor is an NSA honey trap. Prove me wrong. You can't.
>>47545054
>i have to prove you wrong
I hope that you aren't a fedora fag fan of Sagan or Dawkins...
There's nothing to prove when it's fact, to be honest.
>>47545076
if we're talking about burden of proof, that rests squarely with OP.
Well you can look at the source code. No backdoors.
https://www.torproject.org/dist/tor-0.2.5.12.tar.gz
Here's your proof.
Imagine.. Tor people are always begging for donations and guess what they're doing with that money?
They're spending it on PR firms to improve their image:
http://pando.com/2015/03/29/tor-hires-a-corporate-pr-firm-to-combat-journalism-from-pando-and-elsewhere/
>In October 2014, Tor hired Thomson Communications, a Boston-based public relations firm that works with clients ranging from Verizon Wireless to the local healthcare industry. The Tor Project is based in Boston. One of Thomson’s early charges was to fuel press publicity for Tor’s growing relationship with Mozilla.
>Tor’s new initiative comes in the wake of a series of articles from Pando Daily exploring the relationship between the Tor Project and the US government, which developed the technology and continues to provide the bulk of the project’s annual funding.
>>47545124
there's about 300 people in the world who know how to audit security software. Even a competent C programmer with 20 years of general programming would now understand all the nuances of various crypto protocols and be able to find bugs.
How long was Heartbleed in open source? No one even looked for it. It's inevitable that there are bugs in Tor.
How slow is Tor? And is the "speed" of downloads somewhat consistent?
I'm not trying to hide from intelligence agencies. I'm just somewhat concerned about porn trolls and the like.
>>47545153
Bugs don't make it a honeypot.
China and iran are looking for bugs in tor all day every day, and they haven't found any.
>>47545082
its not, but it doesnt do as much as most people assume it does.
fat hopless pedophiles with no technical knowledge get caught because they think all they need to do is install this thing and it does all the work.
It is an anonymity tool, not a anonymity solution, even if you accept that, with or without tor Identity is shades of grey, its not as concise as a Driver's License and home address.
>>47545153
http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
How about internal NSA documents that show that it's not a honeypot?
Good enough?
Should be unless you're one of those limited hangout guys, then you're retarded.
>>47545107
Yeah. You're right.
>>47545132
The PR firm is because news outlets always link tor with pedos, terrorists and drug dealers.
>>47545186
>Bugs don't make it a honeypot.
sure do when they're introduced on purpose. three letter agencies have teams of people who are figuring out how to introduce bugs so they appear like benign mistakes.
>>47545132
>trying to convice the masses that Tor isn't a illegal place populated with pedophiles and Dross fans is bad
I installed Tor recently, anyway to make it more secure?
>>47545153
1) There are more than 300, and the people that work on crypto protocols themselves arnt generally programmers they are mathematicians.
2) A couple years. It wasnt that long IRL.
3) there are bugs in everything, but there is more economic incentive to fix bugs than to exploit them. Most patches fix problems that have never been exploited in the wild.
>>47545199
those are old. and who knows whether Snowden is not still working for them.
>As we’ve previously reported, the Tor Project received at least $3 million from the State Department from 2007 through 2013 — most of it coming through State Department’s “Democracy, Human Rights and Labor” regime change arm. Tor also took in $3.5 million from the Broadcasting Board of Governors in those same years. Overall, funds from State Department and BBG accounted for over two-thirds of Tor’s budget — that’s not small change.
It's all about regime change around the world. TOR is safe as long as your enemy is not in the US.
>>47545241
it is plenty secure, but the way you are using it may not guarantee anonymity.
There is also a very important distinction between anonymity and security, that people often confuse.
1) Read all of the documents.
2)Tails is the easiest way to use tor effectively.
3) use all the other standard practices one would use to minimize visibility IRL and online. refresh mac address regularly, move locations, use public / unprotected / WEP'd wifi, use cheap disposable laptops.
>>47545252
It clearly shows that the NSA's strategy is not to introduce bugs into Tor, and that even if they did introduce bugs, it has been ineffective.
The NSA has failed to backdoor several major encryption protocols: PGP. OTR. Redphone. This we know for sure from leaks of the dossiers they keep on people, showing that OTR/PGP/Redphone transmissions all show up as encrypted and unbroken while other encryption protocols get broken fairly handily.
So not only does the NSA have a track record of failing to introduce vulnerabilities into free software, but their own internal documents say that it isn't even their strategy when it comes to Tor. Their strategy is mainly to link tor with pedos and to get people to stop using it. That and other ways to get people to stop using it; like flooding the network, creating a bunch of shitty nodes that slow down traffic, shit like that.
