Tor Named One of the Year's Best Products

Iorek writes "PC World lauds Tor, an anonymous Internet communication system, as better than its paid competitors, and one of the best 100 products of 2005. The Electronic Frontier Foundation, which is supporting Tor development, has a press release as well."

AC posting on slashdot

gets second place on that list!

Such hypocrisy.

[King_of_Prussia]

How does slashdot get away with publicly lauding Tor as the great application that it is, while simultaneously blocking over 90% of the nodes from posting to slashdot? Try it now, it took me thirty tries to post a comment to slashdot using Tor the other day.

Re:Such hypocrisy.

[stormcoder]

I've complained repeatedly about this and I haven't gotten a response.

Re:Such hypocrisy.

For the same reason you have a right to free speech but you don't have a right to be listened to?

Re:Such hypocrisy.

[noneloud]

If people wouldn't abuse it, they wouldn't have to.

Re:Such hypocrisy.

[King_of_Prussia]

So you're saying that having no crapfloods or troll posts (which can be filtered out with the moderation system anyway) is more important than some oppressed chinese guy getting his opinion out on a part of the web banned in China?

The editors have gone beyond a simple lack of faith in the moderation system, they are actively undermining it with broad account* and IP bans. For a website that makes such noise about being anti-censorship these are pretty funny actions.

*fun fact: if you log out and request the password for an account named "sllort", you will never post to slashdot again with that IP. Ever. Is this the same slashdot that has an entire section called "Your Rights Online"?

Re:Such hypocrisy.

[elucido]

Tor is created by the US navy and defense deparments, so I'm not sure if its actually annonymous. Anyone care to comment on this?

Re:Such hypocrisy.

[sinner0423]

Because Tor works, apparently.

It's the same with any other internet service - give it a few days, and watch the abuse roll on in. Web, Email, Chat, they can ALL be used for great things but the perpensity for abuse lurks just around the corner, and Tor isn't an exception to this.

If they allowed 100% of the Tor connections, the comments would be flooded with more ascii goatse pics, GNAA Postings, tubgirl links, and all kinds of wonderful trollish crap. It already is bad to a certain degree, and that's with a publicly moderated rating system and IP filtering already in place.

I'm all for internet anonymity and free speech, but there are very few reasons why someone would need to visit the slashdot comments section with a proxy.

Re:Such hypocrisy.

[noneloud]

Let me ask you something: If we have too many crapfloods, and trolls, how will anyone's voice be audible over the white noise. Yes, anonymity is important expecially for people in China and other restrictive places you talked about. However, If people abuse a system too much (including the moderation system...which they do as well), then that system can't sustain itself.

Re:Such hypocrisy.

How anonymous Tor is is well understood by the folks who do anonymity research. In short, it is most likely not anonymous against the US government.

There is a recent paper by George Danezis and Steven Murdoch about attacks on Tor. (IEEE Security and Privacy)

Re:Such hypocrisy.

[Randseed]

I complained about this, and the support monkey who responded said "Are you the administrator of Tor Network?" Then I explained it, and never got a response back.

If Slashdot wants to be a bunch of dicks about it, then they should stop lauding the software.

Re:Such hypocrisy.

[Tim+C]

If they allowed 100% of the Tor connections, the comments would be flooded with more ascii goatse pics, GNAA Postings, tubgirl links, and all kinds of wonderful trollish crap.

That's what the moderation system is designed in part to deal with. (Of course, with the addition of friends and freaks, and score modifiers for them, it's turned into more of a way of ensuring that your world view is never disturbed by reading things you don't agree with, but I digress...)

There's also nothing stopping the editors from deleting such crap. The ASCII pics and GNAA posts are easily seen at a glance, and it'd be trivial to produce a private interface that had a "delete this shite" button against each comment (or checkbox and single "Delete the shite" button, or whatever)

I'm all for internet anonymity and free speech, but there are very few reasons why someone would need to visit the slashdot comments section with a proxy.

Corporate whistle blowers, people in countries with oppresive regimes commenting on stories about some aspect of that regime (eg net censorship in China), people discussing first-hand experience of illegal activities, etc. No, it doesn't happen very often, but when it does it could potentially lead to very interesting comments.

All of that is beside the point, however. It most certainly does seem rather odd that the Slashdot editors praise Tor while simultaneously seeking to prevent access to the site with it. It's effectively saying "Yes, annonymous internet access is necessary and good, but not to *my* site!"

So, what, other sites should allow it, but not /.? "Do as I say, not as I do"? If you want to convince people that something is good, allowing it yourself is generally seen as a necessary first step.

Re:Such hypocrisy.

[slashdotnickname]

how do you get away with claiming that /. is lauding tor just because they post a story about it?

Re:Such hypocrisy.

[sinner0423]

There's also nothing stopping the editors from deleting such crap. The ASCII pics and GNAA posts are easily seen at a glance, and it'd be trivial to produce a private interface that had a "delete this shite" button against each comment (or checkbox and single "Delete the shite" button, or whatever)

Well yeah, but I don't think slashdot would spring for the resources to check every single comment for a troll just because they've allowed all connections. It would be trivial to do so.

It is hypocritical of them to block a lot of the users. I'm assuming somewhere along the line they weighed the amount of decent posts versus trolls, and acted accordingly. It really is a shame, but I can't think of a feasible solution to the problem.

You've mentioned a few reasons for people wanting to view slashdot using Tor, but I suppose in the editors eyes, trolls > legit users. It boils down to how much intervention they choose to do in regards to the comments on here, versus tossing a blanket 'fuck you' to everyone using Tor.

Re:Such hypocrisy.

[LandownEyes]

I bet you he'd still just write "First post" with it.

Re:Such hypocrisy.

[Frodo+Crockett]

However, If people abuse a system too much (including the moderation system...which they do as well), then that system can't sustain itself.

So why not just give out mod points more often to moderators with a good track record?

Re:Such hypocrisy.

[Mr2001]

There is a recent paper by George Danezis and Steven Murdoch about attacks on Tor. (IEEE Security and Privacy)

I think you're referring to "Low-Cost Traffic Analysis of Tor" (PDF).

Re:Such hypocrisy.

[drsquare]

For a website that makes such noise about being anti-censorship these are pretty funny actions.

There's nothing wrong with censorship on a private site. Complaints about censorship apply to governments and other authorities stopping people exchanging certain information, i.e. passing laws banning obscene material. That's completely different from say a shop refusing to sell porn magazines. Slashdot has no obligation to post anyone's comments at all, but that doesn't mean that government censorship is acceptable.

This discussion also begs the question of the value of dissidents using anonymous Slashdot postings to get their message out. Is anything really changed by some Chinaman bitching about being opressed? If he posts it anonymously, no-one will read it because no-one is reading Anonymous Coward comments because they're 99% crapfloods. The irony of this is, if you want dissidents to be able to provide information anonymously, there needs to be a system to filter out the crapfloods and trolls. Maybe if the lameness-filter and moderation systems were less broken and corrupt, no IPs would need to be banned. But that would require both better programming from the site administrators, and more maturity and intelligence from the moderators. Are either likely?

Re:Such hypocrisy.

[tveidt]

> more important than some oppressed chinese guy getting his opinion out on a part of the web banned in China?

Slashdot would probably be the last place he would turn to to get his opinion [about the regime] out. First, one sane voice would not be heard among thousands of screaming kids, and second, the Chinese undercover state security officials would mod him redundant within seconds. ;-)

Re:Such hypocrisy.

[antiMStroll]

"There's nothing wrong with censorship on a private site."

Unless that site prides in portraying itself as anti-censorship. See: Hypocrisy.

"Is anything really changed by some Chinaman..."

"Some Chinaman"? Enough said.

Re:Such hypocrisy.

[blue_adept]

a few days ago I submitted a story about anonycat.com, which is an open source anonymous surfing proxy that you CAN read slashdot with (plus you don't even have to download it if you dont want) and it was rejected in favour of a story about Google finding a new way to take a sh#t. oh WELL!

and BTW anonycat need a few good mirrors, if any slashdotters are interested.

