[Noisebridge-discuss] Anti-piracy / anti-Pirate Bay law currently in Congress

Jacob Appelbaum jacob at appelbaum.net
Tue Sep 28 07:52:48 UTC 2010


On 09/28/2010 12:41 AM, Thomas Stowe wrote:
>> Wow, you can't trace TOR users? Guess you're not as cool as HD Moore:
>>

You know - I know HD and while his work is good - he's just made our
system better. We use decloak.net as a regression test these days - we
beat it every time. Torbutton and Firefox are pretty good tools for
protecting your privacy.

>>
>> http://www.zdnet.com/blog/security/hacker-builds-tracking-system-to-nab-tor-pedophiles/114
>>
>>
>> <http://www.zdnet.com/blog/security/hacker-builds-tracking-system-to-nab-tor-pedophiles/114>
>> http://digg.com/news/technology/HD_Moore_cracks_TOR
>>
>> <http://digg.com/news/technology/HD_Moore_cracks_TOR>As for the rest. Do I
>> take you at your word for it? No. Do I beleive you? Sure. Those are actually
>> mutually exclusive, unless you're gullible.


Anyway, old meme dude. You're behind the times. HD didn't crack Tor any
more than you've learned to use the Enter key on your keyboard.

>>
>> I don't intend to write on this topic again. I really don't care to fight
>> for "internet anonymity" because in reality, it's a flawed and noble idea
>> and doesn't impact me. I really don't think it's important at all, except
>> maybe for Pedos, Criminals or people just obsessively fascinated with
>> encryption and privacy. I've noticed a lot of people so very obsessed with
>> privacy as to miss the point of security and also enable criminal actions.
>> That's sad. Maybe I'm a prick or maybe you're an idealist but at this point
>> that doesn't matter either.

Perhaps not everyone has position of privilege that you seem to think
you have?

>> Exploiting TOR to ID a particular user is
>> possible (given certain circumstances, especially if it's habitual use I'd
>> hazard to guess). 

Cool - let us in on your 31337 zero day?

> The average user that's using TOR and nothing else could
>> probably be ID'd so it's not a stretch to say "tor users can be ID'd". Does
>> it matter if it exploits what you use with TOR? 

If you're not using anything else - how are you using a computer? Tor
serves as a proxy, you've got to use it with other things. Define some
parameters here and we've almost got enough to make a point!

> I personally don't think so.
>>  I suppose PGP is still secure too, right? lol

Please do crack this - I'd love to know your response to my enclosed
statement:

-----BEGIN PGP MESSAGE-----

hQIMAwAAAAAAAAAAAQ/9Gzeppf9CuXfJ2sWeV2fLSf716u+up94S4QcPcl2VmKBk
5qhnlZRNqil9S76lkDySMU8gjjm79ddsxxyi0zT2cWB0UZWKyCTPrrTB71cuOC0j
8+kSicLxikFwfzRslPiCgD2c5Zcj7PU5uhTCyRlN8gL1Keak7LKZQ+XMk0kWMH7j
He8aqQN8gwqtTA5qGq6m6c3Xc7XdoNpDwi/TfR+ZQeLJfjIZz5FxE/M0XMIFMWjw
SLqaTZKCs2oAvyfK3jjypNAAP+dO35lfdf4uY3zep6q4UnOsQvfYQlkmTFpnhMGt
+LUfcngTbbNnMdkJzg2aakol5BhMZBAf/6lbS1EoYre6O5ilhUnkDFJOlGCh3cWB
MtVV4V0UJAv7U3HUiZBWmUM/yIuUUU1fexpH5gsIHWr6nDh4ihG45Su8rziBKLy6
GOAyJjZopLoMze1D3DJeXlUth4FRR+ZGzfjDZvNwErol0la/QI3aC4tZaAGtWuLY
Q+PqltOdK8HAuEZS/qVJPmJF9MK6NNwuJNO4guvKV1gH60zNCdTFa+Rqxebs8Vh1
U/PKqE3g4qZ2eINM7NGxsu/8G1F6P7+heO0jOTJukmtJ3vO0KT8Kz1ucZISO1IW8
LybXI8Qyu+eNM9vBk5RFJEdd2Ga084mi3glHbo29iM5AGiKbQ38lJIDOtKDcgDbS
RwEafx4WdaJM7bmiOg0BvlKHEiOuI+UQk1xlqEsO2dJjk6dtojch0A+DcY0YwQk0
V10IL/Em8lsjxub+dv/Y3wZhcycETnJw
=oQAl
-----END PGP MESSAGE-----

>>
>> http://blog.crackpassword.com/tag/gpu-acceleration/
>>
>>  <http://blog.crackpassword.com/tag/gpu-acceleration/>GL
>>

You clearly do not understand the difference between symmetric and
asymmetric cryptography, even in a high level sense of the possible
differences, do you?

Please stop emailing me off list - it's annoying. If you really want to
drop the conversation, do so.

All the best,
Jake



More information about the Noisebridge-discuss mailing list