Compromising usability rather than security, hoping that people will stop using it.
>>47545252
You're a fucking idiot.
>>47545278
Exactly, tor is funded by the government to destabilise oppressive governments. But in typical government fashion, the left hand doesn't know what the right is doing. The left hand wants to destabilise governments like iran and the right wants to become as oppressive as iran.
>>47545082
Logic is not your strong point.
YES IT FUCKING DOES.
If something is a fact, that means it's easily provable. THAT'S THE FUCKING DEFINITION OF A FACT.
FUCK.
>>47545054
I remember the old days when "Prove me wrong" in the OP was an autoban.
Bought drugs with it and the FBI never came after me so I think you're wrong.
Either way with a VPN you use whatever aids infested network you want.
>>47545278
this is probably the most succinct and accurate explanation of tor's purpose.
If you want to say it in a sentence
>tor is for rubblization
>>47545387
Hope you're not admitting to a felony using your real IP address here.
>>47545345
>oppressive
I think you are being a little generous.
I mean, we actively fund most of them. Tor is really for destabilizing uncooperative governments.
>>47545232
All illegal shit aside, Tor is a really great vent for people in countries where certain speeches or expressions/opinions can or will get you killed.
>>47545412
>YOU WILL EMBRACE THE PETRODOLLAR AND YOU WILL LIKE IT!
>>47545412
Yeah that's it's headline goal you could say. However it's not a tool that you can apply to one country over another. If you try to aim it at iran you could get saudi arabia too. God forbid if a democracy took over in saudi arabia, the saudis fucking hate the US.
>>47545408
4chan is for fiction. its even in the rules
how stoned on internet drugs are you if you think a judge will issue a warrant for a statement like that.
>>47545229
>It might have hidden intentional bugs somewhere in it, so it's a honeypot
But you can claim that about every piece of software ever written. What are you going to do, go back to smoke signals and an abacus?
>>47545054
>Prove me wrong
Why? You don't even believe yourself enough to even attempt to prove yourself right.
>>47545435
It's not about warrant issuing, it's about threading details together.
If they have your IP saying shit about buying drugs, and then your IP using tor, there's a decent enough link there.
Next time you use tor they can intercept your mail.
>>47545455
>source: my brain wired to feel paranoia
>>47545455
Do you realize how unlikely that is? You'd have to be at dealer level to even be considered a potential target.
>>47545467
Hey it's what they did to DPR.
And to the stupid idiot who made the bomb threat.
>>47545474
It's about being an easy target, not a priority one. If they only have to spend like 2 hours of work to nab you, they'll do it just because it's easy.
>>47545433
If I were to guess at how tor was applied I would say CIA probably runs around handing out thumb drives with an instruction booklet and a skype contact to people that sound pissed off on twitter.
>>47545487
They even need TOR, they simply can be advertised by the US Postal Office.
Seriously. Stop using internet and computers. Go back to letters and smoke signals.
>>47545499
Hell why not, they gave guns and bomb-making manuals to osama bin laden back in the 90s
>>47545054
OP is a faggot. Prove me wrong. You can't.
>>47545524
We give guns do everyone. That's kinda our thing.
>>47545547
Go away, Eric Holder.
>>47545528
I can prove you right.
>>47545547
I like how the US keeps doing it even after the whole bin laden thing blew up.
>>47545487
Still have to convince a jury.
>>47545559
Eww. I'm not black.
>>47545054
aes 256 encryption is exceptionally weak, the internet is completely transparent, and having more relays at which they can intercept traffic makes their lives exceptionally easier
oh, wait
o/
>>47545559
Isnt he the dude that was selling guns to the cartels?
I know hilary was in charge of giving them to the Libyans. And Kerry is giving them to the Syrians / Ukrainians. And Patreas was giving them to the people that became ISIS in 2006.
Can we just make a list of people we sell guns to.
Like, we are really fucking good at this.
>>47545654
Yeah. He was also a big part of the housing market crash.
>>47545597
>aes 256 encryption is exceptionally weak
There is no attack faster than bruteforce for AES-256 yet
>>47545672
you cant bruteforce 256-bit keyspace.
>>47545597
conversation at NSA headquarters
>let's push bills to weaken cryptography standards
>'bill failed'
>the new standard is still weak enough to be cracked with ease
>phew
>let's catch some internet rapists/drug dealers/terrorists
>...
>...
>WHERE ARE THE TERRORISTS?