Re:Such hypocrisy.

[madmancarman]

Is anything really changed by some Chinaman bitching about being opressed?

Dude, "Chinaman" is not the preferred nomenclature... Asian-American, please.

Re:Such hypocrisy.

[McGiraf]

This always comes up: it private it's ok to censor.

Well I have a problem with that because the information content and flow it less and less controlled by goverments and more by private corporations. So tell me : when all information is controlled by corporations that can do whatever they want with it, where I'm going to find unbiased information?

Try to find a website that is not is some way using a corportion equipment, network, software or OS.

Re:Such hypocrisy.

[PyWiz]

Asian-American, please.

Actually, dude, we are not talking about an "Asian-American" since the oppressed person in this case is actually a Chinese national (NOT an American citizen). Your attempt at being politically correct was actually not only politically INcorrect, but it also displayed your vast ignorance and American-centered views. Good try though.

Re:Such hypocrisy.

Because there's even more people abusing the metamod system.

Re:Such hypocrisy.

[Aeiri]

Actually, dude, we are not talking about an "Asian-American" since the oppressed person in this case is actually a Chinese national (NOT an American citizen). Your attempt at being politically correct was actually not only politically INcorrect, but it also displayed your vast ignorance and American-centered views. Good try though.

Looks like someone missed a quote from the Big Lebowski.

It was Walter talking to the Dude about an Asian-American, when the Dude called a guy "Some Chinaman", and Walter corrected him.

Re:Such hypocrisy.

[Aeiri]

It's not that difficult to change your IP address. All you have to do is change your virtual MAC address and reconnect to your ISP, their DHCP server recognizes you as a different computer.

To change your virtual MAC address under Linux, given you are using the primary ethernet adapter (not sure in Windows):
ifconfig eth0 hw ether NE:WM:AC:AD:RE:SS

Tor has a limited amount of IPs, and if trolls are using it in order to post, they are doing it the wrong way.

Re:Such hypocrisy.

[advocate_one]

"people in countries with oppresive regimes commenting on stories about some aspect of that regime (eg net censorship in China),"

what's the bets that possession of the TOR program on your computer in one of those oppressive countries will be seen as evidence of intent

Re:Such hypocrisy.

[Randseed]

That isn't what Tor is designed to do and you know it.

Changing your IP address under the same ISP still leaves a trail with that ISP. It stops some idiot from doing simple IP address correlation, sure, but it doesn't fix the problem. Similarly, it doesn't do a thing for you if every time you go somewhere you get nailed by scans and attacks.

Tor is designed to provide anonymous web browsing. That means that unless I do something stupid, the target site has no idea where I'm actually coming from. This stops simple content filtration (but of course doesn't stop them from filtering Tor itself), while at the same time preventing the site I hit from being able to tell where I am.

If you think this kind of concern is overblown, consider this: There are plenty of people who post on or read forums that nothing is wrong with, but would suffer political ramifications in their personal lives if someone were able to correlate that. This is what Tor is designed to prevent.

So no, Slashdot doesn't qualify, and it's something that could be bypassed by setting your proxy to not Tor-route connections to Slashdot. On the other hand, Slashdot lauding the software package while banning it is hypocritical, stupid, and short-sighted.

Re:Such hypocrisy.

Actually, dude, we are talking about an "Asian-American" since he's quoting a movie as a joke. Your attempt at being smart was actually not only dumb, but it also displayed your vast bitchiness and self-centered views. Good try though.

Re:Such hypocrisy.

While those are all valid uses for tor, that's not what the majority of tor users appear to be using tor for. I had a tor node running on one of my servers for about 24 hours. At the end of that time when I shut the node down I had recieved over 30 abuse reports and my isp was threatening to shutdown my box. So I can understand why a site might praise tor as being a good thing, but then disallow access through it due to the fact that the users of said technology are not.

Re:Such hypocrisy.

[drsquare]

Unless that site prides in portraying itself as anti-censorship.

When does slashdot portray itself as a site against censorship on private sites? Articles about censorship on here are generally about government censorship. Your point is invalid.

"Some Chinaman"? Enough said.

I'm sorry I don't follow.

Re:Such hypocrisy.

[drsquare]

Well, tough. No private site is obliged to store and transmit your information. The sense of entitlement around here astounds me.

Re:Such hypocrisy.

[Scaba]

Dude probably also thinks Gandhi is a Native American.

Re:Such hypocrisy.

[CountBrass]

I think you're missing the point.

Let me illustrate with an example from the UK.

Here it is legal to protest in public places: eg roads in towns, town centres etc.

However a number of town centres and ostensibly public places (like the centre of Stevenage) are now owned by corporations and demonstrations are banned. So where do people protest when there's no public place to do so?

Re:Such hypocrisy.

>So where do people protest when there's no public place to do so?

Somewhere far away where they won't annoy passersby, one hopes/

Re:Such hypocrisy.

All you have to do is change your virtual MAC address and reconnect to your ISP

Unfortunately, it's not so easy to change the virtual MAC address of many DSL and/or cable modems which are the actual point of contact to the ISP.

Re:Such hypocrisy.

This has been partially discussed on the or-talk mailing list. I don't have much hope that Slashdot will actually do anything to fix this. I think they still haven't fixed their broken HTML.

Re:Such hypocrisy.

[Thomas+Shaddack]

If they allowed 100% of the Tor connections, the comments would be flooded with more ascii goatse pics, GNAA Postings, tubgirl links, and all kinds of wonderful trollish crap. It already is bad to a certain degree, and that's with a publicly moderated rating system and IP filtering already in place.

Easy remedy. Do not ban posts from tor IPs. Just indicate in its title that it was posted through anonymizing service, and let the moderating system deal with it.

Maybe, for improved results, have more heavy tests against bots for such connections.

Re:Such hypocrisy.

"Some Chinaman"? Enough said.

I'm sorry I don't follow.

Just wait until you are "some amiman" who can't voice his opinion freely anymore. Hail Adol^WGeorge W. Hit^WBush.

Re:Such hypocrisy.

Me too: they've blocked everything. What's weird is, I changed my tor server's public IP address, and, BEFORE I re-STARTED THE TOR SERVER, I put in the line:

ExitPolicy reject 66.35.250.150 # don't get myself banned from /.

And my server's IP address was banned from /. within 10 MINUTES: so I don't know wtf is going on...

Unless I got my entire subnet banned... that'd be pretty cool...

Re:Such hypocrisy.

[Monf]

If they allowed 100% of the Tor connections, the comments would be flooded with more ascii goatse pics, GNAA Postings, tubgirl links, and all kinds of wonderful trollish crap.

Then don't browse at -1 or 0: it's the moderators' job to allow free posting here to be bearable, and you can choose how low you want to go....

As for the ip banning, I posted AC above about having my exit policy not allow any connections via my tor server to /. (I think, anyways), but it didn't help, my new ip was banned immediately - couldn't post with tor or proxy-less. I'm connecting through my friggin' cell phone to do it now.

As for the NEED to browse /. through a proxy, I don't have one, but I'm playing with tor (as, by the name of this article, many others are) just to check it out, and running a server to help others check it out...

Re:Such hypocrisy.

[Aeiri]

That isn't what Tor is designed to do and you know it.

Yeah, I do. However you completely missed my point.

My point is referring to the trolls/spammers, people are saying Tor is bad because it encourages trolls and spammers, and I'm proving them wrong by giving them a better, easier way that a troll/spammer could do what they do, rather than using Tor.

In order to evade the IP ban, they can just alter their MAC address to change their IP and post again. This would effectively work against ANY major site, unless they ban entire ISPs, which would not be smart (5 ISP bans later and no hits anymore, what happened CmdrTaco?).

I was showing the goodness of Tor is not overpowered by the badness that could POTENTIALLY come from it, as people outlined in other posts. There is a better way for them to do it, and they probably already do.

