[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] Tor is anti-censorship software

On 06/30/2016 05:52 PM, Zenaan Harkness wrote:
> On Thu, Jun 30, 2016 at 03:10:42PM -0400, Paul Syverson wrote:
>> On Wed, Jun 29, 2016 at 11:54:04AM -0400, Mansour Moufid wrote:
>>> The advertising doesn't correspond to reality, because it's false
>>> and dishonest, not because the user is dumb.
>> Why do you imply the user is dumb? I certainly reject that
>> characterization of users. I assume that, like myself, most users
>> can't give an accurate description capturing every important property
>> of most of the tools they use, microchips, automobiles, airplanes,
>> etc.  That's not because they're dumb, but because nobody can, or
>> indeed should try to, know all the important things about everything
>> they rely on.
> "Users are dum" in this context is not pejorative!

We could just say "casual" or "unsophisticated".

> It means many tor users these days, because it is so easy to use,
> are not able to take the language as it is currently used on the tpo
> website, and subtract out what it does not mean.
> To be more blunt, these "dum" users are reading a lot more into the
> terminology --as it is currently used on the tpo website--, than they
> should.

It does seem that they are, from the news. Of course, we see news about
pwned drug dealers and pedophiles, and they're arguably not among Tor's
target users. And it's arguable that most of Tor's target users are not
being targeted by global adversaries. Or at least, in the cynical sense
that enemies of the US are also not not among Tor's target users. But
I'm not going to make that argument. Rather, I'm willing to accept the
assertion that resisting global adversaries is just too bloody hard.

So anyway, would it be too much to expect the Tor Project to explicitly
state, on the front page, that users shouldn't count on Tor if they are
concerned about adversaries with global reach? Such as the NSA?

> Average users who are competant to install TBB with a "yeah, I want some
> anonymity" and a "great, protects us from traffic analysis" and a
> whistle dixie.

If you look at the news about pwned Tor users, it's pretty clear that
most (if not all) were using Tor browser in Windows. NIT is Windows
malware. There have been Firefox bugs, but they've been exploited
through code that only runs on Windows. Or am I missing something?

Another issue is that these user exploits all relied on accessing the
Internet directly, rather than through Tor. Right? Anyone who actually
cares about [anonymity | unlinkability | deniability | privacy] should
be segregating networking from the browser and other apps. Whonix is an
easy way to do that. VirtualBox works well in Windows.

> Users should be reading such terms extremely conservatively, and with
> many "caveats", and the tpo website does not help them to assume these
> caveats, so these dum users make all sorts of assumptions based on
> intuitive and --common-- understandings of the terms as currently used
> on the tpo website.
> That can, and should, be named as false marketing.

There's also the fact that they don't want to frighten people away.

>> What I think Tor does well (but could always do better)
>> is get the gist of things across, and then (more than most other
>> communities or organizations) provide the means for anyone who has the
>> time, tools, and inclination to fruitfully probe as far as they wish.
> TPO website needs to lower expectations.

Or offer better options.

> Common understanding of terms used ("dum users") causes assumptions by
> these dum users which do not match reality.
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to