Italian Anti-Corruption Authority (ANAC) Adopts Onion Services

by steph | February 13, 2018

 

Millions of people use Tor every day to evade surveillance and censorship. Tor’s security and privacy protections enable activists to mobilize, journalists to report, and ordinary people to access blocked resources and avoid tracking. 

Whistleblowers, those brave individuals who report illicit activity, also depend on Tor to protect their identities when they come forward.

We've highlighted how onion services can be used to secure the web. Now, we're starting to see anonymity technologies become a legal requirement for public agency and corporate anti-corruption compliance, with the first well-known implementation by Xnet in the City Hall of Barcelona in Spain.

Many national laws (such as Italian Dlgs. 231/2001) require companies to adopt corporate governance structures and risk prevention systems, which can include allowing whistleblowing submissions. However, most whistleblowing laws only protect whistleblowers when their identity is disclosed, which can put the person reporting corruption at risk. 

In 2016, the International Standards Organization (ISO) released a new model for organizations setting up and operating anti-bribery management systems, ISO 37001:2016. To meet ISO standards, organizations or companies implementing anti-corruption procedures must allow anonymous reporting, as explicitly indicated in point 8.9 of section C of ISO 37001:2016.

Furthermore, national laws (such as recent Italian 179/2017) require the adoption of IT systems for whistleblowing, leading to the practical integration and use of Tor for its technological anonymity features.

To comply with these standards, the Italian Anti-Corruption Authority (ANAC), an administrative watchdog, just launched their national online whistleblowing platform using onion services, giving whistleblowers who come forward a secure way to report illegal activity while protecting their identities. Most anti-corruption whistleblowers first speak out anonymously, and only when they know that their concerns are being addressed do they disclose their identities, as reported by Transparency International Italy, an organization advocating uses of Tor in the fight against corruption since 2014.

ANAC software is based on a customized version of GlobaLeaks, a whistleblowing platform by the Hermes Center that integrates Tor natively. GlobaLeaks is expected to be redistributed to all Italian public agencies (~20.000 in total) to comply with Law 179/2017 and in line with the country’s recent strategic commitment to open-source software and the reuse of code.

Given that Tor is the world’s strongest internet anonymity tool, we expect to see usage of onion services for secure communication systems across all sectors continue to gain traction. 

Read more about ANAC’s whistleblowing platform (in Italian) here

If you want to use onion services for your organization, check our documentation and see if the Enterprise Onion Toolkit is a good fit.


The Tor Project is a 501(c)(3) nonprofit, and we depend on your help to build tools that protect privacy and resist repressive censorship and surveillance. Your donation can help us continue this critical work.

Comments

Please note that the comment area below has been archived.

February 13, 2018

Permalink

*take care of european union propaganda : they enslave since 50 years and tor (u.s presence) does not help against censorship or oppression.
Respecting the privacy (deleting or do not record personal information) does not mean anonymous contact or 'unknown identity'.
- The usa do a strong pressure for destroying the clean civil life and supporting criminal activities coming from elected persons since the end of the war.
- this platform is under the protection of which service ? civil or military ?

> or secure communication systems across all sectors : no, tor does not provide a secure channel (minimum low level cypher/onions unreliable/lost contact/platform not anonymous/)

This articles describes a police service running in the united states (gun/drug/abuse/terrorism) that it could be 'transferred' in italy : bad idea, the world has changed & the battle is finished , no need of tor or/and the usa.
nb : the laws in italia are not applied if you are owner/civil servant/elected/boss of an enterprise.
Most of the "outlaws" obey at them because they are living in the same world : that's the e.u. function.

> tor (u.s presence) does not help against censorship or oppression.

Tor is not perfect by any means, but hardworking people are trying to make it better all the time, and I think Tor is by no means useless against censorship/oppression.

> this platform is under the protection of which service ? civil or military ?

You mean Tor Project? Italy's ANAC? Internet Research Agency? I'm confused.

> This articles describes a police service running in the united states (gun/drug/abuse/terrorism) that it could be 'transferred' in italy : bad idea, the world has changed & the battle is finished , no need of tor or/and the usa.