Unfortunately, it's not so easy to change the virtual MAC address of many DSL and/or cable modems which are the actual point of contact to the ISP.

This is a sister post, but I don't want to post twice.

Cable/DSL modems do NOT do this. Routers do, but cable/DSL modems do not. Modems are there to correctly establish the connections to the servers, routers connect through DHCP as a single client and allow multiple "child" clients connect through it. If someone couldn't get their router to work properly with it, then they could just plug their computer directly into the modem.

I have had five different cable/DSL modems, and only one of them behaved like parent's sister post said. Why? Because it WAS a router, it was titled "Cable Modem/Home Router". That wasn't even my most recent one, either.

Re:Such hypocrisy.

[Frodo+Crockett]

Then we just need a meta-metamoderation system. ;)

Re:Such hypocrisy.

Try contacting Roblimo directly and ask for his opinion. He's the guy behind /., even if he's more detached these days.

http://roblimo.com/

Re:Such hypocrisy.

[madmancarman]

Your attempt at being politically correct was actually not only politically INcorrect, but it also displayed your vast ignorance and American-centered views.

Wow - pot, kettle, black! I guess that's what I get for quoting an American movie on a english-speaking forum based in the United States. Sure, it has international readership, but one ought to be able to quote a semi-popular American movie without being called ignorant.

Yet another great achievement for the internet...

[Macgyveric]

The first being pr0n...this being anonymous pr0n!

tor blacklists :-(

[Adult+film+producer]

These lists will become more and more common as people figure out what Tor is.. it's a nice idea but..

Even freenode has banned known tor connections. But that's what happens when you give 12 and 13 year old uber el3et linux hax0rs more power than they deserve.

Re:tor blacklists :-(

tor isn't blocked on freenode anymore. that was a temporary measure to deal with a bot attack as far as I know.

Publicity a good thing or not?

[Critical_]

I have been a Tor users for a very long time and, to a certain extent, the fact that it is not very well publicized has kept the system relatively free of the possibilty abuse. When I say possibility of abuse, I am talking about the media saying that Tor is a way to do anonymous torrents of copyrighted material, transferring child porn, etc. As Tor becomes more publicized, will I have to deal with articles from self-proclaimed experts accusing Tor of being a vehicle for such activity? Will I then see some politician try to pass legislation against anonymizer type software? Maybe I'm being alarmist, but these days anything is possible.

Re:Publicity a good thing or not?

[kfg]

I am talking about the media saying that Tor is a way to do anonymous torrents of copyrighted material, transferring child porn, etc.

Just look up.

KFG

Re:Publicity a good thing or not?

[Adult+film+producer]

Any plans in the TODO for steno-tor in the near future ? I don't really keep up with the dev list to know what's going on with the project anymore.

Re:Publicity a good thing or not?

i feel the same way, and since i just started using tor about a month ago, i feel i have wasted my time in getting it all setup, and all my apps tuned to use it, especially since it just made slashdot front page. i have found a few other apps almost like tor, but they do not allow me to use applications other than ones that use a http protocol.

Re:Publicity a good thing or not?

That's good that it hasn't been "abused" by the media calling it names like that but.... wouldn't they be correct? Isn't it possible for Tor to be used for all those things and terrorism too?

I haven't tried Tor but I tried Freenet once. I saw a site in it that claimed to be child pornography. I immediately shut down and removed Freenet right after that, and haven't looked back.

I can love freedom without loving it THAT much.

Re:Publicity a good thing or not?

[giorgiofr]

Will I then see some politician try to pass legislation against anonymizer type software?

Well, it's already happened. I can't remember the details but some court in the USA ruled against some guy who had encrypted stuff on his box *because* he had it. The reason: you have suspicious stuff -> you are guilty.
So the real question is not "will they pass such legislation" but "how long until the whole world adopts china's standards of sentencing you to death for the mere possession of unapproved software?". And I'm not kidding, check it on the web.

Re:Publicity a good thing or not?

[irc.goatse.cx+troll]

Is possible and highly probably, and you should be damned proud.
If you only want freedom for people who agree with you, you're no better fundamentaly than the most oppresive of rulers. If you had the power to remove all kiddie porn from tor/freenet/$PRODUCT_X, would you? What if a christian fundamentalist had the same power to remove all talk of homosexuality? (a sins a sin..) Bush removing all info about the cipro(anthax antidote) a month prior to the whitehouse being anthraxed?

You either have free speech or you don't, anything less than entire freedom(especially for those of controversial subjects) is as worthless as not having any at all.

Re:Publicity a good thing or not?

[giorgiofr]

That's perfectly OK: you don't like it, you don't use it. Nobody will abuse you for not using it :)
What's more important is that nobody steps in and tries to limit it or shut it down. So that those who do want to use it can do so.
An of course it can be used to do just about anything. It's a smart tool, all smart tools have several uses.

Re:Publicity a good thing or not?

[Ronald+Dumsfeld]

Tor is a way to do anonymous torrents of copyrighted material, ...

I've already heard of people trying to run Bittorrent with Tor. The bandwidth requirements quickly lead to the exit node blocking Bittorrent traffic.

Re:Publicity a good thing or not?

[Spy+Hunter]

What do you use it for?

Re:Publicity a good thing or not?

Then you are an idiot. You should have known there was kiddy porn on Freenet to begin with -- there is kiddy porn on almost every network. Why don't you stop paying your ISP? I *guarantee* you they are transferring kiddy porn by the gigabyte every day.

Re:Publicity a good thing or not?

[poopdeville]

Uh, no kid. A judge ruled that having encryption software can be used as evidence of intent in a specific child pornography case.

Let's draw out an analogous case. Person A, who seems to be midly retarded, goes to a store and steals a pack of gum. Person A is arrested. At the trial, Person A pleads "Not of sound mental state." Now suppose the prosecutor gives evidence showing that Person A scored 95% on a quantum mechanics test the day of the theft. Person A is obviously not retarded. The prosecuter can use the fact that Person A scored well on an exam against him. But it does not mean that getting high marks is against the law. This is not legislation. I recommend you look up what that word means.

Re:Publicity a good thing or not?

[giorgiofr]

I fail to see how your post contradicts mine, as you seem to imply.
"Having encryption software can be used as evidence of intent" is exactly the same as my original "you have suspicious stuff -> you are guilty". Well, your sentence is definitely more elegant than mine; you will kindly excuse me for not being a native speaker.
But otherwise, you are just confirming what I said. Thanks for your support.
Oh, and I recommend you look up how to spell "prosecutor" before you correct me in my usage of English.

Re:Publicity a good thing or not?

[poopdeville]

No, this is wrong. Having "suspicious stuff" like encryption software is not enough to entail guilt. No one will arrest you for having AES installed. But if you have child pornography on your computer, the fact that you have AES installed can be used to show that you knew, basically, that what you were doing is wrong, so that you can't wiggle out of jail time on a technicality.

Here's another attempt to explain this, with some more depth. After arrest, there are roughly three or four phases in the US criminal justice process. The first we will consider is setting a plea. This is where you tell the court whether you plea innocent, guilty, nolo contendere, unfit for trial, etc. Of course, a guilty plea is a confession. There will be no trial if one pleads guilty. If one pleads "unfit for trial" or "not guilty by reason of insanity" and the like, there may be a hearing to determine whether that is true. This is a phase in the process in which, say, having AES installed could be used against you. Someone who is unfit for trial because they have an IQ less than 50 couldn't install an implementation of AES.

Now, if there is to be a trial, the prosecution can use the fact that you have encryption installed against you too. At this point, encryption would likely have to be involved in the crime you're accused of to matter. This obviously depends on the case. If you've seen any American courtroom shows, you'll know why I am hesitant to say much more than this. This part gets very complicated. But the bottom line is that unless encryption was involved in the crime you are accused of, the prosecution doesn't have much to gain by mentioning it.

