Slashdot Mirror
Developer Of Anonymous Tor Software Dodges FBI, Leaves US (cnn.com)
An anonymous reader quotes a report from CNN: FBI agents are currently trying to subpoena one of Tor's core software developers to testify in a criminal hacking investigation, CNNMoney has learned. But the developer, who goes by the name Isis Agora Lovecruft, fears that federal agents will coerce her to undermine the Tor system -- and expose Tor users around the world to potential spying. That's why, when FBI agents approached her and her family over Thanksgiving break last year, she immediately packed her suitcase and left the United States for Germany. "I was worried they'd ask me to do something that hurts innocent people -- and prevent me from telling people it's happening," she said in an exclusive interview with CNNMoney. Earlier in the month, Tech Dirt reported the Department of Homeland Security wants to subpoena the site over the identity of a hyperbolic commenter.
"Unlimited power is apt to corrupt the minds of those who possess it"
-- William Pitt the Elder, 1770
Tech Dirt reported the Department of Homeland Security wants to subpoena the site over the identity of a hyperbolic commenter.
What a bunch of NAZIs!
I mean, here's some poor bastard who wants to talk about geometry, calculus and math, and those fucking NAZIs at the DHS want him?!
Talk about an anti-science society!
If she is "one of Tor's core software developers" and she thinks she alone could "undermine the Tor system -- and expose Tor users around the world to potential spying", what does that tell us about Tor.
Is she saying nobody checks code-submissions she makes?
What exactly is she saying here.
She should be heading to a country that doesn't have an extradition treaty with the US.
..there was a time when people would think it was ridiculous to fear that the US would "I was worried they'd ask me to do something that hurts innocent people -- and prevent me from telling people it's happening,"...Shows how far America has fallen...
A secure system isn't secure if a single developer can subvert it.
If they act like untrustworthy douchebags, then surprise surprise people don't trust them even when they're working on a legitimate investigation. Naturally because they insist on acting like untrustworthy douchebags, no one even has any idea if it is legitimate.
Well done, FBI, you're your own worst enemy.
SJW n. One who posts facts.
Hang them by the nuts until they are dead.
Nowhere to run baby and nowhere to hide.
But hanging all of congress and most of the justice department will take a while.
There are lots of places to run and escape the evil empire the US has become. Just like before 1989 Russian dissidents fled to the west, now western dissident flee to other countries.
Her first name is Isis. What are the chances?
Her reason for fleeing doesn't even make sense. The FBI doesn't need her to write compromising code, Tor is open source. If Tor is in a state where she's the linchpin for all code submissions, then that's a pretty gaping security problem with that software anyways. Furthermore, Tor has never really been as secure from law enforcement as its users like to think. There's only a handful of exit nodes, and law enforcement could do a lot by simply compromising one, code intact. .
I wouldn't be surprised if we find out later that she's running for very different reasons.
If it ain't broke, don't fix it.
How many thousands of people gave their lives in World War 2 so that we could have the freedom to escape the U.S. government and fleet to Germany? I'm surprised we haven't felt the earthquake from all the bodies rolling in their graves. :(
Yes, all those jews that fled from Germany in the 1930's were cowards too who had done nothing wrong.
I don't work on Tor specifically. In the important / well organized open source software I've been involved with, submissions are typically read by 1-3 other people, and there are unit tests and/or regression tests.
When I say the code is "read", I mean the same way you might read this post. You aren't looking at individual letters and words, you're reading sentences and paragraphs. You could easily overlook typos (but you might catch some typos too).
Often the unit tests aren't 100% thorough. Especially, they tend to cover the expected/correct case. If the code is supposed to send an MMS message, it is tested that entering a phone number and a message causes the message to be sent. often untested is what happens if instead of a phone number some injection code is entered. What happens if the message is millions of characters long? If the disk is full or the network is unavailable what happens?
> Is inserting code the only way someone on the inside can undermine TOR?
There are several other ways. In systems intended to be secure, flaws in the design create problems just like flaws in the implementation can. Someone could undermine Tor by suggesting a feature that seems useful and good.
Policy decisions matter for security - when you download the tor client, how do you know you're not getting a trojaned copy? That's based on how the Tor project operates, separate from any code submitted.
Somebody has the tor.org TLS key. If a sophisticated attacker had the tor.org key, they could impersonate tor.org and cause a target to download a trojaned copy of the tor client. Even if the target checked the hash of the download, they would probably get the hash from tor.org, which is really the attacker. If I thought about for more than 60 seconds, I could probably think of some more ideas.
People around here think the words "the land of the free and the home of the brave" signify some deeply held core American values, but they are really just lyrics to a song. The phrase first appeared in a poem written in 1814 by Francis Scott Key which was later set to a British tune called "To Anacreon in Heaven" and renamed "The Star-Spangled Banner" which as you know was eventually adopted as the national Anthem.
My point is that they are just song lyrics, and while pleasing and patriotic they are really no more meaningful or insightful as Frank Zappa's "Watch out where the huskies go, and don't you eat that yellow snow."
