The Privacy BlogPrivacy, Security, Cryptography, and Anonymity

CAT | Anonymity

Oct/14

25

Two new attacks on Tor

Tor webpage

Two new attacks on Tor were recently announced.

The first involves using an exit node to automatically modify software patches to include malware. This one is being seen in the wild already.

The second uses Tor and some quirks in the security model of Bitcoin to allow attackers to create double spending and even create an alternative shadow hash chain visible only to the victims.

Play

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on FacebookTwitter, and Google+.

· · · · ·

Woman hiding at corner

Recently a colleague was reading a blog post by a Russian based VPN provider which talked about their privacy stance. He was incredulous. “Why would anyone trust a Russian VPN company?!?!”

It is a reasonable question about many locations. Russia, China, Iran, and many other companies are justifiably known for Internet monitoring and censorship. Of course, in the post Snowden era, a lot of attention has been focused on US surveillance as well.

I think that many people have the feeling that they should trust anyone but their own governments. After all, foreign intelligence services are unlikely to do anything about any intercepts unless they see some kind of global doomsday scenario. You might worry that your local intelligence agency could pass along information to local law enforcement, but that too seems generally unlikely. Exposing such intercepts would also expose sources and methods, which are some of the most highly protected secrets out there.

To me the question is what the VPN / Privacy provider is ALLOWED to keep private. It is clear that many governments put a huge amount of pressure, or actually pass laws, on companies to keep all kinds of user activity records. Interestingly that is not the case in the United States.

Anonymizer has no requirement to keep any records about what our users do through our service, or any way to identify associate any activity with a given user. Our systems are architected so that we don’t need to refuse to provide any of that information, we are simply incapable of doing so.

Play

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on FacebookTwitter, and Google+.

· · · ·

Sep/14

5

The Privacy Blog Podcast – Ep. 23

Play

Standard Profile PictureIn episode 23 of our podcast for August 2014, I talk about:

  • The absurd alarmism over the new Facebook Messenger App’s privacy settings
  • Brazil’s move to ban anonymity
  • How the secrecy of the secret app has been compromised
  • and finally how Tor users were put at risk by a fake website

· ·

Sep/14

2

Cosplay for Privacy!

Secret Identity

From https://projectsecretidentity.org/

All The Best Dragon Con Cosplayers Fighting For Online Privacy

In a brilliant campaign, IO9 and the EFF is having cosplayers pose with pro-anonymity, pro-privacy, and pro-pseudonymity signs. See the whole set here. The most popular seems to be “I have a right to a Secret Identity!”.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

·

Troll and laptop

Attacks On Anonymity Conflate Anonymous Speech With Trollish Behavior | Techdirt

It turns out that people say nasty things under their real names, and people also say valuable things anonymously.

Shocking!

It is amazing how often I see respected academics and other thinkers get incredibly sloppy in their reasoning when it comes to anonymity. They frequently assume correlations for which they have no evidence, and propose solutions with no consideration of the consequences.

I appreciate the rational perspective in articles like this.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

·

Older posts >>