TOR hacked by the FBI?

I'm not surprised at all. Law enforcers have always been regarded by governments as if they were above the law, though legally they are not.

As for the NSA, the NSA is an abomination of the human spirit.
 
IMO it's worth it to catch the child rapists, who are sharing pictures of child rape on Tor hidden services.
Catching criminals is always worthwhile -it's more important to stop them, which isn't exactly the same, but that's more of a nitpick- but the same limits should apply to this as to why illegally obtained proof can never be used to condemn the accused and only to exonerate them.
Mise said:
Not that we really have a choice in it: if there's a thing that allows activists to talk in secret then there will also be a thing that will allow paedophiles to share pictures of children being raped in secret. Various gov'ts will try to stop both things. We don't get a say in this.
Why shouldn't we get a say in what these shady organisations do, allegedly, by our mandate and for our own good?
 
Nitpicks are important after all. We do have a say. We jsut don't exercise the right, because no one ever puts forward a bill trying to prevent governments from doing this.
 
I agree that there should be more public oversight of these things; I'm saying that there isn't right now, because these things get done entirely in secret. The fact is, there may be perfectly valid reasons for the vast security networks and under-the-radar hacking that goes on, and if it got put to the vote, I'm sure we'd all agree that at least some of what the security service does should continue. The security services seem to think that this is all perfectly justifiable. Well, go ahead, justify it! Put it to the rigours, the checks and the balances of democracy.

no one ever puts forward a bill trying to prevent governments from doing this.
That's not how it should work. The government should need to put forward a bill to allow the security services to do things. The fact is, right now, the gov't can do things without justifying it, because they do it in secret. How can we prevent them from doing things that we don't even know they're doing?
 
Nitpicks are important after all. We do have a say. We jsut don't exercise the right, because no one ever puts forward a bill trying to prevent governments from doing this.

They just tried to pass a bill restricting it. Spoiler alert, it failed :shake:

http://freethoughtblogs.com/singham/2013/08/02/more-on-the-amash-conyers-amendment-vote/#more-17024

The close 217-205 vote defeat in the House of Representatives on the amendment by freshman congressman Justin Amash and veteran John Conyers (both from Michigan) to curb the surveillance powers of the NSA clearly has shaken up the establishment. David Kravets finds that there was a significant pattern in how people voted: “It turns out that those 217 “no” voters received twice as much campaign financing from the defense and intelligence industry as the 205 “yes” voters.”

Watch the Daily Show clip on that page - it's brilliant.
 
Ahh, I didn't realise the browser was an outdated version. For some reason I assumed that the latest version of the Tor browser bundle came with FF 17, whereas if I understand you correctly, the bundle uses the latest FF version but the victims of this hack were using an old version of the Tor browser bundle. In that case, yeah, it's probably not-so-techy people who got done by this...

actually, it turns out I was wrong. The current TOR package does come with FF17 as that's apparently the current Extended Support Release
 
Yeah, it apparently fixed the exploit. For now.

Still, those momentary lapses in security would be scary if I were actually buying drugs or something. As it is I'm just using it to provide a minimal layer of obscurity while I read various blogs.
 
I agree that there should be more public oversight of these things; I'm saying that there isn't right now, because these things get done entirely in secret. The fact is, there may be perfectly valid reasons for the vast security networks and under-the-radar hacking that goes on, and if it got put to the vote, I'm sure we'd all agree that at least some of what the security service does should continue. The security services seem to think that this is all perfectly justifiable. Well, go ahead, justify it! Put it to the rigours, the checks and the balances of democracy.
The slogan used to justify this kind of action is that if we (the non-military) have nothing to hide, then we have nothign to lose. This could be turned upside down…
Mise said:
That's not how it should work. The government should need to put forward a bill to allow the security services to do things. The fact is, right now, the gov't can do things without justifying it, because they do it in secret. How can we prevent them from doing things that we don't even know they're doing?
Then it's not legal, because a law is not enforceable if it isn't public knowledge.
They just tried to pass a bill restricting it. Spoiler alert, it failed :shake:

http://freethoughtblogs.com/singham/2013/08/02/more-on-the-amash-conyers-amendment-vote/#more-17024

The close 217-205 vote defeat in the House of Representatives on the amendment by freshman congressman Justin Amash and veteran John Conyers (both from Michigan) to curb the surveillance powers of the NSA clearly has shaken up the establishment. David Kravets finds that there was a significant pattern in how people voted: “It turns out that those 217 “no” voters received twice as much campaign financing from the defense and intelligence industry as the 205 “yes” voters.”