If you are found guilty, you go to the sentencing phase. Here the prosecution will attempt to stick you in jail for as long as they can. Again, at this point one can argue that one is unfit for jail due to mental infirmity. The prosecution can use the fact that you have encryption installed as a demonstration that you are not retarded. They can concievably use the fact that you have encryption installed to show premeditation, and so on.

Tor Router App?

[HeX314]

Anyone know if there is (or will be) a Linux Tor binary for NAT routers? I have a Linux router, and I'd like to use it as a client in the Tor network but a server for local computers (behind the router).

Re:Tor Router App?

check the wiki from the tor site, im sure it can be done, and done quite easily

http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ

Re:Tor Router App?

I agree, not hard... I have TOR setup on my gateway... it's all in the permissions you setup in the privoxy - and a few tweaks in the TOR config.

Re:Tor Router App?

[Aeiri]

Anyone know if there is (or will be) a Linux Tor binary for NAT routers? I have a Linux router, and I'd like to use it as a client in the Tor network but a server for local computers (behind the router).

They have the source freely available for you to download and compile.

Your situation is easily solved by using iptables to only accept incoming connections locally to the server, and open the ports required for the client.

Hmm

[MattWhitworth]

The thing I don't get with Tor is why someone would need that much encryption, unless they were transferring something illegal like copyrighted material. Why is an anonymous network like Tor needed?

Re:Hmm

[kingofalaska]

Scroll down, read the articles about the so-called "Patriot Act", or censorship, or...

There are many reasons. Yes, it can be abused, just as a stick or a rock can be abused.

KOA

Giant Missile Defense Radar Sails

Re:Hmm

[stevey]

I don't get why so many people put letters in envelopes, what have they got to hide?

Why not write on the back of postcards so everybody can make sure they're not hiding illegal words..

It's a slippery slope. Encryption is useful.

Re:Hmm

[Dr+Damage+I]

The fact that one does not wish the state or ones ISP to know ones secrets does not imply that those secrets are illicit in nature. A person could be transmitting commercially sensitive material which if released could be used by ones competitors, or one could simply be averse to having people know that one uses ordinary, legal porn.

It's a simple fact that People like privacy and place a non zero value on it. The phrase "what are you trying to hide" is the last refuge of the voyeur.

Re:Hmm

[elucido]

The government knows about Tor, they are the ones who made it. DARPA is funding its development. So if you think that by using Tor you are going to be annonymous to the US government I think its the opposite unless Tor is open source and you reviewed and compiled the code yourself.

Re:Hmm

Well Matt, I suggest you go away and ponder deeply about freedom of speech, human rights and privacy.... And read 1984 while you are at it. By George Orwell if you have not heard of it.

And maybe have a think what a governemnt or a company could do if they watch all your internet traffic.

Anyway, congratualations to Roger Dingledine, Nick Matthewson, Paul Syverson and all the rest of the folks who worked really hard on Tor over the last few years.

Re:Hmm

[NickHydroxide]

I don't even believe that one should be required to justify's one use of tools which protect one's privacy. There is no need to say why I choose to use Tor (such as commercial secrets or pornography, as you have stated). The simple fact remains that I should be entitled to my privacy.

But, it does appear that you would agree with my opinion, so this isn't really directed at (or attacking) what you are saying.

Re:Hmm

[Motherfucking+Shit]

The thing I don't get with Tor is why someone would need that much encryption, unless they were transferring something illegal like copyrighted material.

In some places, discussing things like "democracy" and "freedom" is illegal. In some places, it's verboten for women to bare their necks or ankles (much less anything else) in public. In some places, it's illegal to read books that involve sexual behavior, or criticize the government, or any number of other things.

Are you still convinced that a network of potential "illegal" uses is such a bad thing?

Re:Hmm

[advocate_one]

did you even for one instant read the f.ing article???

Tor: Packages and source

Tor is distributed as Free Software under the 3-clause BSD license.

Do you even think for one nanosecond that the EFF would be supporting it if it were closed???

Re:Hmm

Christ, what a breathtakingly half-witted comment.

Slashdot needs to put "NO ANALOGIES" in big, red, blinking letters at the top of the comment submission page.

Re:Hmm

These laws are passed for a reason; becuase they reflect community standards. Who are you to advocate breaking them?

Re:Hmm

[mrsev]

>>In some places, it's verboten for women to bare their necks or ankles (much less anything else) in public....

Well where I live it is illegal for my wife to bare her naked breasts in public. I demand her freedom!

But seriously they have their laws and we have ours, you cant really compare human rights with laws regarding decency. Dont get me worng I am all for emancipation but please choose your battles better.

On a interesting side note , in the UK I believe we do not have a freedom of speech. CAn someone confirm this?

Re:Hmm

[NetNifty]

"in the UK I believe we do not have a freedom of speech. CAn someone confirm this?"

We don't: "Piggins is also charged with two counts of possession of the magazine Stormer". Charging people for posession of a damn magazine doesnt sound like freedom of speech to me - I can see why distributing the magazine would be illegal under "incitement to racial hatred" laws even if I disagree with them, but having people charged because they posess a magazine is absurd in my opinion.

Re:Hmm

[Motherfucking+Shit]

These laws are passed for a reason; becuase they reflect community standards.

First, this is a blatant troll. For example, the Taliban forbade women from getting an education. Now that the Taliban have for the most part been defeated in Afghanistan, Afghani women are pursuing all sorts of educations, jobs, and are even walking around without burqas on their heads. If it was all about community standards, these women would never dare such things, lest the rest of the community notice and take action against them.

"Community standards" had nothing to do with it; the standards were set by a fairly small group of lunatics who happened to have a lot of guns. The same can be said of places like North Korea, Iraq, Sudan, and (dare I say it) perhaps even the United States. The FCC, backed by the federal government, which happens to have a lot more firepower than you or I, decides what is or isn't OK on television. As in several other above-listed states, the relatively small group with the superior firepower are the ones who set the rules, communities be damned.

Community standards are hogwash, anyway. I live in the deep south, the Bible belt. I know people who are staunch conservatives, or republicans, or Bush-Frist voters, or whatever you want to call them. These are the guys who go to that annual rally (I forget what it's called) where they profess their faith to God and their wives, and denounce pornography and infidelity. Yet I run into these guys at the strip clubs, at the liquor stores, you name it. All of the "sins" they're supposedly dead-set against, they more often than not participate in themselves.

Your average Bible-belter will vote against gambling, but then you'll find him in the casinos in Tunica or Biloxi. He'll vote against a state lottery, but darned if you don't run into him buying Powerball tickets at the gas station. He'll write to the FCC complaining about Janet Jackson, but as you drive past the adult bookstore, you see his car parked outside. He set the so-called "community standards" when he voted, but he doesn't even follow them himself. That's your average "community standards" progenitor.

Look no further than the Parents' Television Council for evidence of this. The PTC - which as you may recall from prior articles here is responsible for some 98% of all complaints to the FCC - proudly hosts on their own website the offensive clips from television shows they complain about. Even (gasp) children can surf by and find the stuff that's so offensive, they don't want their children to see it. How's that for irony?

For several months they hosted a video clip at http://www.parentstv.org/PTC/clips/WithoutaTrace_o rgy.wmv which was ranked #2 and #3 in Google on a search for "teen orgy party." (They removed it after I wrote to them about their hypocrisy, but you can still find references to its existence.) The trend is ongoing; for example, they're currently hosting the video of the Paris Hilton Carl's Jr. commercial which they describe as "extremely graphic and sexually explicit."

Earth to Parents Television Council, your website is fully accessible to any child who has internet access, why are you hosting "extremely graphic and sexually explicit" content there? Fucking hypocrites.

Who are you to advocate breaking them?

A human being who has tasted freedom, who knows about life without oppression, who understands the value of the right to read and speak freely, and who hates seeing women all covered up.

Re:Hmm

Seeing as how you value anonymity and privacy so little, you wouldn't mind giving me your credit card number would you? :)

Re:Hmm

Where the "community standards" = "one person's standards"? It's often in dictatorships these laws are in effect...

