Slashdot Mirror

← Back to Stories (view on slashdot.org)

New 'Hardened' Tor Browser Protects Users From FBI Hacking (vice.com)

Posted by EditorDavid on from the communicating-anonymously dept.

An anonymous reader quotes an article from Motherboard: According to a new paper, security researchers are now working closely with the Tor Project to create a "hardened" version of the Tor Browser, implementing new anti-hacking techniques which could dramatically improve the anonymity of users and further frustrate the efforts of law enforcement...

"Our solution significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers," the researchers write in their paper, whose findings will be presented in July at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany.
The researchers say Tor is currently field-testing their solution for an upcoming "hardened" release, making it harder for agencies like the FBI to crack the browser's security, according to Motherboard. "[W]hile that defensive advantage may not last for too long, it shows that some in the academic research community are still intent on patching the holes that their peers are helping government hackers exploit."

103 comments

  1. Government vs. Government by mi · · Score: 4, Insightful

    it shows that some in the academic research community are still intent on patching the holes that their peers are helping government hackers exploit.

    So, to recap, the government-paid researchers are fighting the efforts of government-paid hackers to make the tool, that the government paid to create as a secure one, less so.

    Whichever side wins, we, the taxpayers lose...

    --
    In Soviet Washington the swamp drains you.
    1. Re: Government vs. Government by Anonymous Coward · · Score: 0, Troll

      Pull your head out of your ass, you reactionary pig. A win for privacy is a win for taxpayers.

    2. Re: Government vs. Government by Anonymous Coward · · Score: 0, Informative

      Since you're going AC I'll go AC too. I just wanted you to know that you're a fucking inbred donkey cunt. Have a nice day :)

    3. Re:Government vs. Government by Sarten-X · · Score: 4, Interesting

      Yeah, that pretty much sums it up.

      Why, is that a problem?

      See, these government guys are different from those government guys, who have an entirely different agenda from that government branch, because it's really coming from the authority of this government office, rather than that government office, and has an entirely different chain of command with entirely different officials from an entirely different Congressional committee.

      Nobody wakes up in the morning and says "Today, I'm going to oppress my fellow citizens and make their lives worse!". Instead, all the government employees work toward the common goal of "advance America's interests", according to their specific areas of expertise. One group says build a thing because it helps America, and another group says to break it because it helps America's enemies.

      Apart from paranoia, there is no reason to believe that either side isn't doing their best. If you trust that the Tor researchers (stemming from DARPA and the U.S. Navy) could possibly create a secure network, and trust that the Tor project could possibly create a secure browser, then you can trust that this browser is secure. That the government who funded it is now also trying to break it has little effect on how trustworthy the software itself actually is.

      --
      You do not have a moral or legal right to do absolutely anything you want.
    4. Re: Government vs. Government by Anonymous Coward · · Score: 0, Insightful

      Wey hey! since everyone's doing it... Shut up you donkey-raping shit eating mung filled muff cabbage.

    5. Re:Government vs. Government by Ziest · · Score: 3, Interesting

      Bullshit.

      See COINTELPRO - https://en.wikipedia.org/wiki/...

      --
      Another day closer to redwood heaven
    6. Re: Government vs. Government by Anonymous Coward · · Score: 1, Interesting

      Man, Slashdot has gone downhill ever since the GNAA freed Natalie Portman from her petrification in grits.

      Fucking Lunix losers.

    7. Re:Government vs. Government by Sarten-X · · Score: 2

      I'm quite familiar with the subject... but did you have a point to make, or did you think that merely mentioning a mistake relieves you of the duty to make an argument?

      --
      You do not have a moral or legal right to do absolutely anything you want.
    8. Re:Government vs. Government by ourlovecanlastforeve · · Score: 1

      Yes odd that they would specifically mention the FBI with no prompting.

    9. Re: Government vs. Government by Anonymous Coward · · Score: 0

      It's Linux nutcases, you insensitive clod!

    10. Re:Government vs. Government by Anonymous Coward · · Score: 0

      project monarch is really an interesting one.

      there are a lot of "projects" you can find on wikipedia for one.

      the old "honeypot" is still a good tool.

    11. Re: Government vs. Government by Impy+the+Impiuos+Imp · · Score: 2

      Wey hey! since everyone's doing it... Shut up you donkey-raping shit eating mung filled muff cabbage.