>they seem to only be watching goat porn sir, guantanamo bay detention facilities are currently almost at 90% capacity and 80% of suspects are only being held for streaming bestiality
>drats, nobody wants to buy drugs or guns on the internet
>let's start a super secure super sicrit club of p2p information tunnels so ALL the criminals can be caught selling drugs and ALL the people who w2b illegal guns will be found out
>wow I didn't know 20 something yo white bois could do so much druqs
>shutitdown.jpg
>fun loving dread pirate roberts gets it in the ass for selling drugs to kiddies and nobody will ever know that IT WAS A TRAP ALL ALONG
>promotions to the team who came up with the PR stunt where we actually hacked into TOR w/o having a backdoor already INSIDE THE PROTOCOL :DDDDD
>fug look at all these kiddie titties we can fap to
>>47545680
You can bruteforce anything with enough time. I didn't say it was practical, just that there is no faster attack.
>>47545672
wtf do you think the NSA datacenters are for? storing text? they don't have a storage problem I'm 99% sure...
>>47545719
I assume they're for the imaginary attack you made up that makes AES-256 exceptionally weak
>>47545701
Okay, then I'll say it differently, there will not be enough time to bruteforce a 256bit keyspace. Its not only impractical, how it would be done is inconceivable.
>>47545766
http://en.wikipedia.org/wiki/IBM_Sequoia
if the NSA had one scientist with lab access to this computer...they could just send them a years worth of internet traffic on a fucking flashdrive and rofl-lmao on the floor whilst they get the plaintext back as soon as it takes USPS to deliver from point A to point B
>>47545823
No dude, even if you converted all the matter in the universe into a single quantum supercomputer you still wouldn't be able to bruteforce AES-256 before heat death
>>47545408
Don't think it counts as probable cause unless you mention specifics and a timeframe. Of course, he could already be under investigation and not know it.
>>47545823
They might be able to do it if they had a breakthrough in factoring the product of two primes, which is not inconceivable. but that would have nothing to do with AES, that would be RSA.
If they didnt have a novel undisclosed way to factor the product of two large primes they might optimistically be able to recreate a single 2048-bit RSA key in a year, and they would still need magic NSA fairy dust to do it.
>>47545861
Of course, but linking your IP to your activities is just one more brick in the wall.
>>47545858
I'm not sure its quite that extreme, but the requirements are still unfathomable.
>>47545858
I don't think you get how the most effective bureaucratic in the history of space works. If they see something that COULD work, they make a move and build it. If it were impossible, there would be no datasite on the dawn of the bad publicity they received from Snowden. You wouldn't see a picture on the news of the newest NSA cluster if it wasn't there for SOMETHING. A refresher on the USA justice system as of lately: if you spoke with someone you shouldn't have been spoken with MAYBE, if the way you spoke with person involved mailing your packets through a list of known criminals, and if your conversation is documented but not legible, a copy of your conversation will be held. I'm sure they kept it above ground because the chunk they're taking out of the US treasury extends their annual budget and it would be terrible press if they were found out hiding the fact that they can read the internet's mail.
>>47546019
Then your problem isn't TOR but the fact that the NSA has cameras on all your clothes and in all your rooms right this instant
>>47546019
its a datacenter, not an anomalous exception to thermodynamics.
realistically they are warehousing everything they can, analysing the plaintext and storing the RSA so they can take a crack at the things they think are important in 20 years when they can actually factor a 2048-bit RSA key.
>>47546062
the main problem is that nobody knows how to convert mathematical scenarios into ones that scale computationally or perhaps that nobody is reading this thread other than the NSA and /g/ tech-loli-gy, which could be considered good considering that speculations that could be granted validation from the implications of these implications are potentially mentally and spiritually corrosive.
>>47546112
oh hi NSA
I didn't kno we were still trolling 4chan
>>47546125
the most corrosive thing in this thread is the composition of your post. its like half the words melted off the page as you typed it.
>>47546158
naw
it's speculated that a) the USA government is evil and self contradictory
b) the implications of mass surveillance is that they want the metadata, not the content of the messages
c) the implications of making a cluster is that they are trying to read the otherwise private messages which would confirm that the USA is actually not a coincidental gathering of the foulest scum to breathe, and is in fact an octopus that wants to eat the planet
>>47545948
Assuming a quantum computer you can sqrt that, 2^128. Pick a rate of calculation, if you said any rate possible, you're wrong.
This is ignoring the fact any current quantum computer couldn't even do AES's key schedule.
Cryptanalysis by mathematicians would be much, much, much more effective. Rijndael has a flaw, we just don't know it yet.