Re:Hmm

[LWATCDR]

The problem is for people in China and probably Iran Tor is useless or worse dangerous.
To use tor you have to know where a tor site is. If you know where it is so do the security people in china. Since in China going around the Great Firewall is a crime connecting to Tor is a crime.
So Tor is really only useful in countries that have some degree of freedom of speech.
That means it will be of most use for people that are going to abuse it.
Now I need to figure out how to block Tor on my office network.

Re:Hmm

[jamesangel]

Discussing democracy is illegal on MSN? Figures...

Re:Hmm

You mean this video found on this page?

They do warn that the video is graphic, but there's no law being broken by having it posted there (except the Slashdot law they broke when they used WMV when Ogg Theora would've been freer (and Ogg Tarkin 313373|3)). Without illustrating examples of what they're railing against, nobody at all would take them seriously.

Re:Hmm

[pair-a-noyd]

I believe in the "none of your f-ing business" concept. I also lock my doors to my house and car.

The reason? Because it's no one else's business what the hell I do, what I like, where I browse, etc..

I deeply despise parasitic corporations that seek to suck my soul away by following my every move, tracking my every breath and step and force feeding shit to me in a fruitless effort to get me to turn over my hard to come by $$ to them in exchange for a cheaply made piece of shit that I don't need and don't want.

I don't want big brother (the New KGB) sniffing my farts. F*ck them all. Leave me alone. Stay the f*ck out of my life. It's none of your GD biz..

Why is it always instantly assumed that anyone that doesn't want to share every intimate momenet of their lives with the rest of the planet, that that person is some evil ne'er do gooder??

Now that there are 6bn people on earth, SOME of them assume that everyone wants to live in one huge, happy hippy commune.. Bzzzzt... Some of us don't like that plan. Some of us simply like to be left the hell alone..

Re:Hmm

[WebHostingGuy]

The letter analogy doesn't work in this case though. On a letter it says where it is going and where it came from. And it also has the post office seal over the stamps showing where it was processed. Under TOR this is exactly what you are hiding--your tracks. To be honest the main purpose of the letter is that it holds more material inside than a postcard and whatever is inside is sealed up not so much for the content but to insure the contents are not lost; something TCP/IP takes care of but not the Post Office.

Re:Hmm

Because some of us live in China.

Re:Hmm

[po8]

Uh, a US letter currently doesn't have to have a return address, much less a validated one. And a public mailbox in a big US city is pretty darn anonymizing. After all, they still haven't caught the folks who sent anthrax-filled letters to US government officials---and I'm guessing it's not for want of trying.

Re:Hmm

[Graabein]

> did you even for one instant read the f.ing article???

Tsk, tsk. You must be new here.

;-)

Re:Hmm

[thisissilly]

Well where I live it is illegal for my wife to bare her naked breasts in public. I demand her freedom!

So fight for it. Other people are.

Re:Hmm

[theNAM666]

Or one could simply be a defense or patent attorney, doctor or psychiatrist, or another similar professional with a legal obligation to take something between reasonable and "all necessary" measures to secure information that has been disclosed by a client.

Some people don't want their personal business displayed to the public, which is why we don't live in glass houses.

Is Tor open source?

[elucido]

If I remember right isnt Tor created by the US government?

Re:Is Tor open source?

Yes, the US Naval blah blah funded the original development and in fact they said that civilian use of the service would help mask any "other" usage - so I consider it a patriotic duty of every citizen of the USA to run a TOR node - to aid the US government in its fight against terrorism and to assist their intelligence efforts.

Re:Is Tor open source?

[/dev/trash]

As if the EFF would you something the Bush government created.

Insightful?

[poptones]

This isn't even an insightful question. "That much encryption?" What the hell does that mean? If the encryption is easily cracked it's not worth doing, you might as well just be doing your banking over something like ROT13 encoded connections, huh?

I've been wondering why the hell the network has been getting slower and slower and slower over the last weeks. I guess now I know.

Why is an anonymous network needed? Well for one thing it's not anonymous regarding the type of uses the critics like to trot out i.e kiddie porn and cracking, since a good many of the connection nodes originate in the US or Germany, two of the most monitored countries in the world. Your connection can go through a hundred drops after that it won't matter at all if you make that first hit straight to MIT or some .de domain and you're doing anything to interest the FBI.

What it IS useful for (that is before it became so terribly overloaded every click ends up taking thirty seconds or more to respond) is surfing without worrying about your local "community standards" enforced ISP looking over your shoulder or the bazillions of admonkies being able to snoop. Tor is commonly packaged with privoxy, the two together make moving about the net a lot nicer (even slashdot).

There is no privacy online

[elucido]

So I'm not really sure why Tor is useful. It's not for file sharing, it does not really protect you completely from spyware, freenet seems to be better.

Re:There is no privacy online

[womby]

Freenet is an astoundingly better concept than tor, all tor does is hide the ends of a connection from one or both peers. But tor works right now, and Freenet doesn't.

Freenet guaranties that data cannot be removed from the network once it is injected, tor hides the ends of the connection.

And yet, tor (and i2p) allows users to setup forums and wikis accessible only across the network which for the purposes of freedom of speech is not half bad.

Re:There is no privacy online

[Frodo+Crockett]

Freenet is an astoundingly better concept than tor, all tor does is hide the ends of a connection from one or both peers. But tor works right now, and Freenet doesn't.

You're entirely right. For example, what happens if someone decides to run dozens* of Tor nodes? They could intercept and possibly trace a lot of traffic.

*I have no clue how many Tor nodes there are right now, so substitute a sufficiently large number if dozens won't do the trick.

Re:There is no privacy online

[qubex]

I'm British but I live and work in China. Many websites are unreachable because of the censorship here (e.g.: news.bbc.co.uk).

Tor lets me surf those websites and find out what is going on in the world, and find out the things the PRC government doesn't want its citizens knowing about.

In short, it is my window on the world.

Onion routers are by no means new but Tor is

[Gopal.V]

Tor uses something called Onion Routing. But interestingly the original system was heavily patented and Tor had to work around all of those with something called "Telescopic Circuits". The problem (as far as my feeble brain understands) is that this is suitable for connection oriented data, but not for routing each packet a different way - seriously I'd love to run Tor as tun0 so that my IP packets head a different way and do point-to-point, but that seems to be a distant dream. Right now it seems to be just protocol proxying.

And the problem with onion routing is that it is neither high-bandwidth or low-latency - just anonymous. Sharing files over Tor is a blatant misuse - but tracker comm over it is perfectly valid (Azureus already has a plugin - though I like dht better).

Interestingly, I2P calls them Garlic routers (the pun is not lost on some of us).

Re:Onion routers are by no means new but Tor is

[h4rm0ny]

Seems a little ironic that a project that provides anonymity should be hindred by patent infringements.

Huh?

[poptones]

I don't understand why you would need tor to hit here. Just put slashdot on the "exception list" in your proxy config and it works great. The ads still get killed (if you are using privoxy) but the content is fast and complete.

You might also trying setting up your tor config file. You do not HAVE to use the "trusted gateways" for the final drop, that is only how it is configured OOTB. Add "exit" to the untrusted gateway nodes permissions - heck you can even remove "exit" from the "trusted nodes" permissions. Now you're not connecting via those "known tor nodes."

BTW it ain't just slashdot. Lots of sites still use IP information instead of session variables and it will drive you nuts trying to post to one of them or even stay connected without having to log in again every two minutes. Simple solution is to just add those sites to the "don't proxy these sites" list. May not be the solution you want if it's a "controversial" site that could lead to leagal attention, but if you're really worried about that sort of thing you're a fool for using tor for it anyway.

Re:Huh?

I don't understand why you would need tor to hit here

That's because you're not a troll like the author of the grandparent comment is.

Tor was used to flood slashdot discussions with thousands of comments containing large ASCII swastikas and random comments from previous stories.

Re:Huh?