Watch the Daily Show clip on that page - it's brilliant.
So, basically, you have 'industry', i.e. those who depend upon the 'defence' i.e. war and 'intelligence' i.e. spies paying some money back into blocking bills that would rein in their paymasters. I think that's called a safe investment.
 
actually, it turns out I was wrong. The current TOR package does come with FF17 as that's apparently the current Extended Support Release
It is for about one more month, which suggests that the disclosure of this exploit and related arrest(s?) might be strategically timed with it's expiring effectiveness.

On the other hand, version 17.07 patches the exploit, and I'm confused on the time line whether that came out before or after the FBI bug became known. It might be that the exploit was found and patched independent of the FBI bug, and the FBI made arrests from it because the bug was no longer useful already.
 
That's not how it should work. The government should need to put forward a bill to allow the security services to do things. The fact is, right now, the gov't can do things without justifying it, because they do it in secret. How can we prevent them from doing things that we don't even know they're doing?

Actually, the permissions were given to the NSA in several congressional bills, all of which are public record.

I think the problem is that it doesn't get picked up by the media in time for normal people to put pressure on our voices in Congress.
 
It doesn't get 'picked up' because the media doesn't want to broadcast it, what're FOX and the others but the voices of power?
 
How can we prevent them from doing things that we don't even know they're doing?

We can't. No matter what laws are passed to the contrary or how well they are (ostensibly) enforced, there is nothing to prevent a government from doing things in secret in secret.
 
Tormail is still down, should I assume all my emails are in the hands of the government?
 
Tormail is still down, should I assume all my emails are in the hands of the government?
Tormail was on Freedom Hosting, the owner of which was arrested (pending extradition) from this exploit, but reportedly all data on the servers was taken down by the host, not the FBI. Who knows how thoroughly the content was erased.

Also, I can't speak to the encryption built in to Tor Mail that might protect stored emails.
 
I was interested by this article about others similar services that are pulling the plug rather give supposedly confidential data to the authorities. I take 2 messages from this:

  • If you want to be secure then DIY (PGP on a local computer)
  • If you want to set up a comunication company (like gmail) do not do it in the US

Will this hurt the US ecconomy if no-one trusts US companies with personal data?
 
Yes, this is almost certainly going to have a negative financial impact on US tech companies - I'm thinking about Amazon's cloud computing in particular.
 
Actually, the permissions were given to the NSA in several congressional bills, all of which are public record.

I think the problem is that it doesn't get picked up by the media in time for normal people to put pressure on our voices in Congress.

Yes, this is exactly the case. Though it's worth mentioning that some of the details and implications of what the law allowed the government to do were kept secret. A few congressmen or senators would publicly criticize the law but had to stop short and say things to the affect, 'if the public knew the details they'd be shocked' due to the need-to-know basis of the program or whatever.

What gets me about the outrage over the NSA program boils down to two things:

1) Many of the people who now blast it are the same people who decry the government for not doing enough when the Boston Bombing happened or if something else happened. This group also largely overlaps with:

2) People read headlines and listen to talking heads and feed back the outrage they think they're supposed to feel. They don't actually understand what it is that the program is or what it does, they don't understand the security services environment or the nature of global threats as a whole and they most certainly don't care to read the details and fine print.

Now, to be absolutely clear, I do not label anyone here on this thread or CFC in general as falling under either category. Quite the contrary, the group who posts here is very well-informed and the points you all raise in objection to the program positively influence my own thoughts on the matter. The above categories are just my take on the John Q Public at the moment.

I'm also not trying to defend the program or anything - just pointing out that there is so much ignorance in the general public at the moment that reasonable discussion of the subject is hard to get at.
 
Top Bottom