The battle for... privacy? Has finished? So no need for Tor?

It seems that FBI Director Wray hasn't gotten the good word, if so.

No need for... USA? As long as you mean that USG should depart from this life, but not any US people, keep talking. But if you mean no need for the US people to continue to exist, I'd have to, you know, strenously object.

> The usa do a strong pressure for destroying the clean civil life and supporting criminal activities coming from elected persons since the end of the war.

Are you referring to the Novartis bribery scandal in Greece? But Novartis and Landis+Gyr are Swiss companies, yes? Wasn't the USG (during the Obama admin) at loggerheads with Swiss government over banking secrecy?

I am confused. Do you have evidence of CIA involvement in some recent corruption scandal in Italy which I haven't heard about? I for one would not be inclined to dismiss the possibility, if you have some evidence to support your claim.

Italian Anti-Corruption Authority (ANAC) Adopts Onion Services
why do you reply , do you not understand the article , do you know italy, e.u ?
it is the blog tor not a trash. ,

https://www.anticorruzione.it/portal/public/classic/AttivitaAutorita/At…

Ambitious project implying the help of the residents.

> and I think Tor is by no means useless against censorship/oppression.

yes it is open against censorship/oppression but the purpose of ANAC is making a map of the connections relying relatives/relation corruption then it is reported to the politic authority for debating at the Parliament of counter-measures which their careers & privileges.

censorship : they let you speak & write for finding first evidence against yourself for their own interest. Hypocrite ? No, biased : there is no social class, democracy in most european countries so nothing justify their revenues & their job except corruption. The italian govt & the judges decided that the new challenge should be mafia vs state without taking in account that people live with both.

oppression : you are first arrested & persecuted then without money,job,family you go back at home & realized that you was targeted after your e-mail/contact.

< and i think Tor is by no means useful for people who are concerned : rumors, fears, cupidity, revenge that is the personal goal make by rancor & jealousy.
It should be fine if the testimonies were filtered with a professional skill , without mixing complaisance & real case.

Italy's ANAC runs under an unknown protection : the past has yet proven that one cannot have confidence in a public or a secret service. I guess that the european union or a great country is behind the screen.

The battle for independence is finished and became an obsolete discussion since ~1970.
No need of Tor, US people & USG :
usa : european union said that the future is to go toward africa.
us people : bad reputation
usg : officially, the usa is a safe, health country where only 1% are handicapped.
tor : good initiative but it is not yet possible in e.u which is based on the capital (yours as individual) not on the merit, rights, action, civil involvement, morality, work.
Italy broke this system after prima linea affair and do need Tor & ANAC but who will profit it at the end of the game ? ... the victims ? the corruptors ? it is a vicious challenge.
Anac-Tor : so who will use it ? the wife of a judge ? for her divorce ?
By the way, there so many mic in the streets and shops, station, metro, airport that one does not need Tor for reporting a corruption case, saying loudly it is recorded & transmitted even at home or in a motel.
* 'banking secrecy' does not exist in switzerland, usa, e.u.

ANAC needs few years before to be fully operational and balance the justice.

@ ct:

If you wrote your comment in Italian and then used an "AI" autotranslator like Babelfish, it might be good to mention that in the first sentence. I am struggling to understand:

> the purpose of ANAC is making a map of the connections relying relatives/relation corruption then it is reported to the politic authority for debating at the Parliament of counter-measures which their careers & privileges.

I think you are saying ANAC attempts to map connections suggesting corruption or involvement in the Mafia or narcotics trade, and too often assumes that a familial relationship with a suspected "mafioso" is evidence of guilt. I think you are complaining that the Parliament is debating even more intrusive surveillance which can unfairly curtail careers.

> oppression : you are first arrested & persecuted then without money,job,family you go back at home & realized that you was targeted after your e-mail/contact.

Be assured that we don't like Hacking Team any more than you do. We too have been targeted by HT.

> It should be fine if the testimonies were filtered with a professional skill , without mixing complaisance & real case.