[TCM]

You might also trying setting up your tor config file. You do not HAVE to use the "trusted gateways" for the final drop, that is only how it is configured OOTB. Add "exit" to the untrusted gateway nodes permissions - heck you can even remove "exit" from the "trusted nodes" permissions. Now you're not connecting via those "known tor nodes."

1) With the development version of tor, any node whose port is reachable gains some "half verification". This means it can and will be used as an exit node. It can not, however, be used explicitly by adding ..exit to the hostname or in a ExitNodes statement in the config.

2) I heard that Tor blacklists are done in a very clumsy way. They don't check exit policies, for example. This means that even if your node doesn't allow any connections to the outside, it will appear in the blacklist. This should definitely be changed, so that if I ran a website, I would only block Tor nodes that allow *:80. But I could be wrong here.

Re:Huh?

[AnusesCheeses]

Its a troll to suggest that the people who might want to use Tor legitimately can't do so because of Slashdot's hypocrisy? What about people in places where Slashdot is blocked?

And how do you know Tor was used to post those ASCII swastikas?

Re:Huh?

[poptones]

What about people in places where Slashdot is blocked?

Use a CGI proxy in the URL. Simple.

And how do you know Tor was used to post those ASCII swastikas?

When I first read this I had no idea what the hell you were even talking about and still wouldn't if someone in another reply to me hadn't told me about this "abuse" of tor. So my question to YOU would be "I didn't - but you did and it's obviously pressing on your mind... so... why do you ask?"

Comment spam is still speech. Even ascii shit and viagra ads. That's what the moderation system is for. If /. is blocking IPs then I'd agree they're not living up to their end of their geekly agreement.

Re:Huh?

[AnusesCheeses]

What if the proxy is blocked? Slashdot is blocking proxies at every turn.

I was replying to multiple people.

Re:Huh?

He said "CGI proxy." You know, something akin to anonymizer.com's service. Hardly blockable.

Parent infamous troller, craploodist

If you don't believe me, feel free to take a look at his posting history, which contains nothing but offtopic/troll/flamebait/FP comments.

Re:Parent infamous troller, craploodist

[AnusesCheeses]

There are only two modded down posts in his post history. The majority of his posts are actually modded UP.

Tor 40 on the list...

[chrono13]

Windows Media Player 10 is 47th.

"Version 10 combines a compact interface with an innovative DRM technology for enabling music subscriptions that you can take with you on your MP3 player."

Better DRM features help Microsoft onto the list?

I wonder how many advertising spots MS buys through PC World?

Commercialized Already

It seems one of the first companies to jump on the Tor bandwagon is VPM. They are selling a Linux desktop on a 128MB USB stick with everything preconfigured to connect using Tor. Sounds like a neat idea even though you could make it all yourself without paying $45.

Re:Commercialized Already

[advocate_one]

yes, but part of that $45 is for the USB stick and the rest would cost me far less than my time would cost to do the job myself... and some of that $45 goes to upkeep of TOR servers

Think about it... $45 is cheap considering what it is. I'd like to see an autorun QEMU CDrom version as well.

How about...

[Morosoph]

Slashdot either eliminate "Anonymous Coward" posting, or else allow posting from TOR nodes?

Re:How about...

The ability to post anonymously is actually very important. It allows for posts to be taken at their content value, instead of coming from some suckup or karma whore who's just parroting the statements of the current popular political party (currently the Dems in the USA).

Of course, the ``Anonymous Coward'' option is only anonymous when you draw the system line around the forum; you aren't really anonymous. This is fine for having a technical discussion where people add their own experiences, but not good if you're talking about the accuracy of your homemade rifle if you live in a country that restricts one class of people or another from firearm possession.

Slashdot is whatever its owners want it to be, but if Slashdot bans anonymous posts and Tor routed networks, then some other Internet forum will become The Important Place on the Internet.

And as for Lynx users, the captcha thing could be changed into some sort of natural language equation, sort of like the email address obfustication Slashdot has.

Re:How about...

[caluml]

Slashdot either eliminate "Anonymous Coward" posting

No - it should leave the ability to post anonymously, but only if you are logged in to an actual account.

Re:How about...

[Morosoph]

I wasn't seriously suggesting that it should ban anonymous posting.

Re:How about...

[Scaba]

...the current popular political party (currently the Dems in the USA).

Either you've never been to the USA, or you spelled 'Republicans' wrong. Democrats are vilified and hated here (for good reasons - they're almost as bad as Republicans, only they act all wishy-washy about it).

Re:How about...

Either you've never been to the USA, or you spelled 'Republicans' wrong. Democrats are vilified and hated here (for good reasons - they're almost as bad as Republicans, only they act all wishy-washy about it).

Some people are Republicans because their beliefs closely match the original tenets of the Republican party (states' rights, small government, lower taxes, more privitization, etc). Some people are Democrats because they truly want a stronger federal government, more social programs paid for by everybody's tax dollars (nevermind that implementing most of that stuff leads to a combination of some nanny/police/Big Brother state with a completely intrusive government and community laws that don't reflect the community (having been designed either by majority vote over a very large area, leading to 20,000,000 city folks who don't know anything about where their food comes from deciding that an empty 100 acres (a field) could be better used as 400 houses (because we can just buy more food in the global economy!)).[1]

Anyway, the point: a lot of people follow their views, a lot of people watch and vote the way they think is best for themselves/everybody else, but a lot of people either don't really care or care blindly. The ones that care blindly tend to be Democrats, and because of positions they hold in the entertainment industry, they try to make the Democratic party ``popular'' (like a high school quarterback) to try to reign in the apathetic folks. Think along the lines of the time Rosie O'Donnell bushwhacked Tom Selleck on her show. She used a media outlet to attempt (and it truly was an attempt. She doesn't know what she's talking about and doesn't even live by what she was moaning about) to ridicule a group of people.[2] That's what stunts like Air America are about. They aren't trying to solve any problems; they're trying to raise the popularity of their party.

Republicans aren't experiencing popularity now, they're experiencing majority. There aren't any Republicans dressing up like birth control pill containers or dildoes[3] (I looked it up in the dictionary: ``plural dildos also dildoes.'' Way to be vague there. I chose the form that most reminds me of deer hunting) in the streets to sell their beliefs. Of course, there are blind Republicans, too, but don't anybody believe for a second that all of the Republicans or all of the blind Republicans vote that way because of stupidity. The cracks on the Internet about Christianity and what belongs in what class in what school is just more of the same popularity contest. At the end of the day most people do what they think is right, but more acid is directed at Republicans than Republicans spout.

--
[1] I don't really like farm subsidies, but with the way land is being gobbled up here in the USA we're eventually going to have to have some serious thoughts about food production. I greatly prefer subsidies to government owned-by-eminent-domain growing fields, though. If the farmers can't afford to live (and most can't. The reason we raise chickens and cows by attrition with hormones and such is because we can't compete on price otherwise. There's no money in farming at any level unless you both already own the land and play a percentage game with your crops and herds. It's cheaper to shoot a lame cow than it is to heal it at that level.)

[2] Rosie O'Donnell jumped Tom Selleck about being a member of the NRA. She denounced firearms as thoroughly as she could, which is not at all due to lack of knowledge of the subject. If you strip emotions out of it then there really isn't a serious argument. It's hilarious to hear the same people denounce guns as killing machines and in the next breath plea to ``ignorant rubes'' to drop emotion from matters relating to religion. For the record, I didn't bother looking up either of the characters' names, so if they're misspelled, boohoo.

[3] I've seen people dressed up as birth control pills on the news recently (although I don't rememb

blah blah

[XO]

If they'd just let the things I wanted IRC to do before there was a split from one unified IRC network, then we wouldn't be having this discussion.

Reason to use TOR

[Morosoph]

I'm all for internet anonymity and free speech, but there are very few reasons why someone would need to visit the Slashdot comments section with a proxy.

If traffic is being traced, the authorities might figure out who's posting critical commentary.

For example, China has sophisticated monitoring of the internet.

