Hacked reported last week that Tor director Roger Dingledine made the bold claim that the FBI had directly paid Carnegie Mellon University researchers at their Software Engineering Institute to help uncloak Tor nodes and aid law enforcement in prosecuting Dark Web criminals. Carnegie Mellon was not consulted in most of the media coverage, but had declined comment to those who inquired. The story was more to do with Dingledine’s allegations and their potential validity than anything.
Now Carnegie Mellon has come out to take issue with a particular part of the narrative, the part that says the government compensated the university for its efforts. In a very short statement, the University said something interesting, in that they do not deny the government could be using their research to further its aims.
In the course of its work, the university from time to time is served with subpoenas requesting information about research it has performed. The university abides by the rule of law, complies with lawfully issued subpoenas and receives no funding for its compliance.
The statement also notes that the Software Engineering Institute does receive federal funding. Such budgetary dispensations are usually public knowledge, but one must know where to begin to look. In any case, at no point in the statement does Carnegie Mellon deny that the FBI used their research. Specifically noting that they occasionally receive subpoenas is also interesting, in that they appear to be implying that if they had helped the government, it would have been what amounts to coercion, as they are subject to the long arm of the law as are any of us.
They seem to be saying: what did you expect us to do? The resounding answer would likely be: disclose the vulnerabilities to the Tor project first, no matter the consequences, so as not to compromise the lives of political dissidents both in and out of the United States. But we digress.
In the wake of all this, a lesser-spoken-about principal of security software engineering has proven true yet again: paranoia is a great motivator. The Tor project has mentioned that it is now
overhauling the software in several key ways, hoping to close holes they still don’t necessarily know enough about. End of the day, the law can still get to you if you’re behind Tor. Using data from nodes, they can potentially compel unwitting accomplices to turn someone over.
One such effort of improvement is a change to the way that guard nodes are dispatched. The guard node is the first node to anonymize data. The more guard nodes an onion request connects to, the less secure. Developers want to change that so, by default, a minimum of guard nodes is selected, with just one guard node being the ideal number.
The next upgrade will come in the form of helping to thwart deep web crawlers. Yes, they exist, the dark wiki isn’t all there is anymore. Hacked covered Memex’s efforts earlier this year. Indexing and the ability to search are not features on the dark web – they’re liabilities, vulnerabilities. The purpose of the service is to hide you, after all. For the longest time, getting somewhere required a link or prior knowledge.
Fighting the ability of bad people to cloak their online activities inevitably fights the ability of good people to do the same. Tor was originally funded with government funds, after all, and now the project is a monster they’re trying to re-tame. What the world needs is a wider variety of options similar to Tor, to slow down the encroaching grip of thought police and Machiavellian political agendas.
Images from Wikimedia.
San Bernadino iPhone Case: Major Press Agencies Are Suing the FBI
The Associated Press, Gannett, and VICE Media are suing the FBI to know more details about the agency’s hack of the San Bernadino killer’s iPhone.
Toward Unbreakable Quantum Encryption for Everyone
Hacked recently covered the efforts of the Chinese government to build unbreakable quantum communication networks. According to analysts, quantum communications networks are so expensive that they could have a “recentralizing effect,” enabling states to recover the ground that they have lost to decentralizing digital technologies. But what if ultra-secure quantum cryptography could be made available to everyone at low cost?
The Chinese Quantum Satellite QUESS: Toward Unbreakable Quantum Networks
One year ago Hacked covered the race between the US and China to develop “military super-powers” by harnessing quantum science, and noted that Chinese scientists were developing quantum communication satellites that support unbreakable encryption. A few weeks ago, China launched its first quantum satellite.
- Daily Analysis: Stocks Turn Lower as Kiwi Collapses after Coalition Agreement October 19, 2017
- Technical Analysis: Coins Recover from Sell-Off as Bulls Remain in Control October 19, 2017
- Trade Recommendation: Zcash October 19, 2017
- Trade Recommendation: Litecoin October 19, 2017
- Ethereum Alliance Gets Another Member in Russia’s Largest Bank October 19, 2017
- Tortoise & Hare Investing October 19, 2017
- Asian Market Update – Thursday: Asian stocks mixed on China GDP, Japan trade data October 19, 2017
- Bitcoin Returns to Health After Flash Crash October 19, 2017
- ICO Analysis: Datum October 19, 2017
- Kazakhstan Is About to See Its First Cryptocurrency Backed by Fiat Money October 19, 2017
A part of CCN
Analysis1 week ago
Analysis: Bitcoin Price at $5200, How Much is There Left in the Tank?
Analysis6 days ago
Technical Analysis: Ethereum, Monero, and Litecoin Jump as Bitcoin Goes Parabolic
Analysis4 days ago
5 Things to Watch Next Week: Byzantium, Bitcoin Stretched, Gold’s Strength, The Next Fed Chair, Kirkuk and Crude Oil
Cryptocurrencies1 week ago
Trade Recommendation: Monero
ICO5 days ago
ICO Analysis: UTRUST
ICO1 week ago
ICO Analysis: Request Network
Analysis1 week ago
Technical Analysis: Litecoin Follows Bitcoin Higher as Market Tops $165 billion
Cryptocurrencies4 days ago
Trade Recommendation: Stellar