By "it" you mean the ANAC portal for reporting "suspicious people"?

> Italy's ANAC runs under an unknown protection : the past has yet proven that one cannot have confidence in a public or a secret service. I guess that the European union or a great country is behind the screen.

ANAC is controlled by outside influences, such as CIA? I hope not, but I know enough about Italian history to know that such accusations are almost always plausible.

One point which is invariably neglected by American journalists covering the RU-election-meddling scandal in the USA is the fact that CIA (among other US agencies) has a long long history of election meddling. In fact CIA was meddling in Italian elections even before it was formally created as an agency. And even as we speak CIA is plotting a coup in VE. (They never could keep a secret!)

See the book "Legacy of Ashes" for a readable overview of CIA's election meddling in EU, Indonesia, Latin America, Africa.

> there so many mic in the streets and shops, station, metro, airport that one does not need Tor for reporting a corruption case, saying loudly it is recorded & transmitted even at home or in a motel.

You are probably talking about Italy, but L-3 Systems (one of those L's stands for Lehman's Brothers, a suggestive factoid which seems relevant to your implication that financial/political corruption is flourishing in the USA) has sold a system for recording public conversations to many US cities, which have installed it in numerous bus shelters etc. But the AI software which is supposed to continually roboscan for "suspicious" conversations in real time so that cops can swoop in and make an arrest on suspicion of some "crime", still isn't working, I hear. And naturally neither the IT or US cops have the manpower to themselves listen to what everyone is saying in public spaces.

If you have followed the controversy over USG banning Kaspersky anti-virus, you might be interested to know that a well known US company which sells all kinds of surveillance infrastructure to USG is terrified that the US Congress might realize that they have incorporated voice recognition software from another RU company. Because it is said to be the best in the world (better than the Israeli software used by most US banks and other megacorporations).

So let me see if I understand you so far:

Things you don't like include:

o Tor
o unnecessary things generally
o sophisticated systems generally
o the European Union
o the Italian government
o Berlusconi (or at least, the fact that he got caught)
o ANAC
o the US government
o US secret services
o US people generally
o democracy
o judges generally
o unpaid blog moderators
o the Tor blog generally
o banks (at least, those in the USA, Switzerland, and the European Union)
o denunciation schemes (whatever that means)
o Interpol
o managers of social media platforms
o Pied Noirs
o France
o Latino_Arab countries (whatever those are)
o narcotics/prostitution and the mafia generally
o social safety nets
o mayors generally
o files generally
o Arab_influence
o foreign influence generally
o idiots
o serfdom
o the feudal system
o show business
o civil servants
o discussion (which you call "harassment")

Things you like include:

o authority
o microphones (in streets, shops, mass transit, airports)
o Serpico

I suppose you plan to eventually explain your point?

February 13, 2018

Permalink

interpol (lyon/fr) did it and the manager of the platform un-anonymized the posters, revealed their locations and divulged their identities : he was not arrested.
maffia & the organized crime is first a mentality deeply built & lived in the mind , the social/professional live : tor is an 'exotic' solution (i dislike the denunciation scheme) , it can't work.

you should do your own research before replying with such deni :)
- interpol launched an appeal for denouncing (recompense) the person most wanted on a secure platform (anonymous & strongly protected) ... by a sophisticated system using tor/proxies.
it is a well known case : he wrote a book about his affair -and apologized afaik.

the corruption/connection with the organized crime_mafia_terrorism : piednoir/alqaida (a blackfeet-director of the brb was arrested at the airport , drug & money laundering) in fr is well known. it is related at a secure platform & at a recruitment built for the crime & the drug which the prostitution became a social help sponsored by the mayors falsifying the files and faking the identity for a socialist-recruitment-support : the force to not give the right (and the money/job) to others persons than themselves : rogue-state.

it is not fud , just a public information like the case of Serpico were in nyc.
https://en.wikipedia.org/wiki/Carlo_Alberto_Dalla_Chiesa
Italy did better understanding immediately the danger of an foreign influence and cleaned its mess (fr acted against bringing support & logistic to the italian mafia).

this project is running for you too.
https://blog.torproject.org/italian-anti-corruption-authority-anac-adop…

interpol (lyon/fr) did it and the manager of the platform un-anonymized the posters : the risk is often between the chair & the screen.
that's the truth.