As another example, a company with aggressive surveillance might retain data being posted, to be analysed. If Slashdot had an SSL connection, that risk might be avoided, but they don't. One side-effect of TOR is that packets arrive and leave multiply encrypted.

Re:Reason to use TOR

[TCM]

One side-effect of TOR is that packets arrive and leave multiply encrypted.

They enter multiply encrypted. If the requested protocol is HTTP, they exit unencrypted, just as if the exit node had made the request itself.

Re:Reason to use TOR

[Aeiri]

They enter multiply encrypted. If the requested protocol is HTTP, they exit unencrypted, just as if the exit node had made the request itself.

I think he's referring to the actual computer using Tor.

PC -> Multiply Encrypted and Bounced Through Network -> Non-Encrypted to Server -> Non-Encrypted Back -> Multiply Encrypted and Bounced Through Network -> PC

It comes BACK encrypted, and that's his point, I believe.

Re:Reason to use TOR

[Morosoph]

Aeiri's made my point.

I'm taking a PC, rather than data-centred perspective.

Also the context makes it fairly clear: it goes though the (company|country) checkpoint in encrypted state. Or else, you can't check where it's really ultimately from, if they do get to read it.

It does after all end up unencrypted, on Slashdot, after all! So keeping the data safe the whole journey serves no purpose.

Tor like to thank the Academy

[jalefkowit]

Tor very happy to win award. Make Tor happy. Tor not smash now.

SSH Attacks

[datadriven]

Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more.

Don't we have enough problems with script kiddies trying to SSH into our machines without making them anonymous?

Re:SSH Attacks

[benji+fr]

yep,

Don't we have enough dissidents or journalists who want to tell everybody about our so called 'censorship' on information ?

--
Chinese gvt information minister.

PS: depending on your preferences, replace "Chinese" with "North Korean" or "Iranian" or even "Japanese" or "French" ...

Same here.

[Jerk+City+Troll]

I was banned within hours of settiing up Tor on my host.

Suse 9.3 install??

[pair-a-noyd]

It complains that libevent isn't installed, which it IS... Seems the rpms are for fedora, and the source won't compile because of the libevent problem..

help?

And Firefox is THE product of the year

[hey]

page 1

You have discovered the Great God ENTROPY!

[NOPteron]

Only one point, though ( the other one disappeared, it seems)

--

More seriously, that's an accommodation of humanity: it's more convenient to erode worth than to grow it, and if one wants to get one's own gain, then one has to be more aggressive a predator-of-worth than Others are, so. . .

The only problem with that equasion is that there are different /kinds/ of worth, and some are worth more to any individual than are others.

I find autonomy, quiet, harmony, freedom-of-intelligence, spiritual freedom, etc. to be worth more than
{ belonging, social-sentience, status, position, image, money, "self-esteem" which is One's Social-Circle's Opinion Of One, a car, a partner, "education", etc }.

Therefore I can't be manipulated to sacrifice the kind-of-worth I hold-to, in order to have the kind-of-worth I /don't/ so deeply value.

BUT, since the entire "education" of a someone in the society/machine we /made/ on us, is oriented to making our lives' expenditure/work into grazing-fodder for "corporations" ( keeping in mind that governments, churches, etc are other-appearing instances of what I really mean here, not just business-entities ), then what result is inevitable?

WWIII will change that, because it'll be a pogrom/tantrum so deep/profound that humanity is going-to learn the difference between kinds-of-values.

ANY sufficiently profound obliteration-experience /can/ induce such learning ( think of ones who have endured near obliteration, over the course of years, say reasonably-advanced Huntingtons, or something, and ask what their values are, compared with "money". . .

WHEN humanity experiences something that heavy, humanity will change the same way, but not before: ideas and understanding are different in substance/nature, see. . . )

Cheers,

-me

Re:You have discovered the Great God ENTROPY!

wow, you are educated singularity stupid.
http://www.timecube.com/

Tor is ok, but

[blue_adept]

if you want to surf anonymously without downloading and installing stuff, check out anonycat.

http://anonycat.com/

it's open source, so you can download and run it from your own computer if you want, but you can also just surfy anonymously from the main page.

it's pretty good for viewing slashdot, too, which you can't do with Tor.

Re:Tor is ok, but

[ldd23]

That's not exactly anonymous. The anonycat server knows your IP address and what page you're browsing. The whole point of the TOR, I2P, etc. anonymizing network systems is that no other entity on the network can determine both your IP address and what content on the network you're using.

Re:Tor is ok, but

Tor isn't exactly anonymous either. all you have to do is hit a page with a java applet and you're screwed. the applet can open a direct connection back to the server that it was served from and report the client's ip. Annonycat converts applets to text, so it's not an issue.

Tor Rendered Useless

Tor is a great idea but is becoming largely useless for anything but casual web browsing. Here are some of the things I have observed while using Tor:

- Blocked on Wikipedia from editing
- Blocked on Slashdot from posting, in some cases, I am blocked from even browsing
- Blocked on most IRC networks

Those are just a few of the places I noticed, I'm sure there are more.

Tor isn't much good if you can't get your message out. It seems like many places preach about the freedom from censorship it gives (i.e. Slashdot) but are willing to block Tor.

Re:Tor Rendered Useless

[Sheetrock]

Agreed, but (as mentioned elsewhere) there is no ready protection from uses of Tor or other anonymizing systems to irritate or worse. This uneasy reaction to dealing with anonymity goes back at least to anonymous remailers being used to flood USENET with crap.

Somebody mentioned in an earlier post schemes that could be used to limit the posting ability of an anonymous client without further reducing the anonymity of the client -- captchas discriminate against the blind, but 'hashcash' or having the client system perform a computationally-expensive operation that can be trivially checked at the server seems a practical way to limit flooding at least. But a larger problem cannot be solved by technical means: anonymous posts that create legal problems for public servers.

Avoiding issues with censorship is best left to a closed system where mechanisms for posting. hosting, and reading are all anonymous. Tor, at present, is better for not leaving an easy to follow trail of everything you read online or bypassing webfilters than anything else -- but it offers no protection to the servers one visits with it, and if this wasn't a problem there wouldn't be a demand for anonymizing protocols to start with.

Re:Tor Rendered Useless

Yea, just what I want, to open my server as a anonymous gateway for some script kiddie to do no good on the net.

Good article - tor server count will soar

[Werrismys]

Every time tor is mentioned on Slashdot, the networks gains speed thanks to a surge in runnin server numbers.

Slashcode is not designed for anonyminity

[typical]

Because Tor works, apparently.

It's the same with any other internet service - give it a few days, and watch the abuse roll on in. Web, Email, Chat, they can ALL be used for great things but the perpensity for abuse lurks just around the corner, and Tor isn't an exception to this.

No, it's because Slashcode lacks support for anonymous use. Until someone adds said support, Slashdot will not be anonymously usable.

If everyone created an account, no problem.

The thing is that Slashdot's codebase uses blacklisting as part of its functionality (it's how they keep abusers from flooding the board). Blacklisting does not work in a pure anonymous environment (that allows abuse if many entities collaborate to abuse the system, which is the case for most systems) without "expensive IDs" (the use of some resource which one cannot produce en-masse to identify onesself). Slashcode treats IP addresses as "expensive IDs", intending that those wanting to abuse the board have a limited set of IP addresses available to them, and those become blacklisted. Tor extends the availability of Tor-enabled IPs (expensive IDs) to anyone who wants. Slashcode cannot understand this. To make Slashcode work in an anonymous environment, support for expensive IDs that work in an anonymous environment must be added. There are many mechanisms for doing expensive IDs.

Slashcode currently uses both IPs (they can get banned) and accounts (they can get banned as well, and it takes a while to work up a high-post, low UIN account) as expensive IDs. IPs cannot be used in an anonymous environment. Accounts could, but probably must be boostrapped in a non-anonymous environment. That is, it would be possible for Slashdot to allow only registered users to use Slashdot from Tor systems (I could even register my IP as one that only allows registered use), but to prevent someone from mass-creating accounts, these accounts would have to be bootstrapped from a non-anonymous environment -- for example, perhaps an IP could only create an account a week, but once created, users could use their accounts on Tor systems.