      I'm pretty sure you can watch that porn without needing TOR.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    12. Re: Government vs. Government by Anonymous Coward · · Score: 1

      I blame systemd.

    13. Re:Government vs. Government by Anonymous Coward · · Score: 1

      I think his comment was an answer to your comment

      Nobody wakes up in the morning and says "Today, I'm going to oppress my fellow citizens and make their lives worse!".

      It's pretty clear that the COINTELPRO people were making the lives of quite a number of US citizens, specifcally those with black skin, worse.

    14. Re:Government vs. Government by Anonymous Coward · · Score: 1

      Today, I'm going to oppress my fellow citizens ...

      They say "I'm going to oppress those foreigners because it helps America." Then it becomes "I'm going to oppress my fellow citizens because it helps America." The contradiction in that statement is lost on them. If they understood it they wouldn't break laws, which happened in the war on terror, mass surveillance programs and CoIntelPro.

      ... government employees work toward the common goal ...

      We'll skip over the politicking and pork-barreling that occurs in government; while relevant, it's a different issue. Having a "common goal" isn't the problem. The problem is when officials join forces to declare their problem is YOU. The 'us versus them' paradigm seems to be happening more: Just look at how many policies try to punish the poor.

    15. Re:Government vs. Government by Salgak1 · · Score: 2

      **ALL** government guys are subject to Pournelle's Iron Law of Bureaucracy. So, no matter WHAT the aim of the researchers, either they or their research will eventually be co-opted to serve the needs of the particular bureaucracy, and not that of the citizens it was created to serve. . .

    16. Re: Government vs. Government by Kjella · · Score: 1

      Wey hey! since everyone's doing it... Shut up you donkey-raping shit eating mung filled muff cabbage.

      I'm pretty sure you can watch that porn without needing TOR.

      Depends on jurisdiction, here in Norway I think bestiality porn is illegal. Then again, so is cartoons and 18+ yos pretending to be underage.

      --
      Live today, because you never know what tomorrow brings
    17. Re: Government vs. Government by mi · · Score: 1

      A win for privacy is a win for taxpayers.

      So, you are saying, your taxes only pay for one side of this fight, right?

      --
      In Soviet Washington the swamp drains you.
    18. Re: Government vs. Government by Samizdata · · Score: 1

      Sadly, no. I checked.

      --
      It's not the years, honey, it's the mileage. - Colonel Henry Walton Jones, Jr., Ph.D.
  2. Re: Better idea by Anonymous Coward · · Score: 1, Insightful

    Generalizing, if you haven't done anything wrong then you have no need to fear constant surveillance.

  3. Penn State.... by Anonymous Coward · · Score: 0

    Protected a child rapist for over forty years so the public obviously sides with the racists.

    1. Re: Penn State.... by Anonymous Coward · · Score: 0

      Just because Paterno protected a child rapist for decades, doesn't mean that he was one.

    2. Re: Penn State.... by Anonymous Coward · · Score: 0

      He was protecting a friend for four decades. That doesn't mean he supported rape.

    3. Re: Penn State.... by Anonymous Coward · · Score: 0

      So you don't think it was wrong to support a child rapist for four decades?

    4. Re: Penn State.... by Anonymous Coward · · Score: 0

      Penn State is pure evil. Enabling a child rapist for over forty years is just evil.

    5. Re: Penn State.... by Anonymous Coward · · Score: 0

      I can understand why he wanted to protect his child raping friend. I don't understand why the rest of the Penn State fans supported child rape.

    6. Re: Penn State.... by Anonymous Coward · · Score: 0

      Why would Patreno protect a child rapist unless he sympathized with one?

    7. Re: Penn State.... by Anonymous Coward · · Score: 0

      Why would someone ever protect a child rapist unless the sympathized with oth them?

    8. Re: Penn State.... by Anonymous Coward · · Score: 0

      Penn State is pure evil.

      Like Hitler? Or are we talking Clintonian or Trumpesque evil? Or maybe violating the GPL evil, hey?

      Keep religious nonsense - which is entirely what 'evil' is - out of the justice system.

    9. Re: Penn State.... by Anonymous Coward · · Score: 0

      He may have supported child rape for four decades, but the evidence proves Paterno only supported child rape for a decade.

  4. full employment by turkeydance · · Score: 3, Insightful

    for both sides. enjoy

  5. Billion-dollar holes... by SeattleLawGuy · · Score: 5, Interesting

    it shows that some in the academic research community are still intent on patching the holes that their peers are helping government hackers exploit.