> you should do your own research before replying with such deni :)

You should give some proof before making extravagant claims. What you say has no credibility and will remain so as long as you don't post any link, but it's not only incredible it's also confused and nonsensical.

> - interpol launched an appeal for denouncing (recompense) the person most wanted

Who ? When ? What don't you give a link to this platform that was surely on archive.org

> on a secure platform (anonymous & strongly protected) ... by a sophisticated system using tor/proxies.

An onion service you mean? Where?

> it is a well known case :

Then why nobody heard of it and it's not on wikipedia?

> he wrote a book about his affair -and apologized afaik.

Who "he"?? Can't you be more clear ?!

>the corruption/connection with the organized crime_mafia_terrorism : piednoir/alqaida (a blackfeet-director of the brb was arrested at the airport , drug & money laundering) in fr is well known.

Ok, this one is the best of all. THere's at least 5 or 6 nosense, contradictions and unconnected subjects in this sole sentence. Are you Trump?
I didn't see any "well known connection between organized crime-terrorism and no "black feet" (sic) brb director arrested at the airport in France recently.

In my opinion you mix up several things.
First of all a "pied noir" is man of european ascent (white skin) living in Algeria before the independance. I don't see how this detail could be relevant anyway (if one pied-noir director was linked to a criminal organization, that wouldn't make all pieds-noirs linked to it, right?) but the fact is there's no pied-noir director at the BRB. As a matter of fact the actual brb director is a woman, Helene Dupif.

You probably think of Bernard Petit, the tunisian - not algerian nor pied-noir but I guess for you it's the same?; director of the parisian PJ (judiciary police, no link with the BRB) who was suspended for giving away confidential infos about an inquiry on his colleague. There was also a scandal about 50 kilos of cocaine who mysteriously "disappeared" from the police headquarter but he was not involved in it.

https://www.theguardian.com/world/2015/feb/06/paris-police-chief-suspen…

There's also the anti narc director who was involved in a big scandal recently:
https://www.theguardian.com/world/2017/aug/25/french-ex-drugs-squad-chi…

Scandal and corruptions, yes. But I don't see how you connect the dots with the pied-noir, al quaida an airport and the mafia...

> it is related at a secure platform & at a recruitment built for the crime & the drug which the prostitution became a social help sponsored by the mayors falsifying the files and faking the identity for a socialist-recruitment-support

Wh... What ??!! Man, you're a laughing bag.

I don't understand what you are trying to say, but:

> Italy did better understanding immediately the danger of an foreign influence

So you are denouncing the cheerless assistant chefs who work down the road (internet-wise) at 55 Savushkina Street?

But those pitiful people deserve our sympathy and understanding, doncha think? I mean, working for this junior stomach-kisser cannot be barrel of fun:

theguardian.com
Putin’s chef, a troll farm and Russia's plot to hijack US democracy
David Smith
17 Feb 2018

Surely we should support the trolls in their hopes and dreams of finding a better job, while trying not to smirk too noticeably at the poor quality of their output.

I grant that you are correct when you imply (if I understood your comment correctly) that reading English language Russian troll posts is like watching an ungifted runner lurch over the finish line twenty laps after the seriously doped athletes. But we should give them points for effort, rather than, well... this:

slate.com
Russian operatives used some very Russian English to meddle in the American election.
Leon Neyfakh
17 Feb 2018

> The Facebook message from the totally authentic American began as follows: “Hi there! I’m a member of Being Patriotic online community.” Addressed to one of the sender’s fellow grass-roots organizers in Florida, the message went on: “Listen, we’ve got an idea. Florida is still a purple state and we need to paint it red. If we lose Florida, we lose America. We can’t let it happen, right?” Wrong! The phrase should really be, “If we lose Florida, we lose the White House.” Or maybe “we lose the presidency.” Certainly not “we lose America.” No one would ever write “we lose America” there—it’s unnatural. Same goes for “We can’t let it happen, right?” The correct article would’ve been this, not it. And the “right?” at the end just sounds … weird. Actually, it sounds like something a Russian person would say. Most likely in a friendly tone, one just barely concealing a sinister sneakiness.

