Trip report, German Foreign Office

In September, Karen and I attended a conference at the German Foreign Office to help
them decide what role Germany and the EU should have at regulating the sale of censorship and surveillance tools to dictators:
http://internethumanrights.org/ihrberlin2012/

Highlights:

  • I liked Eric King (from Privacy International)'s suggestion that when companies are submitting their tools for export evaluation, they should be required to submit their brochures too. Some of these companies are just shameless in terms of how they pitch their tool in terms of number of bloggers you can round up per unit time. He convinced me that controlling "the worst of the worst" in terms of how they can present their product will influence how these products spread.
  • That said, these were all (foreign) policy experts, not technologists. They all seemed to take it for granted that you could draw a line between "bad" products and acceptable / dual-use products. I tried to hold back from saying "every time you people try to come up with legal phrasings about what technologies are ok, you end up putting tools like mine on the wrong side of the line." In retrospect, I should have said it more loudly.
  • They were really proud to have Tor representatives there. Having us there let them show the world that they had "real technologists" at their meeting. There were several cases where the whole breakout session turned to me and wanted to know what Tor thought about the given question.
  • I met a nice man who worked for a telco/DPI company that deploys its products in the Middle East. He raised a compelling argument: "Look, you folks are the ones that mandated backdoors in the telco equipment we produce, using the term 'lawful intercept'. And now you're surprised and upset when bad people use these same backdoors? You made us build it that way!" It certainly is easier for officials in countries like Germany to think of the world as divided between "good" places and "bad" places, but it sure isn't that simple.

Its a shame that our German politicians/officials only think that way, because it is in fact easier. But the whole fkn world is like that. Its sad

submit their brochures
with huge penalty to vendor if later found to have submitted fake brochures. To verify, enforcement agency could create sting organizations, pretending to be customer.

'mandated backdoors in the telco equipment we produce, using the term 'lawful intercept'. And now you're surprised and upset when bad people use these same backdoors?'
How many of the same vendor companies lobbied against export controls? The bad guys are willing to spend money. Their suppliers (the vendors) will then spend (invest) some of the received money to lobby their home government.

Dear arma, I have 1 question, I keep connecting everytime I use tor to the same entry nodes at home in holland but if I am outside my home, then tor connects to an other 1st node. only at home i keep connecting to :
Finisterre (Online)
Location: Germany
IP Address: 88.198.100.232

Evey (Online)
Location: Germany
IP Address: 87.106.249.118
in the past I had the whole time the same exit nodes, but that seems resolved.

What can i do about the entry nodes? I know i can setup a bridge node is that the only solution? All this make me suspecious, the isp or someone else viewing my connection to the 1st entry node, or they doesnt, but then decrypt the connection.

Can u check the 2 ip's?

This protects you from eventually creating a circuit where the entry and exit collude to de-anonymize you. This is how it is supposed to work.1

[Warning] Warning from libevent: evsig_init: socketpair: Software caused connection abort [WSAECONNABORTED ]

can u tell me what this means??

"keep connecting everytime I use tor to the same entry nodes at home in holland but if I am outside my home, then tor connects to an other 1st node."

Don't know your specific technical situation.
Tor set 3 EntryGuards in torcc file.
Could be problematic for connections like NL->NL->NL.
Or EU->USA->EU (-:

If you use Tails(live Linux) you haven't a static EntryGuard entry.
Problematic, too.

Syndicate content Syndicate content