    So, to recap, the government-paid researchers are fighting the efforts of government-paid hackers to make the tool, that the government paid to create as a secure one, less so.

    Whichever side wins, we, the taxpayers lose...

    You have multiple countries with teams of very smart people working to crack everything crackable that protects privacy--because what allows private communication necessarily allows evasion of monitoring.

    Of course, there are a lot of kinds of monitoring. Most obvious categories include:

    1. Good purposes (attacking and/or defending against terrorists/child pornographers/organized crime/repressive regimes; tracking and blocking malware and other electronic attacks; etc...).
    2. Middle-ground purposes (arguably ends-justify-the-means-behavior like violating some civil liberties while hunting white-collar criminals, child support nonpayment grey market income, doing propaganda against people in group #1).
    3. Bad purposes (hunting political opposition, tracking and classifying people based on their political opinions or other things that should be prevented by freedom of speech, finding dirt for blackmail, gathering evidence of and prosecuting someone for common civil ordinance violations and petty crimes in a way which chills and stifles free speech and gives the monitoring agency unfettered power, etc...)

    --
    Real lawyers write in C++
    1. Re:Billion-dollar holes... by Impy+the+Impiuos+Imp · · Score: 1

      So the US government claims reason 1 to crack it, while most of the US constitution is oriented around preventing #3, and, having cracked stuff, so, too, do China and Russia. Thus does simple crime detection here enable a steel toe boot to be pressed on the necks of billions, forever.

      Yay.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    2. Re:Billion-dollar holes... by axewolf · · Score: 5, Insightful

      GOOD
      BAD
      Does it ever get tiring cramming reality down to 0s and 1s?

      Your simplistic morality is an intellectual torture device.

      ALL MONITORING IS AGAINST YOUR INTEREST
      Fight for your interest. Stop apologizing for societal problems caused by other people by sacrificing your rights. The solution to "terrorism", child porn, etc etc etc is not more crime that is just as a grave of an offense against natural law.

      What you have is a government that assumes you will never amount to shit, and that you SHOULD never amount to shit, so you don't deserve any rights and should be forced to help in any way with whoever's interest the government happens to be serving that day. What if that person's interests directly compete with yours? The fact is that this is ALWAYS the case.

      It's always for the little man to bear the burden of morality. Doesn't that clue you in to the nature of it?

  6. Bull-fucking-shit. by Anonymous Coward · · Score: 0

    An anonymous reader quotes an article from Motherboard:
    According to a new paper, security researchers are now working closely with the Tor Project to create a "hardened" version of the Tor Browser, implementing new anti-hacking techniques which could dramatically improve the anonymity of users and further frustrate the efforts of law enforcement...

    "Our solution significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers," the researchers write in their paper, whose findings will be presented in July at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany.

    The researchers say Tor is currently field-testing their solution for an upcoming "hardened" release, making it harder for agencies like the FBI to crack the browser's security, according to Motherboard. "[W]hile that defensive advantage may not last for too long, it shows that some in the academic research community are still intent on patching the holes that their peers are helping government hackers exploit."

    Every Tor after 1.4.1 is compromised. This story is social engineering from a CIA PRESSURED EditorDavid.

    Tor is an encrypted network. Period. It is not designed to "frustrate law enforcement" you son of a bitching fucking pricks. Don't bullshit the public with pseudo-technical jargon either. "improves ASLR techniques". It is way more complex than that. You use Firefox as an example? They have blocked time zone spoofing as of 45.0. That is not a feature either. The FBI are lying fucking spies do not trust a word they say ever. The FBI have had Tor exploits for a long fucking time if you use anything default. The FBI set up honeypots and literally distribute child porn as well as sell drugs and kill innocent people and each other. You just don't hear about it enough.

    eg. http://thenextweb.com/insider/2016/01/28/how-the-fbi-became-the-worlds-largest-distributor-of-child-sex-abuse-imagery/

    You can encrypt if you know what you are doing. They are attempting to make it illegal to say anything anywhere at any time that they can't find out. They are fucking faggots.

    Anything you need to encrypt for anything important get Tails 1.4.1 at the following URL's. It has been taken down from most mainstream repositories on purpose.

    kat.cr/tails-1-4-1-i386-iso-multilang-tntvillage-t10922671.html
    lsuzvpko6w6hzpnn.onion/tails-1-4-1-i386-iso-multilang-tntvillage-t10922671.html

    If you run it in a virtual machine and use the newer guest additions you will also be potentially exposed. That is all I will say here. Learn to encrypt. They don't want to know what you are saying for your safety. Tails 1.4.1 is what Ed Snowden used.