Ouch! But the Thing is, if we start denouncing everyone who uses "weird" English as a Russian troll, we'd have to... oh wait... Neyfakh actually makes this very Point:

> But perhaps the most egregious example of non-native English to come out of the Russia investigation is this tweet:
>
>> After years of Comey, with the phony and dishonest Clinton investigation (and more), running the FBI, its reputation is in Tatters - worst in History! But fear not, we will bring it back to greatness.

Well, OK then, never mind. Capital! Laugh away, all RU-troll denunciators!

The article is about ANAC , a secure platform (legal requirement : implementing anti-corruption procedures e.g.- giving whistleblowers a secure way to report illegal activity while protecting their identities).

https://blog.torproject.org/italian-anti-corruption- authority-anac-adopts-onion-services

1. Nothing to do with russian troll.
2. It is the readers of this blog who do not understand your 'delirium' !
3. background : the comments are posted in good faith , sincerely and the facts are proven : it is not face-book or cnn and certainly not a calumny campaign or a copy&paste of the u.s.a news about 'what is happening today in moscow ?'.
4. ANAC & other similar service are not a part of special operations of the nsa ; it is an Italian structure not a hidden office of the online newspaper 'the guardian'.

It is the Tor-Blog not a trash.

>'what is happening today in moscow ?'

A reminder that while Drump's disgusting attacks on American teens demanding gun control are loathsome, in Russia calling out the President can land you on a hit list, quite literally:

https://themoscowtimes.com
Russian Activists' Personal Data Leaked in Online 'Hit List' Prior to Assaults, Deputy Warns
Boris Vishnevsky
21 Feb 2018

In other news, Aleksandr Bedritskiy boasted that Mosenergo loves fossil fuels even more than Drump. Aleksey Miller chortled "we tell you no lies!". Of course not.

Oleg Deripaska called the President and asked a question which I couldn't quite hear. Not so sure those two are getting along right now, but let's wait to hear what Michael Flynn thinks.

Mikhail Fedotov assured reporters that human rights do not exist in the Soviet Union, and cannot because the Constitution strictly respects human rights. Aides scurried and whispered in his ear. Then he corrected himself: human rights abuses do not exist in Russia. After the Councilor departed for parts unknown, everyone was sternly warned never to speak of version one. Some then left the room alive. Some have not been heard from since.

> not face-book

I hear Putin does not use Vkontakte. I suppose he is afraid he might run into Navalny.

> [not] cnn

I wasn't sure, so I checked:

https://en.wikipedia.org/wiki/Facebook

https://en.wikipedia.org/wiki/CNN

And it seems you are correct: CNN is not Facebook.

> not a calumny campaign

Thank you for opposing the tendency of some "mainstream" FVEY media outlets to engage in smears of critics of USG policies, a bad habit which has only been further enabled by present POTUS.

You might remember what Glenn Greenwald said back in Jun 2015 about what the Sunday Times wrote about Russia's favorite "unwanted X-mas present":

theintercept.com
The Sunday Times’ Snowden Story is Journalism at its Worst — and Filled with Falsehoods
Glenn Greenwald
14 Jun 2015

> the comments are posted in good faith , sincerely and the facts are proven

Thanks for your support!

> interpol (lyon/fr) did it

did what?

> and the manager of the platform

Global Leaks? ANAC? Something in Lyon, FR? I'm confused.

> un-anonymized the posters, revealed their locations and divulged their identities

to whom? how?

> he was not arrested.

He who? Who did he work for?

I'd like to know more, but you need to explain what you are talking about and to provide some evidence.

February 14, 2018

Permalink

Hermes Center?
The same people who want to regulate the use of backdoors in Italy? That is funny.

> Hermes Center? The same people who want to regulate the use of backdoors in Italy?