I'm not complaining, but why are we seeing this post now rather than sooner? Is the point of the post not necessarily her fleeing but more that the recent even of the subpoena lends some credibility to her fears that may have seemed paranoid before?
same thing as a judicial subpoena.
It's worse. You have no legal recourse. Once the FBI 'talks' to you, they can include a gag order and you can't discuss the particulars of the conversation with anyone. Just like an NSL.
Have gnu, will travel.
The FBI agents refused to deal with her lawyer, and intimated that they would pick her up off the street to interrogate her without a lawyer present.
https://www.techdirt.com/artic...
I don't think their actions are the actions of people who are operating within the rules of law. Their actions are the actions of people who are afraid of being caught violating the supreme law of the land.
Another fact that the CNN article didn't make clear : the developer was already in the process of moving to Germany.
If I have been able to see further than others, it is because I bought a pair of binoculars.
One a scale of 1(fictitiously idealized America) to 10(Trumps America) this makes me about a 3.5 or 4 in uneasiness. Not nearly enough to head for Canada but enough to maybe read up on them.
I think the concern here is more about a National Security Letter than say a court subpoena.
https://en.wikipedia.org/wiki/National_security_letter
And this person has posted an NSL canary
Sure, I can explain. TOR originally evolved out of research by the US Navy but is now developed as an open source projects by volunteers. It has occasionally been used for secure communication by US government organizations (see main TOR project page), though there is no evidence that they used it or use it on a large scale. It is not supported or endorsed by the NSA or CIA---at least not officially.
Here is a list of current and past sponsors:
List
is backed by gobernment money
Of course, definitely. The National Science Foundation has contributed at various times, as the above list says.
Last I checked they don't just hand out residency permits, and tourist visas for Americans expire after 90 days, at which point she has to leave Germany.
How did she do it?
This Sig does not Exist.
Actually, you can discuss with your lawyer. Perhaps carefully, but an NSL can be fought legally.
https://en.wikipedia.org/wiki/Lavabit
Just hang them in serial from the Burj Khalifa.
In serial??
Parallelization is where its at.
In the free world the media isn't government run; the government is media run.
These are the lies we tell the gullible so that they will die for our ideals. Put these in songs, prayers, oaths and repeat ad nauseam and you have an effective brainwashing technique. Works equally well for Capitalism, Islam, Christianity, Socialism, Marxism, etc. Repeat "Death to America" enough times and no one questions "why" -- in the same way that few in the U.S. question capitalism.
I forgot that songs and poems don't mean anything... We aren't talking about "Shake it off" here, the song may just be a song but it is written based on events and principles that are values that Americans used to believe in. To say that lyrics are meaningless devalues the whole art of music.
I don't think her actions are the actions of someone who conscientiously wants to avoid aiding the government in violating people's privacy. Her actions are the actions of someone who is afraid of being caught for doing something she knows she could get in trouble for. Her actions are the actions of a criminal.
Yes, something criminal like helping people hide their data from the US government.
In the free world the media isn't government run; the government is media run.
Yes, all those jews that fled from Germany in the 1930's were cowards too who had done nothing wrong.
And then those Jews who stayed in Italy and supported Mussolini. Things didn't work out too well for them actually.
In the free world the media isn't government run; the government is media run.
People around here think the words "the land of the free and the home of the brave" signify some deeply held core American values, but they are really just lyrics to a song.
People around here think the Constitution signifies some deeply held core American values, but its just words on a piece of parchment for the CIA to wipe its ass with.
That's not really the question. The question is whether this state is the best we should aim for. Laws, declarations and anthems, while just being words or sequences of glyphs and phonemes, are tools for projecting and promoting a vision for improvement and coexistence.
So you say that the American People have given up on ideals as anything meaningful. That's certainly a plausible view of the evidence.
or the FBI have already cracked the current version of Tor and want to spread some FUD around to slow down any updates and/or convince people that newer versions of Tor are unsafe and they should keep using the current version. Don't underestimate the level of douchebaggery you're dealing with here.
Support Right To Repair Legislation.
The problem is that, after she retained counsel, and her attorney called the FBI agent who'd left the business card, the FBI agent declared that the Bureau would not deal with her attorney, but would bypass him.
This is a BIG Bozo no-no in the Justice System. You do NOT "go around" someone's attorney.
This would be true even if the Martha Stewart case had not happened. After the Martha Stewart case, everyone should know that talking to the FBI *AT* *ALL* is a very bad idea. The ONLY thing you say to them is "Give me your business card and I'll ask my attorney to call you."
Agent Smith would like to have a word with you. In person.
Frank Zappa's "Watch out where the huskies go, and don't you eat that yellow snow."
I propose a change to the Canadian national anthem..
You are clearly a product of the American education system. They were NOT just words, but ideas on which this republic was based. Unfortunately, the worst generation of all time, the Boomers, have destroyed this nation. And NO I'm not a millennial.
People around here think the words "the land of the free and the home of the brave" signify some deeply held core American values
No, we think they're aspirational ideals, and as ideals they are meaningful to the degree that we actually try to achieve them.