    1. Re: Bull-fucking-shit. by Anonymous Coward · · Score: 3, Informative

      The article never stated that Tor (or the hardened branch of the Tor Browser) was designed to frustrate law enforcement. Only that it could, which is a true statement. It's simply an unintentional though welcome side-effect.

    2. Re:Bull-fucking-shit. by AlphaBro · · Score: 2

      Wait a second, you're suggesting people use an unpatched and out of date browser to protect themselves? Good luck with that.

    3. Re:Bull-fucking-shit. by gweihir · · Score: 1

      That idiot is obviously a government propaganda shill, of course he would recommend things that are dangerous.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    4. Re:Bull-fucking-shit. by Anonymous Coward · · Score: 0

      Sure and update to patched up Windows 10 dickhead. All the security just for you.

      Pull your head out of your ass. Update to spyware for FREE!!!1

    5. Re: Bull-fucking-shit. by Anonymous Coward · · Score: 1

      An anonymous reader quotes an article from Motherboard:
      According to a new paper, security researchers are now working closely with the Tor Project to create a "hardened" version of the Tor Browser, implementing new anti-hacking techniques which could dramatically improve the anonymity of users and further frustrate the efforts of law enforcement...

      The topic of law enforcement was brought up obviously to mislead. Encrypted data transmission happens even when you see https:// in your browser like you do right now. What Tor does is encrypts everything so Google can't database your surfing habits and correlate it with Facebook and other corporations .. and GOVERNMENTS. If they don't read what you say their lives go on just fine. If they are scared of fucking terrorists maybe they should fire THE SPOOKS.

    6. Re: Bull-fucking-shit. by Impy+the+Impiuos+Imp · · Score: 3, Informative

      Isn't it useless on Windows 10, where Microsoft monitors everything you type and every site you go to? The govt. probably doesn't even need a warrant because you "have no expectation of privacy" on your data in Microsoft's databases. Thus do they have warrantless access to your privacy because of some fine print on page 287 of your Windows click-through license agreement.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    7. Re:Bull-fucking-shit. by ArchieBunker · · Score: 1

      Unpatched and out of date has nothing to do with how secure it is.

      --
      Only the State obtains its revenue by coercion. - Murray Rothbard
    8. Re:Bull-fucking-shit. by gweihir · · Score: 2

      For Tor? It has and very much so. When the FBI quite criminally (for most non-US citizen affected) mass-hacked Freedom Hosting (and they hacked everybody they could, quite a few users of entirely legal services among them), nobody that had updated their Tor Browser when prompted was affected. It was just people that used the old one for two weeks or so longer than they should have. And here is the kicker: Tor Browser releases have change notes and these state what was patched. And there is the patched source, and you can see what was fixed. And that is exactly how low-cost vulnerability-finding works.

      So yes, unpatched is pretty central to how secure it is. Requires some minimal understanding on how things work in the real world to see that though.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    9. Re:Bull-fucking-shit. by Anonymous Coward · · Score: 0

      ... on a costa rican honeypot.

    10. Re:Bull-fucking-shit. by Anonymous Coward · · Score: 0

      Cool story grandpa, could have used a vampire

  7. Re:So we're supposed to be happy that child... by _KiTA_ · · Score: 2

    pornographers have a larger audience?

    "Won't someone think of the children?"

  8. does this really help by Anonymous Coward · · Score: 0

    if there is a second cpu in your pc that can spy on your pc, read anything, has its own ip stack...

    1. Re:does this really help by Anonymous Coward · · Score: 0

      if there is a second cpu in your pc that can spy on your pc, read anything, has its own ip stack...

      No, but it's entertaining.

    2. Re: does this really help by Anonymous Coward · · Score: 1

      It does if you use two devices, one offline for content creation and encryption, Then send the encrypted data to the other which is connected to the internet

    3. Re: does this really help by NotInHere · · Score: 2

      If your computer is completely untrusted then there are ways it still can communicate over an air gap with another untrusted computer.

      For example, if you use usb sticks to share data, they could obiously store different stuff as well on the USB stick.