Link or citation, please? I'd like to know more, but I can't read and make up my own mind about this charge unless you provide a bit more information.

February 14, 2018

Permalink

https://www.hermescenter.org/
a lot of person speak about laws, encryption but one forgets often few important point :
° sized means also stolen.
° you cant be retained or arrested for suspicion.
° it is very rare that a law allows stop a whistleblower so you should wonder first the true reason of a personal survey (assange/sweden case _not verified_ e.g. or at the opposite, to be a prey).
° defend & promote the struggle of the others movements could help you more than you could imagine : the more are on your side the less your enemies could catch you.

February 14, 2018

Permalink

Wow, great news! I urge other ordinary Tor users to consider asking suitable agencies in their own local, provincial, or national governments to consider adopting Onion services.

In addition to protecting whistleblowers, onion mirrors for news/NGO/govt websites can help protect at-risk citizens against targeted cyberattacks. For example, in the US, onion mirrors for news sites could probably help prevent some election-meddling type attacks.

February 14, 2018

Permalink

OT but doubtless of interest to readers of this blog:

washingtonpost.com
Officer injured, two in custody in shooting incident near NSA security gate
Lynh Bui, Dana Hedgpeth and Peter Hermann
14 Feb 2018

o a rented black SUV entered a driveway leading to the NSAW campus at about 7 AM Eastern time
o the driver attempted to turn around and drive against early morning NSA commuter traffic
o armed guards fired shots
o SUV crashed into a Jersey barrier
o three people who were inside the SUV were arrested
o two of those arrested were injured in the crash (apparently not by gunfire)
o one of those arrested was himself an NSA police officer

In speculating on how a rented SUV with an NSA cop entered a restricted driveway, WaPo reporters recalled a previous case not involving an NSA cop in which

> the driver may have mistakenly taken a restricted exit to an NSA security post and ignored police orders to stop, possibly because there were drugs inside the SUV and they had just left a motel and the vehicle’s owner, who had picked them up in Baltimore for an overnight tryst.

No further details, one suspects, will be forthcoming.

Plus one.

Plus this supportive tweet from a well-known ZDNet reporter:

twitter.com
Zack Whittaker
@zackwhittaker
13 Feb 2018

> I wish we had more of this. No reason why official government whistleblower or watchdog organizations don't adopt Tor services to help report wrongdoing and corruption — just like SecureDrop, which journalists use already. blog.torproject.org/italian-anti-c…

February 16, 2018

Permalink

https://blog.torproject.org/italian-anti-corruption-authority-anac-adop…
I noticed a lot of "idiot" & o.t posts on this blog written likely by the same person (a volunteer of alqaida ? they are so many civil servant in the e.u.).

Reporting a corruption case using :
https://www.anticorruzione.it/portal/public/classic/Servizi/ServiziOnli…
could work but ... is it not too late ? ...

European union is built on a corruption basement : they never pay even when they are catched and are rarely arrested. One of their tip is to not payed the social resources allocations & keep their recruitment for their friends exclusively ; serfage & feudalism are still an important element of the politic life.

I suspect this Anac to need of the whistle-blowers not for stopping this habit
(to be dishonest is like a genuine authority in latino_arab countries. They are a part of an invisible army which porno is the engine and killing a fun aptitude : no way to escape , working for their /standing/complot is not a choice but a necessity, that's the purpose of the organized-crime) but for managing agreement & soft measures : do not risk your life if you are not payed for and without warranty, ask compensation pls.

The u.s & their secret services which the employees of uno helped a lot but supported the other side too (see on wikipedia how many members of uno were involved in the mafia connection for further information).

The anti-corruption movement was created by few persons well informed who were all (almost all) murdered so ANAC could save life but i have few doubt about reporting true corruption case : this crime_culture & latino_ history with a mix of arab_influence are so old so powerful so successful that i rarely met a resident who was not or did not wish to be on the side of the corruption (you can buy a judge for 5 000$ & not only in italy - see berlusconi scandal for further information).

