lena

Reply to comment by /u/Pop in So, I created a netsec forum by /u/lena

2

lena wrote

I'm somewhat aiming for something that might also have some offensive security research, too, not merely defensive/personal. Having a space for that kind of thing might hopefully help dispell a lot of the cargo-cult security practices that people tend to rely on for opsec, too.

3

lena wrote

A hostile network IS a valid use-case, but the vast majority of corporations outside on the internet will still be able to identify you. Facebook, for example, will likely know exactly who you are and what you're doing on the internet, VPN or no. Same with Google et al.
I apologize if it seems like I'm spreading FUD; I'm trying to get people to have a more accurate threat model. I see a lot of advice about using VPNs, and honestly, in general, it's not very helpful, mostly because it's just shifting the exit point for your traffic. They are not the silver bullet people assume. Also, in all honesty, a truly malicious ISP will likely be able to spy on you regardless of the VPN. The reason I recommend Tor is because of the layers of crypto, preventing the entry node from knowing anything about your traffic.

7

lena wrote

The German intelligence "report" that got leaked indicating they didn't trust/"could break" Tor was the babbling of an infantile intelligence agency desperately trying to be noticed by the big boys.
If the NSA can't arbitrarily decloak Tor users (and by all accounts, Snowden's leaks suggest that), then I find it unlikely the Germans can. The NSA has better contacts, cryptographers, machines, and considerably greater resources.