    4. Re: does this really help by Anonymous Coward · · Score: 0

      "If your computer is completely untrusted then there are ways it still can communicate over an air gap with another untrusted computer."

      like using radio with or without a cell phone nearby.

    5. Re:does this really help by EmperorArthur · · Score: 2

      Believe it or not, Yes! It's a feature no less. https://en.wikipedia.org/wiki/...

      Not that I believe it's really being used in that way, but it's possible. The thing is, many of us don't have a problem with targeted surveillance, if you have a nice court approved warrant beforehand for an individual I don't even have a problem with surveillance of US citizens. This sort of tech isn't really useful for bulk surveillance, which is what many people have a problem with.

      --
      So lets pretend that we've just completed writing this code, as opposed to having just completed sabotaging it -Altera
  9. Re:Better idea by gweihir · · Score: 5, Insightful

    Which law? There are a bout 150 different versions and the FBI will hack anybody (which is criminal in almost all countries for them to do). So, you are right, if the FBI stopped breaking the law, this problem would go away.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  10. Protects against hacking by zedaroca · · Score: 5, Insightful

    The new version will protect against hacking, not from FBI hacking. The research with the hack the FBI used was published, so other people could use the same method. So basically this update protects people from a known vulnerability. This kind of reporting does more harm than inform, as it gives the impression that the main purpose of TOR is to commit crimes.

    1. Re:Protects against hacking by NotInHere · · Score: 4, Interesting

      Well yeah I agree with you that the impression that TOR is mainly used to commit crimes is bad, but the paper has mentioned the FBI hacking in its introduction.

      The technique they use is in fact per-function ASLR, and probably the places it can be used are as vast as for ASLR. Its not just limited to TBB or Firefox.

      It'll surely severely limit the ability of doing ROP (return oriented programming), a very popular exploit technique.

    2. Re:Protects against hacking by jbmartin6 · · Score: 1

      yes. And to the majority of the world, the FBI is not the primary threat.

      --
      This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    3. Re:Protects against hacking by Anonymous Coward · · Score: 0

      Committing crimes such as "resisting surveillance", "trading recreational drugs", "evading taxes", and "sharing images some find sexually arousing".

      At what point to people start to realise that the laws are the problem. TOR is simply a partial solution to the problem of living under an authoritarian regime.

    4. Re:Protects against hacking by gweihir · · Score: 2

      The thing people fail to understand is that you can always do thought-crime securely when you have secure anonymity. It is in the very definition of anonymity. And this whole thing is a trade-off, but the modern enlightened stance is that freedom is more important than suppression of though-crime and hence anonymity that works is hugely desirable.

      Crimes with a physical component are different. For example, selling counterfeit objects (passports, ...) via a Tor hidden service still requires physical shipping, and that is where you can get them, even with Tor being perfectly secure. It does take a bit of traditional police-work though, and that is slow and tedious and law enforcement in many places has apparently gotten fat and lazy.
       

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  11. The question was settled in the 1970s. Just don't by jd · · Score: 2

    Why must you record my phone calls?
    Are you planning a bootleg LP?
    Said you've been threatened by gangsters
    Now it's you that's threatening me
    Can't fight corruption with con tricks
    They use the law to commit crime
    And I dread, dread to think what the future will bring
    When we're living in gangster time

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  12. GitHub link by campuscodi · · Score: 2

    https://github.com/immunant/se...

    1. Re:GitHub link by NotInHere · · Score: 2

      Wow that image reminds me of that infamous microsoft defragmentation tool. I remember watching it moving around stripes of stuff.

  13. Re:Better idea by epyT-R · · Score: 2

    Why can't they just stop passing unreasonable laws? Then they wouldn't have to surveil everyone.

  14. aslr by Anonymous Coward · · Score: 0

    Isn't aslr provided by the kernel, so everything gets aslr regardless, unless you add -fno-protect-stack?

  15. Re:Better idea by CaptainDork · · Score: 2

    What about those of us who are communicating with oppressed people?

    --
    It little behooves the best of us to comment on the rest of us.
  16. Re:Better idea by CaptainDork · · Score: 1

    This, and what probable cause?

    --
    It little behooves the best of us to comment on the rest of us.
  17. Re: Better idea by Z80a · · Score: 1, Flamebait

    And what the "wrong" thing you did was to denounce some human right violations of your current government or a corruption case?

  18. Re: Better idea by davester666 · · Score: 1

    Well, in those specific cases, you deserve the death penalty. duh.