I wonder if :
https://blog.torproject.org/tor-heart-globaleaks
or :
https://www.transparency.it/alac/
have been created from real victim cases and if they will have success in a near future but i know like more than 500 millions of persons that ANAC like police or army are not ready for that : they are 60% of the problem not the solution in a grey zone where the corruption sounds like a show-business goal.

I noticed a lot of "idiot" & o.t posts on this blog written likely by the same person (a volunteer of alqaida ? they are so many civil servant in the e.u.).

> a volunteer of alqaida

You are? We haven't heard from you in so long! We missed you so much we had to start dating, I mean hating, North Korea!

So, did you issue any good fatwa's lately?

> the employees of uno helped a lot

So Al Qaida urges US people to give generously to USA for UNHCR?

> do not risk your life if you are not payed for and without warranty, ask compensation pls.

Al Qaida is hiring trolls? Figures. Do you pay better than Prigozhin?

Frankly I don't think you'll find any takers in the Tor blog, but try lurking outside 55 Savushkina Street and leafletting the exhausted drones as they lurch out the door after the end of a long day trolling for Tsar Vlad.

> you can buy a judge

I think I'd rather buy a nice коттедж

February 18, 2018

Permalink

Some of us have tried to warn for years (c.f. the failed NSA boycott) that the US STEM community has been coopted by the Military-Surveillance-Industrial complex, and that this is terribly dangerous at a time when the entire world seems to be turning to technologically enabled authoritarianism.

NAS has commited a further betrayal which greatly increases the political/legal danger to the continued existence of Tor Project;

https://www.eff.org/deeplinks/2018/02/new-national-academy-sciences-rep…
New National Academy of Sciences Report on Encryption Asks the Wrong Questions
Andrew Crocker and Nate Cardozo
16 Feb 2018

> The National Academy of Sciences (NAS) released a much-anticipated report yesterday that attempts to influence the encryption debate by proposing a “framework for decisionmakers.” At best, the report is unhelpful. At worst, its framing makes the task of defending encryption harder.

@ Shari:

Do you still stand by Roger D's vow never to put backdoors into Tor products? If so, what is our plan if the Congress outlaws unbackdoored citizen cryptography?

February 18, 2018

Permalink

"Error! :(

Your browser is not running Javascript that is required to use the whistleblowing client.

It's common believe that Javascript and security don't sound well together, for this reason we suggest to use the Tor Browser, an extremly tuned Firefox browser with Tor integrated."

LOL, instead of lecturing potential whistleblowers about security, here's an idea:

Why the fuck don't you offer a service which doesn't rely on JavaScript that could potentially rape one's browser by exploiting it?

Deficienti -.-

February 26, 2018

In reply to by Whistleblower (not verified)

Permalink

Javascript is enabled by default in Tor Browser and almost 99% of the web rely on Javascript, that enable you to get precious features such as WebCrypto API.

That's a religious debate, like those who use Linux without a graphical environment with a console-only and who use Gnome :-)

February 21, 2018

Permalink

Huge news about another widely used privacy-enhancing tool:

thehill.com
WhatsApp co-founder donates $50M to new Signal nonprofit wing
Harper Neidig
21 Feb 2018

> Signal is an encrypted chat service popular among privacy advocates and journalists, and its encryption model has been adopted by a number of tech giants. The company’s founder, a researcher and former Twitter executive known as Moxie Marlinspike, said in the announcement that the move will allow the company to expand while maintaining its independence. “Starting with an initial $50,000,000 in funding, we can now increase the size of our team, our capacity, and our ambitions,” wrote Marlinspike. “This means reduced uncertainty on the path to sustainability, and the strengthening of our long-term goals and values.”

Wow, great news! I think. Bit worried about the Facebook connection; we in the privacy community don't want to leap from the frying pan of government pwnership into the firm of corporate pwnership.

I still think a user supported model is best for Tor Project. But it would sure be helpful in combating the threats from FBI to outlaw encryption if corporations (preferably somewhat unobjectionable ones, i.e. not Exxon or CitiGroup or Boeing or Palantir) could show Tor some love, too.