Another popular expensive ID that saw some interest during the antispam discussion days is solved problems that require many CPU cycles. Generate a hard mathematical problem, to an anonymous user and the person has to burn 5 CPU-minutes of cycles solving a problem in order to post. They'll have a hard time flooding the board.

Another popular expensive ID is human time -- hence the OCRable letters that low-karma accounts and ACs have been seeing recently.

Another expensive ID is transitive trust -- allow accounts that have "trusted" accounts marking those accounts as, in turn, "trusted" (something like the friends system, but should not use the friend marking, which means something different) to use the board anonymously. If those accounts abuse the board, the abusing account loses his trust and the account that endorsed him loses some trust, transitively back to the source. This isn't *fully* anonymous (since the truster has to have some relationship with the trustee, even if it's nothing more than reading a Slashdot post made in non-anonymous mode).

Any other mechanism that uses expensive IDs that can function in an anonymous environment will also work.

I'm going to see whether or not open source solves this one. The Slashcode codebase is there, free, and open, and any number of people with crypto and security design experience read this board and presumably want to use Tor.

I don't really care much about using Slashdot anonymously, so I'm not going to do it. I'll probably take advantage of it if someone else adds support to Slashcode for working in an anonymous environment, though.

Pseudonymity

[backslashdot]

I consider pseudonymity just as important as anonymity. The ability to anonymously and untraceably place digitally signed newsletters and documents that people can retrieve. For example dissidents should be able to publish a monthly or weekly index of all the files they upload with their md5's or whatever hash. Then people can download those other documents while being sure of the source. This would prevcent fake documents being put out there by evil organizations because people can be able to authenticate that the doc they are downloading comes from a reputable dissident group.

Surprised that nobody's mentioned that

[Kiyooka]

Firefox won Product of the Year! Congratulations to the Firefox guys!

Hopefully this will help further "legitimatize" Firefox to those who are reluctant to switch to something "underground".

Power Rangers

[JakeD409]

I don't know if anyone else remembers this, but back around like 1994-95 or so, when Power Rangers was still fairly new, one of their Zords was named Tor (I was about 9 at the time, and my dad told me it was named after some mountain). It was this huge turtle robot that could carry the other Zords when they were injured. I had the toy of it (actually I still do, it's in my closet), and it had these two little buttons on its back, and when you pushed them, they made growling noises (since turtles are known for their constant growling). I think THAT should've won a product of the year award as well.

Oh, so /. is suppose to..

[Halvy]

allow people who *FLOOD* or spam to the point of interfereing, be-aloud-to?

Exuse me, but if someone *interferes* with my ability to talk (like the spamers/flooders were with /.), then I have a right (natural reaction) to find away around that.

I would say that the moderation and steps taken by /. to stop the spamers, does more to help (us) all talk, instead of those clowns who dont' like /.

Let them (spammers/flooders) go form their own /. if they dont' like it... or, they can *keep trying*, and /. will keep trying, and the best-man-will-win! :)

What I am investigating, is the theory that bill-gate$-the-turd-junior is behind these attacks.

Re:Oh, so /. is suppose to..

[poptones]

Exuse me, but if someone *interferes* with my ability to talk (like the spamers/flooders were with /.), then I have a right (natural reaction) to find away around that.

Surf at +1 and STFU - simple.

Your (fallacious) right to not be offended or annoyed does not trump another's right to expression - even if they are being an asshole.

What I am investigating, is the theory that bill-gate$-the-turd-junior is behind these attacks.

Oh yeah, you're not a nut at all...

Re:Oh, so /. is suppose to..

[Reality+Master+101]

Your (fallacious) right to not be offended or annoyed does not trump another's right to expression - even if they are being an asshole.

WTF is the "right to expression"?? Did it escape your notice that this is a private web site, not a government one?

You have the right to do whatever the hell the owners of the web site let you do.

Re:Oh, so /. is suppose to..

[poptones]

No, I have the right to do whatever the hell I want and the webmasters have the right to kick me the hell out. But /. is something of "the voice of the community" like it or not. Maybe they don't want to be that voice anymore, and they have that right. But this community grew to what it is by respecting that people have the right to be heard even when they are assholes. if that mission has changed it's certainly their right, but it's also our right to speak against that change and hold them true to what it was.

The people who run slashdot have a responsibility to the people who make it what it is. If they turn away from that responsibility everyone loses. We lose the community we have built, and the people who run slashot lose money. Which is more important? It doesn't matter.

They certainly have the ability to do whatever - but that doesn't equate with right. Just look at the skeletal remains of wired since that great takeover and the restaraunt people "did whatever the hell they wanted."

Actually, the correct term is..!

[Halvy]

CHINX!! (lol).

Anyone who takes so-called derogitory terms personally, needs counceling/pills, or to be ostracized!

LEARN to laff! maybe we'd then *all-get-along* better!! =:O

Uhhh, cause..

[Halvy]

You (we) need to define a *GOOD* track record.

And you can't say: "whatever the community decides", cause although that may work for THE COMMUNITY, it is not nescessarily good, fair, legal, moral, or whatever, and because of this, it will continue to morph (as it should). :)

lemme get this straight..

[Halvy]

Maybe this was a mis-communication on my part-- on what this part of the thread was about originally.

We (me too, in my reply) were talking about /. HAVING to control people who were FLOODING the network to the point where everyone would be affected. In other words, to the point where /. was not useable (it happens with dos attacks, etc u know..)

Now I don't know about you, but I would prefer if /. stopped those (spamming/flooding) arswholes, this way we (you & I) could continue our discussion.

Why would'nt anyone defend themselves like that? I mean, it is common sense! Why would u let the *spammers* control /.?

And as far m$ interfering with places like /., linux, or whatever else they see as a threat.. then actually you would be considered *more nuts* by professionals, by claiming that this would be un-heard-of (like you implied) :)

/. and the likes will have to adapt, NOT..

[Halvy]

the other way around when it comes to programs like Tor.

BUHHT..I dont' blame /. for *defending* itself against spam & flood attacks. This is only common sense. If they didn't we wouldn't have /.

And I can't see why anyone (even after reading ALL the threads) would act like /. is hypocritical.

If you RTFM (/.'s) you'd see that not only do they speak-a-good-game, but they walk it tooo.

Censoring can ONLY be over come by MORE & LOUDER freedom of speech, period.

ANYTHING short of this will be giving in to the bad-guys... and that is the ONLY way they can win!!

I am always curious as to why people and the governments..always seem more concerned with what people *say*, then what they actually *do*.

Ahhhnd, I *think* I have part of the anwswer, which is, because *words* are everything..

After all, even before someone *pulls-the-triger*.. there is that *little voice* inside that *says* (do it! or DON'T DO IT!!), which then controls the actions of the individual.. :)

JAP

[iowa119900089]

I remember when JAP did this function. Then the German Gov't forced an upgrade to let them snoop. I get the feeling that this network isn't as secure as many seem to believe.

tor isn't ready IMHO

[jfroebe]

apparently your traffic goes out from a single machine acting as you - if that machine is a dialup, you're screwed. there isn't any form of load balancing that I can tell. I'll revisit TOR later.

Re:Who wants to see everything?

[Thomas+Shaddack]

Any other mechanism that uses expensive IDs that can function in an anonymous environment will also work.

You maybe do not need them at all. Just a combination of the OCRable letters (or a similar measure) with indication in the title of the post that the post is from an anonymized IP, and allow assigning users a modifier for anonymous posts (one more criterium in addition to already existing ones).

Anything that involves a non-anonymous IP breaks anonymity and can lead to the Goons With Guns coming and requesting the logs.

from the whoami dept.

[torrents]

should have been:

from the it's-so-great-we-banned-it dept.