And yet: "On Dec. 2, he called Agent Burnett and presented himself as Lovecruft's lawyer. Lovecruft told CNNMoney she had been willing to meet the FBI with her attorney present. But Rosenfeld was told by agents that they would circumvent him and approach Lovecruft directly. At the time, the FBI wouldn't say why it sought her. "
So good luck with that.
When you hauling in Hillary Clinton for questioning. Seems like you're dragging your feet on that investigation, sorry, security review.
But then we would be left with Hillary... :(
I am not sure she does not have balls. She has shown a set on occasion or two. Most when blatantly lying.
Germany has good privacy laws, and a real justice system.
As an EU member nation an extradition order could be appealed to the European Court of Human Rights.
Not that Germany will extradite her for no good reason. Particularly there is requirements as to the severity of the crime, etc.
These things are hard to prove, if you have no case. Also spy agencies aren't very popular in Germany.
Particularly not the US agencies, which have been caught spying on Germans; and it weren't that long ago CIA was murdering people in Germany.
After all, she doesn't need escape civilization, just the reach of secret courts, show trials and unconstitutional laws.
No, they are echoes of the ideas on which the nation was based. For a closer take of those ideas read the Declaration of Independence...which also has no legal force.
OTOH, it's worthwhile remembering that at the time the country was being set up, only about 1/3 of the population adhered to those ideals even to the extent of saying they agreed. In many areas the Tories were an absolute majority. And afterwards... Thomas Paine died in a French Jail and President Jefferson declined to write a letter asking for his pardon.
History isn't as simple as they make it sound in school books. And current events aren't as simple as they make them sound in newspapers.
All that said, the US president today has more effective control over the US citizenry than the British king did over British citizens in the 1700's. His legal control is less, but his effective control is greater. And even the "liberal" politicians are continually trying to increase it.
I think we've pushed this "anyone can grow up to be president" thing too far.
For those who don't get the joke. The Godess Isis of the Ancient Egyptian religion was "worshipped as the ideal mother and wife as well as the patroness of nature and magic. She was the friend of slaves, sinners, artisans and the downtrodden, but she also listened to the prayers of the wealthy, maidens, aristocrats and rulers."
Isis! Apophis! Osiris!
EEEE AAAA OOOO!
O Thou burning sword of passion, that art tempered on the anvil of flesh! I adore Thee, Evoe! I adore Thee, IAO!
O Thou slimy lust of the grave, that art tangled in the roots of the tree! I adore Thee, Evoe! I adore Thee, IAO!
and all the other 167 cries of adoration.
In the free world the media isn't government run; the government is media run.
Thank you for that excellent example of "Policy decisions matter for security - when you download the tor client, how do you know you're not getting a trojaned copy? " Many projects only publish a hash with which to verify that your copy is unaltered. The Tor project could have done the same. As you point out, that creates only the APPEARANCE of security, especially if TLS is already in use. By making a policy decision to use GPG signatures, Tor security was improved.
An established developer could well weigh in on such discussions either arguing that GPG/PGP improves security, or that it's a hassle that virtually nobody will actually use anyway. In that way, they can influence the security of the project apart from making any changes to the source code.
And I always thought it referenced the free Braves that the Americans wiped out to steal their land after revolting against their King for saying those free natives had rights to their land, fucking tyrant removing peoples right to remove peoples rights.
https://en.wikipedia.org/wiki/Inverted_totalitarianism
The US can make it a very big, royal PITA no matter what her status is in Germany.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
Don't forget that official policy against recording their interviews, and felony charges for 'making false statements' if they can manage to trip you up on something.
Her actions are the actions of someone who quite rationally fears 'just talking' to people who might return armed and bearing a warrant if rebuffed. In a world where the POTUS bombs wedding parties with flying robots and cracks jokes about it, if you aren't a criminal you aren't doing enough.
Things are turning to shit so fast in the greatest surveilance nation in the world.
What does the UK have to do with this?
Word is she was already planning a move, so it stands to reason that she already had a job lined up or at least a solid foundation upon which to build a new life.
You are parroting the nonsense cliché that arose from a journalist counting the number of cameras on a single street in London and then extrapolating that out for the entire country. It also didn't mention that the vast majority of cameras are in private hands, and that the data protection act is very strong and well enforced, and provides very strict control over what data can be collected (including video), disseminated, and kept.
So please stop. I know it sounds funny, and you might even think it's pretty edgy, but it's unfounded nonsense.
ChrisQ? Is that you?
Music has value?
News to me. I always wondered why people wasted time with it plugged into their ears like brain-sucking vampire.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
Not at all. Just an AC throwing FUD.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
>All that said, the US president today has more effective control over the US citizenry than the British king did over British citizens in the 1700's. His legal control is less, but his effective control is greater. And even the "liberal" politicians are continually trying to increase it. Indeed, the 'liberal' politicians seem to be trying to increase it faster than the 'conservative' politicians (who are NOT conservative).
And what does that have to do with the false hyperbole to which I was responding?