[cryptography] To Tor or not to Tor?

Jane third at angels.la
Thu Mar 27 02:47:56 EDT 2014

Dear Mr. Young!
Could you condense your fairly complicated narrative into something more
manageable and practical?

Are you suggesting, mayhaps, that we should abandon any system that may
have faults (either intended or accidental, and it's quite apparent that
any human-engineered system will at the very least have accidental faults) ?

On Wed, Mar 26, 2014 at 3:23 PM, John Young <jya at pipeline.com> wrote:

> Ubiquitous use of a comsec system is a vulnerability, whether
> PGP or Tor or another popular means. Crypto advocates and
> Tor encourage widespread use as a defense but may be luring
> victims into traps. The more users of a system the more likely
> it will be attacked by officials or by malefactors. And the attacks
> are most often overlooked in the volume, or excused as a price
> of popularity, fixes underway, always underway, keeping coders
> and investors happy as engineers mud-wrestling and financiers
> soused.
> Most trusted systems (MTS) are where the money is, as with banks,
> so that's where robbers make their living, and MTS set up budgets
> for loss, PR, lobbying, training staff in cover-ups and workarounds,
> hiring ex-regulators and distinguished industry leaders as advisors,
> board members and faces of the MTS around the planet.
> The lucrative boomlet in comsec generated by Snowden Inc's
> marketing gambit promoting encryption and enhanced comsec
> among media mouthpiece megaphones indicates that another
> cycle of dubity of the status quo comsec confidence game is
> to be followed by a repair and rejigger protection racket,
> as evidenced on these mail lists, at conferences, and no doubt
> in halls of semi-classified exchanges everready to share tips
> and tricks to ratchet up demand for security in all its devilish
> manifestations.
> Was it not mere months ago when a call was issued to redesign
> and or replace the entire Internet from top to bottom, the whole
> thing, to end the futile comsec tinkering and delusionary marketing,
> no way the Frankenstein could be made secure for human use,
> it had fundamental faults which precluded durable comsec.
> Perhaps re-Frankensteining is being done in semi-classified
> halls, hindered by by official and commercial and scholarly
> exploiters of the monster's faults to advance their interests
> in advocating MTS for public use, just keep those research
> and investment funds flowing.
> No risk, no security market, so what fool would want an Internet that
> had no faults. No bank would want perfect security to be available
> directly to customers. No military or spy agency would want perfect
> national security available to the citizenry. No government would
> want a threat-free populace. No comsec industry would want ...
> Best to aim for pretty good comsec and call it best that can
> be done but cheating happens, thank you Edward Snowden,
> so prepare for disaster "not if, not when, but now." Intel
> committees wokring hand in hand with Snowden Inc. to keep
> the public panicky and needful of secrecy protection of
> the holy grail, national security backed by WMD.
> In short, Tor is a confidence game, crypto is a confidence game,
> no better than military, espionage, publicity, entertainment, finance,
> law, insurance, education and religion. Oops those are the primary
> routes to wealth and power concentration and need for WMD
> protection.
> What, you say WMD is a confidence game? Getoutahere, that's
> top secret codeword core faith in secretkeeping. Without that
> fundamental Frankensteinian fault nobody would buy security
> against the Doctors of monsters working hard at most secret
> laboratories on earth to devise crypto for assuring WMD comms
> and launch threats are pretty good at persuading the public to
> pay the steep protection fee -- which it should be noted is
> laundered through IRS and NGOs, blessed by FRS and SEC.
> Damn 3 lettered agencies of God.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20140327/0bc050ca/attachment-0001.html>

More information about the cryptography mailing list