this post was submitted on 05 Mar 2026
196 points (98.0% liked)

Privacy

5319 readers
97 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 1 year ago
MODERATORS
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
196
Congress Is Considering Abolishing Your Right to Be Anonymous Online (theintercept.com)
submitted 1 day ago by schnurrito@discuss.tchncs.de to c/privacy@lemmy.dbzer0.com
18 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] ThePantser@sh.itjust.works 39 points 1 day ago (3 children)

Guess it's TOR time then.

[–] abbiistabbii@piefed.blahaj.zone 14 points 1 day ago

It's Tor time!

Come on, grab your friends

We'll send our data through

Distant lands.

[–] NaibofTabr@infosec.pub 11 points 1 day ago (2 children)

Yes, surely TOR will protect us from government surveillance...

The project was originally developed on behalf of the U.S. intelligence community and continues to receive U.S. government funding, and has been criticized as "more resembl[ing] a spook project than a tool designed by a culture that values accountability or transparency".[177] As of 2012, 80% of The Tor Project's $2M annual budget came from the United States government, with the U.S. State Department, the Broadcasting Board of Governors, and the National Science Foundation as major contributors,[178] aiming "to aid democracy advocates in authoritarian states".[179] Other public sources of funding include DARPA, the U.S. Naval Research Laboratory, and the Government of Sweden.

[...]

Critics say that Tor is not as secure as it claims,[185] pointing to U.S. law enforcement's investigations and shutdowns of Tor-using sites such as web-hosting company Freedom Hosting and online marketplace Silk Road.

But also...

In October 2013, after analyzing documents leaked by Edward Snowden, The Guardian reported that the NSA had repeatedly tried to crack Tor and had failed to break its core security, although it had had some success attacking the computers of individual Tor users.[27] The Guardian also published a 2012 NSA classified slide deck, entitled "Tor Stinks", which said: "We will never be able to de-anonymize all Tor users all the time", but "with manual analysis we can de-anonymize a very small fraction of Tor users".[186] When Tor users are arrested, it is typically due to human error, not to the core technology being hacked or cracked.

[...]

A late 2014 report by Der Spiegel using a new cache of Snowden leaks revealed, however, that as of 2012 the NSA deemed Tor on its own as a "major threat" to its mission, and when used in conjunction with other privacy tools such as OTR, Cspace, ZRTP, RedPhone, Tails, and TrueCrypt was ranked as "catastrophic," leading to a "near-total loss/lack of insight to target communications, presence..."

https://en.wikipedia.org/wiki/Tor_(network)

YMMV, and your implementation and usage matter.

[–] FauxLiving@lemmy.world 14 points 1 day ago (2 children)

Yes, surely TOR will protect us from government surveillance…

I don't get the sarcasm. Everything that you've posted suggests that it will.

Simply pointing out public funding doesn't make it less secure. It's implying (or allowing others to imply) some hidden conspiracy that breaks TOR in some way that we don't know about. If this is a source of vulnerability, it has not been demonstrated.

Based on what we do know:

“We will never be able to de-anonymize all Tor users all the time”, but “with manual analysis we can de-anonymize a very small fraction of Tor users”.

when used in conjunction with other privacy tools such as OTR, Cspace, ZRTP, RedPhone, Tails, and TrueCrypt was ranked as “catastrophic,” leading to a “near-total loss/lack of insight to target communications, presence…”

TOR is open source and the protocol is well understood. The software has been audited multiple times by multiple different sources.

The TOR network itself is secure.

The people who get 'caught using TOR' are caught based on other failures of their personal security. Like forgetting to enable TOR once and logging into an IRC channel, connecting to a malicious site with a javascript enabled browser, running TOR on an exploitable phone or running a business who's payments travel through financial networks viewable by the adversary.

There's more to cybersecurity than simply installing the TOR browser bundle. If you are not familiar with this field, do not risk your freedom or safety trying to do things on TOR which would cause you to come to the attention of intelligence services or other bad people.

[–] sefra1@lemmy.zip 3 points 1 day ago

Tor is not as secure as people think, all you have to do is to be able to analyse traffic on both entry and exit nodes, (or just your ISP and the server). Some companies can do this as they provide services to ISPs and have access to realtime traffic analysis from all over the world.

If a private company can do that, so can any government that can coerce or bribe those companies.

There was an article I read some years ago about a guy who was getting ddosed on his tor hidden service and he contacted someone who manages those companies and they found his hidden service's IP in seconds.

[–] refalo@programming.dev 1 points 1 day ago

We will never be able to de-anonymize all Tor users

No, but the implication is that they may be able to do a lot of it, and we can never know.

What came just a few pages later in the presentation you referenced is "Goal: expand number of nodes we have access to".

That has been their goal for practically decades at this point.

Is it really some conspiracy-nut level stretch to think they might be operating thousands of nodes today and have much deeper penetration than we think?

[–] Goodlucksil@lemmy.dbzer0.com 1 points 1 day ago (1 children)

They say that your friends are your greatest enemies...

[–] LytiaNP@lemmy.today 3 points 1 day ago

If the US gov is good at anything, it's shooting itself in the foot

[–] anon5621@lemmy.ml 6 points 1 day ago

No, time for i2p.