Employers Against Domestic Violence and Technology Panel

I was invited by Employers Against Domestic Violence to give a talk about technology and stalking as part of a larger panel.

On Friday the 16th, I presented Tor and our work with victims of abuse and stalking to around 50 people. Most of my full presentation covered the basics of Tor, a demo of Tails Live System, and then some user stories. Most of the people in the audience were already DV advocates and aware of the way technology is used to harm or manipulate others. The user stories have come from a number of places, between phone calls, email support, and actually being out in the world talking to survivors or advocates who want to help.

I co-presented with Sarah from Abine and Valenda from Greater Boston Legal Services. All three of our presentations can be found on Tor's people server.

Afterwards, a number of people came up to me to ask about getting Tails or Tor Browser, or to simply introduce themselves. I met a cyber-stalking survivor I've only helped via email and phone over the past year or so. I look forward to doing more of these types of events locally.

Tor seems to be blocked completely in China. I can not establieh any circle,even use anonymous proxy.

That's great...you're great...Tor's great. Really, that's very, very cool. Awesome!

WHY is there this message in the message log of the Vidalia Control Panel: "Tor vXXXXXX. This is experimental software. Do not rely on it for strong anonimity."

I thought TOR was recommending whistleblowers, activists, media, bussinesses and Military & Law Enforcement to use Tor. I also thought Tor was the strongest anonymity software available so far.

Why that message above? To mess with peoples heads?

Although TOR´s relaying algorithm is quite strong, this strength is only being transformed into actual security using the same technology as in online banking, which at some degree is vulnerable to state agencies. Once a regime can get between you and TOR´s relaying algorithm, it can hurt you with a so-called "brute force attack" just like it can do to any online banking customer.

As of typing these words, the most vulnerable point for "brute force attack" is TOR´s reliance on market-leading commercial webmail sites for robot exclusion in the bridge IP number handout procedure. Any state agency able to grab data from these corporations and any foreign counterpart of it which might be able to do such an agency some favour could obtain target coordinates for brute force attack out of this.

Erm. As for your first paragraph, I don't want to claim that Tor is bulletproof, but I think you misunderstand what are the best attacks against Tor. Brute-forcing the link encryption probably isn't one of them currently.

As for brute forcing the set of bridge addresses we give out over gmail, yes, this is a valid way to learn those bridge addresses. Good thing it's not the only way we give out bridge addresses. Also, the "bridge distribution strategy" question is important, but is probably not the same as "Tor's security".

Just a head's up: It seems Bluehost out of Provo, Utah is blocking Tor universally, as I have not been able to access noted civil libertarian Marcy Wheeler's blog, (emptywheel) nor the CEO of Bluehosting's blog as well.

Tor' IP's are blacklisted.

SB

Syndicate content Syndicate content