Though tor != the dark web. Tor allows anonymous browsing, which can be a literal life saver for people under totalitarian régimes. It can also be used for less positive things, but don;t blame the facility for the use some people put it to.
Anyway, I doubt the sort of posts that fill the forum need bother with tor, unlike unsolicited emails, there is nothing illegal anywhere with posting to a forum.
Whenever an honest man discovers that he's mistaken, he will either cease to be mistaken or he will cease to be honest.
However, consider the pedigree. The FBI got The Silk Road without too much trouble.
Well, they claim to have got DPR, but no one knows for sure. The vulnerability of Silk Road was part the fact that to buy something physical involves it being delivered, and even though it was anonymous the site itself had as many vulnerabilities as any other web page so they shut it down that way not by breaking tor.
Whenever an honest man discovers that he's mistaken, he will either cease to be mistaken or he will cease to be honest.
And if it was compromised, it'd be a great secret (think Enigma, Crypto AG, the prime factoring problem etc. ad nauseam)
Yes, but it would have to (probably) be a mathematical exploit of the underlying crypto or onion protocol as its open source, so harder to hide a backdoor than (say) a router or closed source OS.
Jack wrote:And if it was compromised, it'd be a great secret (think Enigma, Crypto AG, the prime factoring problem etc. ad nauseam)
Yes, but it would have to (probably) be a mathematical exploit of the underlying crypto or onion protocol as its open source, so harder to hide a backdoor than (say) a router or closed source OS.
c.f. "the prime factoring problem" - i.e., if that's solvable (and many think it might be), then PK encryption is an open book, i.e. worthless.
Nick wrote:
Jack wrote:If the dangerous loonies are using it, then you can bet your (or the NSA's) bottom dollar that there's serious interest in subverting it.
Problem is its often hard to tell the NSA from the "dangerous loonies"
c.f. "One man's terrorist is another man's freedom fighter", the corollary being "One man's freedom fighter is another man's terrorist"
The various agencies work on the basis of "if you have nothing to hide, you have nothing to fear". Whatever.
c.f. "the prime factoring problem" - i.e., if that's solvable (and many think it might be), then PK encryption is an open book, i.e. worthless.
Yes, but if that was solved, then tor would be the least of the problem. However it would only break the key exchange part, one time pads would remain just as unbreakable without the key, so all that would inconvenience is most of the world, Agents (of all types) would go back to older methods of key exchange.
Whenever an honest man discovers that he's mistaken, he will either cease to be mistaken or he will cease to be honest.
c.f. "the prime factoring problem" - i.e., if that's solvable (and many think it might be), then PK encryption is an open book, i.e. worthless.
Yes, but if that was solved, then tor would be the least of the problem. However it would only break the key exchange part, one time pads would remain just as unbreakable without the key, so all that would inconvenience is most of the world, Agents (of all types) would go back to older methods of key exchange.
Not just DH exchange would be compromised - with the prime factoring problem solved, given a key, modulus and exponent, you could get back to the actors' secrets - therein lie dragons...
With those, you can then get to the shared secret, and therefore forge digital signatures, fake web site certificates, all sorts of carnage. More importantly, you can silently read any traffic which relies on a shared secret (agreed by DH) symmetric encryption, regardless of the encryption algorithm (unless its EC-based)... PFS would not protect you...
OTPs have been around for ages and are, of course, technically unbreakable (unless you have a pad!) - I deeply suspect that OTPs are the choice of professionals anyway - who would trust DH etc. - many are vulnerable to man-in-the-middle attacks and others.
Not just DH exchange would be compromised - with the prime factoring problem solved, given a key, modulus and exponent, you could get back to the actors' secrets - therein lie dragons...
Yes, that was my point, once the key exchange is open the rest fails. I didnt bother typing all the rest you have, its just extra words with no more information.
Whenever an honest man discovers that he's mistaken, he will either cease to be mistaken or he will cease to be honest.
Whenever you do a https type communication or talk to your bank, or do anything that involves public key encryption, the process stars by the two sides exchanging keys, they exchange a public key and keep a private key, that allows the communication between the two sides (traditionally Alice and Bob) to be encrypted, such that the actual keys used (basically a big number) is never transferred so is not visible. A third party (Charlie) can see the encrypted communication, but without the keys can not decode the communication.
The keys rely on the property of prime numbers, such that given two large prime numbers (say 15,485,863 and 32,452,843, though much larger normally) are multiplied together to give a new number 502,560,280,658,509. Given that number (and that’s a small example) its very very hard (read takes a long time) to find the only two prime numbers that were multiplied together to give that result. So you can pass the result in public without there being any likely chance that it can be factored (find the number that are multiplied together) to find the original two prime numbers. However if you have one of the original numbers, then finding the other becomes a simple matter of division.
If as Nick (Jack) says, a solution is found for "the prime factoring problem", then the above is no longer true so it becomes possible to extract the keys from the combined number, so it fails to be secure and the world goes to hell in a handcart very very quickly in a way that would make the last crash look like a bad day at the dogs.
Whenever an honest man discovers that he's mistaken, he will either cease to be mistaken or he will cease to be honest.