>>47545252
>9 11 was caused by the government conspiracy! :^):^:):^):^):^):^):^):^):^):^):^):^):^):^):^):^):^):^):^):^):^):^):^)
>>47546133
no, I will happily dub myself the most aware (read paranoid) tinfoil hat libertarian on /g/. The reason I'm disagreeing with you is because you lack any sort of basic knowledge about anything having to do with writing, googling, computers or that 2^256 is apparently a really big number, and the universe would probably end before you could get a computer to count to it..
http://crypto.stackexchange.com/questions/1145/how-much-would-it-cost-in-u-s-dollars-to-brute-force-a-256-bit-key-in-a-year
http://security.stackexchange.com/questions/6141/amount-of-simple-operations-that-is-safely-out-of-reach-for-all-humanity/6149#6149
>>47546223
>the implications of mass surveillance is that they want the metadata, not the content of the messages
Those might be the implications, but the reality is that they collect more than metadata.
They collect the content of communications too.
With non US data, they collect everything. With US data, they collect everything and say it's only the metadata.
>>47546263
did u just site stack exchange as a reputable source in being anything other than a JS learning dildo?
Guys... GUYS.... encryption is never bruteforced! It's BYPASSED!
>>47546269
hi mr NSA agent :^)
>>47546296
What the fuck kind of attack do you know that bypasses AES-256
>>47546296
the most profound discoveries are often accidental...for instance right now I just realized I'm posting on a honeypot without using https in the URL bar 0_0\
>>47546312
I call it the 'date-fuck-n-ditch'
>>47546312
most people are too idiotic to even know how to USE A FUCKING AES API call! I'm not kidding. Most people use ECB AES to encrypt stuff.
>>47546288
>Stack exchange post on crypto quoting bruce schnier.
>not reputable
how new are you
From Adi Shamir... one of the inventors of RSA.
>>47546343
you get exponentially stupider for each operating switch you transverse
>>47546356
Duh?
The encryption is solid so they go after the points where the data is unencrypted by the user.
For example; through your operating system.
>>47546356
Thank you. All the NSA bullshit is just a way to sell retards into the cyber security job market.
They backdoor your hardware, they backdoor the drivers, and they backdoor the operating systems. They don't give a FUCK about how you encrypt it as they're reading it on your desktop as you are.
>>47546356
The point is that somebody called AES-256 "exceptionally weak." The fact that now we agree that AES-256 must be bypassed instead of penetrated shows that it is in fact not "exceptionally weak."
>>47546354
sry but I don't follow clickbait
>>47546356
. Clifford Cocks, an English mathematician, had developed an equivalent system in 1973, but it was not declassified until 1997
>>47546394
good job diluting my valid point...further
further than necessary
>>47546404
sorry to be the one to tell you this, but you dont know what clickbate is either.
>>47546428
clickbait is where the header text of an arbitrary non encyclopedic article is part of the URL
>>47546454
Yeah you don't know what clickbait is.
>>47546454
for instance
>>47545054
is a prime example of clickbait
before moot went mainstream it was impossible to do clickbait in 4chan besides epic rolls..having a catalog was the embracing of this epic concept of clickbait
tmyk
>>47546464
I bet your mom knows how to clickbate, go ask her.
>>47545387
>Either way with a VPN you use whatever aids infested network you want.
Dude, a VPN is a single point of failure. How would you know that they wouldn't sell you out?
>>47546482
No, OP is laying bait, not clickbait. OP is baiting for responses. Clickbait is the general technique of creating content for the sole purpose of having someone view it, usually for the generation of revenue through advertisements, although this is not a mandatory factor.
In a broad sense, clickbait is "Baiting for clicks". One of the techniques is descriptive URLs like www.clickbait.com/one-hundred-things-you-will-not-believe-you-have-to-do-before-you-die-that-will-shock-you that usually take their description from the headings of whatever stupid article has been shit out by clickbait.com. Clickbait can also be videos, a youtube link with a description "You HAVE to see this video, you will be shocked at what this fish does with this baited hook". The technique to create clickbait are not part of what clickbait is, it's like saying a car is a rubber tyre when the tyre is just a functional component of the car.
>>47546482
it also denotes an incentive for someone to stay on a page, read and usually be served ads.
which is stack exchange how? Its not even curated content. If someone is shilling a product maybe, but no, that's not clickbate.
>>47546552
I copy and pasted the URL of OP and it regex'd into a post # reference
http://boards.4chan dot org/g/thread/47545054/tor-is-an-nsa-honey-trap-prove-me-wrong-you-cant