    --
    Sleep your way to a whiter smile...date a dentist!
  19. Let the FBI develop Tor, maybe NSA, too! by Anonymous Coward · · Score: 0

    why not? and why not make it proprietary, too?

  20. Re:Protects against hacking - Feminist by Anonymous Coward · · Score: 0

    Why are you quoting a book of fairy tales to justify your actions and/or train of thought ?
    And I am using thought here in the most liberal way imagineable...

  21. Re: Better idea by Anonymous Coward · · Score: 0

    The first person to use that saying was Adolf Hitler. Just for the record...

  22. Re: Protects against hacking - Feminist by nehumanuscrede · · Score: 1, Insightful

    Probably because the World's Leadership are all devout believers in such things.

    Which explains why the World is in such piss poor condition.

    I sometimes wonder where we would be as a species if not for the religious speed bumps we've had to deal with theoughout history.

  23. Re: This only helps terrorists and criminals by nehumanuscrede · · Score: 4, Insightful

    Bad news.

    In this day and age, " The Government " IS the threat.

    We the people aren't sending drones over to kill folks.

    We're not spearheading the "War on Drugs".

    We're not doing regime changes, implementing no fly lists, spying on anyone and everything and doing our damdest to undo The Constitution.

    We don't lock people up in a prison with no means to even challenge their accusers. Nor do we outsource torture to get around local laws.

    We're not trying to force our will on any other people or governments.

    The Government, on the other hand, is guilty of every single statement above and a whole lot more I don't need to type. Not to mention the crap we don't even know about

    So, yeah, if there is anything to be wary of, it's the Government

  24. Re:The question was settled in the 1970s. Just don by Anonymous Coward · · Score: 0

    The revolution will not be televised. -PCP

  25. Re: Better idea by Nunya666 · · Score: 4, Insightful

    Generalizing, if you haven't done anything wrong then you have no need to fear constant surveillance.

    Just being accused of doing something wrong can be enough to fuck up your life forever. You could be stuck in jail until your court date, and then go bankrupt because of the attorney's fees.

  26. How about what is needed more... by Lumpy · · Score: 3, Insightful

    A hardened Android based on the raw android that protects you from being backdoored and tried to identify and alert you to the fake cellphone towers when you connect to one.

    Then let's get a nice hardened Linux as well that actively fights attacks and tried to hide.

    THEN we have a place for this browser to live.

    --
    Do not look at laser with remaining good eye.
    1. Re:How about what is needed more... by LichtSpektren · · Score: 2

      I'm not exactly sure how you can specifically protect against a backdoor besides auditing the code, but in regards to Stingray detection, I believe that's still in the research stage.

    2. Re:How about what is needed more... by Lumpy · · Score: 3, Interesting

      That is actually very simple. Runtime is 100% read only except for user area for data and nothing can be executed from there. impossible to backdoor.

      Updates must be out of band and done after a power cycle and booting into a "admin mode" that has no connectivity. If the installer shows it's clean and unmolested, allow it to run. It will severely limit the ability to be backdoored in any way if it requires a physical ower down and reboot into a protected mode for installs and updates.

      --
      Do not look at laser with remaining good eye.
  27. Re:Protects against hacking - Feminist by Anonymous Coward · · Score: 0

    These only apply to Jews since Christians and Muslims have later works which override the old covenant to which you refer.

  28. Re: Better idea by bill.pier · · Score: 1

    Your comment is extraordinarily naive. For starters, read "Nineteen Eighty-Four" by George Orwell.

  29. Re: This only helps terrorists and criminals by Anonymous Coward · · Score: 0

    Exactly. I hope more people come to this realisation and start to lose sleep at night when they don't actively try to evade tax. People that willingly fund the criminal organisation called the US Government are doing far more damage in the world than those that might use TOR to buy child porn or heroine.

    Seriously. Fuck the government-cheering Americans. They deserve no more than the fates of the millions they have killed around the world in recent decades.

  30. Trust? by joe_frisch · · Score: 2

    How does a non-expert know whether this really is secure or has a NSA / FBI / Chinese etc back door. The government can easily afford to pay people to post on public forums like this claiming that any particular software is or is not secure.

    Open source doesn't really help since very few people are expert enough (or have time) to review the code, and its impossible to tell if other "experts" are paid to spread misinformation.

    1. Re:Trust? by WOOFYGOOFY · · Score: 1

      This a million times.

      Consider for example, systemD.

