Viewing a single comment thread. View all comments

celebratedrecluse OP wrote

Why do you think the US Military bankrolls this project?

Where do you think the money is going?

Why would they invest in something that does not benefit them?

A wet paper towel is not better than a wet toilet paper, when it comes to drying your clothes. Similarly, a global adversary will rip right through tor, they have automated systems to do so. The snowden leaks...revealed this. I'm serious, there was one powerpoint in particular from about seven years ago called "Tor Stinks" that detailed their plan to deal with this obstacle and deanonymize the users by running a plurality of the relays. If you think there isn't a use of soft power to do so, you are kidding yourself, because you want to believe in the technology over all political reality. This is the technocratic mindset that I referred to above. The government would not continue to fund this if it wasn't serving their interests overall vis a vis foreign policy.

I don't have a problem, I don't live in USA, and I do not think they will drone strike me at this time. But I don't imagine for a second that I am not able to be tracked by the government that funds the tor service. I am just not as worried about those threat model. But the people on this website, seem to be disproportionately USA residents, because it is english language predominantly. is relevant to bring up.

It would be different if tor relay technology was able to be federated, creating smaller networks which are invite only. But I have not heard of such an implementation of onion routing. I think it would be a great experiment for anarchists to look into.

Signal does not enable sealed sender for all messages...only ones with your contacts. If you are speaking to someone for the first time, guess what is sent to the server? The metadata. On a USA server. Where all traffic is monitored by government third parties, no doubt. If the USA government wasn't doing that...I would lose faith in their capacity to do basically anything.

Might want to consider how this will be used for metadata mapping, I imagine it is quite effective. Sure, you are not getting a picture over time, but with active Signal users numbering only in the tens of millions, it is trivial to use such first time messages to paint a picture of point in time contact networks. Which has its uses, no doubt more profound than the non-tech people who take Signal at face value usually consider.

If sealed sender is enabled for everything, at this time I believe there are concerns it could present a censorship liability for the service. Which is why, at this time, it does not appear to be enabled by default for all messages on the default install. There is a catch 22 here that hasn't been solved, if i am mistaken i am happy to learn more about the system but this is what i read in the link you provided, a blog post that i am already familiar with.

the address book is distributed and user-owned.

Is it, moxie? No, it is on a very compromised device, 95+% of the time people are not running the app on a virtual machine or using desktop only or whatever shitty hack their substandard software forces people to do if they want actual privacy with basic functionality. Relying on embedded OS contact lists, and phone numbers, and apple/google app an enormous problem. The service kicking the problem down the road, making people even more dependent on a deeply compromised structure, is the very problem I am trying to point out. But you are speaking as if this is a strength of the code. In any political context, this is a very misleading argument which leaves non-technical political users with a very inflated view of their security.

Signal's threat model, like Tor's, does not account for USA government. This is the only point I am making, they would both admit as much to you. As far as the "big brother" link, I would refer you to the Apple-FBI drama over the San Berdanido (spelling?) attack, and Apple's presence in the snowden leaks as a collaborator of the NSA since 2012. These type of fake legal battles are conjured to keep people using certain, few platforms. Why? To concentrate all the users of interest into just a few platforms, making surveillance and contact analysis easier, by layering the systems one on top of another so you cannot escape without what most people would consider impractical and technically complicated shitty hacks.

But instead of owning up to this, or making the system easier to use safely, they spend time making sticker packs to encourage more snapchat and Tik Tok users to switch. And desktop still cannot make or receive calls, video or voice, after years. I guess they really want you chained to your smartphone, how considerate of them right?


stoned_chief wrote

Why do you think the US Military bankrolls this project?

Because they need to use Tor themselves. These technologies aren't made to just benefit the people, they also benefit the government agencies/organizations who fund them. Tor wouldn't work if it was only used by military/intelligence. They needed to open it up to the public.

Is Tor perfect? Fuck no.

Is Signal perfect? No, it actually kind of sucks.

Does that mean they are completely backdoored and purely made for surveillance? No... Well, at least Tor isn't. Signal can be sort of sketchy because of how centralized it is, but they also allow you to verify your contact's keys as well so worst-case scenario you just have to verify that they are providing the correct crypto keys.

We 100% need to rebuild technology from the ground up. Networks/the internet, hardware, firmware, software, it's all backdoored. But that doesn't mean we should completely disregard these band-aid solutions for the time being. Instead of attacking these projects, I think our time would be MUCH better spent on getting the word out about how everything is backdoored and why we need to rebuild everything from scratch, because until then, we will never defeat state/corporate surveillance, we can only fight a constant battle of trying to minimize it.