      OK now tell me when you're done considering it.

  31. Re: Better idea by Anonymous Coward · · Score: 0

    Shut the fuck up, asshole. We'll see how much you like 'surveilling' me when I'm punching you in the face repeatedly, until it looks like bloody hamburger, or shoving your gods-be-damned cameras so far up your ass you can taste metal. People have a basic human RIGHT to not be treated like animals in a zoo, or convicts in a prison, monitored constantly. Get the fuck out of my ass, you fucking piece-of-shit NSA/FBI/CIA assholes. I'd much rather put up with the odd terrorist dickhead or mental deficient with a gun than have the gods-be-damned government all up in my business 24/7/365. Fuck that, fuck YOU, eat shit, and die.

  32. Re: Better idea by jwhyche · · Score: 0

    No, you should always fear constant surveillance because at some point everyone does something wrong. Even if they don't mean too.

    Some point you might be in a chat room and some crazy fuck shoots up a night club full of innocent people with a AR-15. You casually remark 'god damn '. Well now your guilty of a hate crime. Then you say we should line all those fuckers up against the wall and shoot them. Now you're guilty of plotting terrorism or some such BS.

    Point is if you are being constantly watched all the time, you will eventually do something wrong.

    --
    I read at +2. If your post doesn't reach that level I will not see or respond to it.
  33. Re:Protects against hacking - Feminist by Anonymous Coward · · Score: 0

    The new law for Christians, overriding the old covenant, has only one article: "Love one another".

    It's pretty Unixy: "Make just one thing and make it well".

  34. Re: Better idea by Zaowulf · · Score: 1

    Wow, we almost made it 12 hours after submission before somebody Godwinned the thread. That's got to be a record.

  35. Everyone who still trusts Tor raise your hand by WOOFYGOOFY · · Score: 2

    Bueller...
    Bueller...

    That's what I thought.

    1. Re:Everyone who still trusts Tor raise your hand by Anonymous Coward · · Score: 0

      I do and it is very useful for me. I know, because the gov fags (here in Western Europe they are !) visited me more than once based on their snooping.

  36. Re: Better idea by WOOFYGOOFY · · Score: 1

    It's more subtle and pervasive than that. We have a twit of a girl who thinks it's OK to report people shoplifting who merelyv rub her the wrong way.. she think's they're "sketchy". The only thing stopping those names and faces from being added to a list is we can rewind and see the person didn't do anything. Management won't fire her because people like her and she does her job well, plus she's pretty. But she has somehow learned that it' s OK to leverage security against people who "creep you out".

    I can imagine other places aren't as circumspect. Any or all of our names and faces could be now or in the future added to a wide variety of "suspect" lists which companies trade between themselves. Being a nominee to such a list can serverly impact your ability to get a retail or really any other job.

    So it's worse than you think.

  37. Really ? by Anonymous Coward · · Score: 0

    The commies tried to be superprogressive and super-just. All they created was a system that in the end could not even make enough food for the soviets and the Chinese.

    Also, their SPARTAN behaviour resulted in Millions killed. They were Hitler's teacher. They exterminated the Romanov family, because it was expedient.

    In other words, shove your "progress" up your ass.

  38. Yeah, Unix by Anonymous Coward · · Score: 0

    Made by one USG branch (ATT) to be exploited by another USG branch (NSA).

    (Windows is equally bad)

    Putin hit the nail: "internet was made by CIA for CIA". He just gets the TLA names wrong.

  39. Re:Better idea by Samizdata · · Score: 1

    Why can't they just stop passing unreasonable laws? Then they wouldn't have to surveil everyone.

    Because terrorists will kill our children!

    --
    It's not the years, honey, it's the mileage. - Colonel Henry Walton Jones, Jr., Ph.D.
  40. Re:Better idea by Samizdata · · Score: 1

    What about those of us who are communicating with oppressed people?

    Don't. You are only aiding and abetting terrorism!

    --
    It's not the years, honey, it's the mileage. - Colonel Henry Walton Jones, Jr., Ph.D.
  41. Re:Better idea by CaptainDork · · Score: 1

    I said, "oppressed," not depressed.

    --
    It little behooves the best of us to comment on the rest of us.
  42. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  43. Re:Better idea by Samizdata · · Score: 1

    Of course, I was kidding. Maybe Freenet then?

    --
    It's not the years, honey, it's the mileage. - Colonel Henry Walton Jones, Jr., Ph.D.