This commit is contained in:
Miloslav Ciz 2023-10-25 20:48:49 +02:00
parent 3b2064e875
commit 5c43f56dc3

5
tor.md Normal file
View file

@ -0,0 +1,5 @@
# Tor
TODO
**Is Tor safe and really "private"?** HELL NO. It is "safer" and more "private" than clearweb/clearnet (if only for the [obscurity](obscurity.md)) AGAINST THE SMALL GUYS ONLY, like average server owners and tiny [ISP](isp.md)s, however the big guys (NSA/CIA/FBI/governments, [Google](google.md), [Facebook](facebook.md) etc.) can almost definitely get through -- consider how much of a [bloat](bloat.md) Tor and its browser are: did you alone go through the code, checked and tested there isn't a single exploitable line? Or did you just trust a promise of a website and your favorite content producers? (Heck it even has [autoupdates](autoupdate.md) now so they're just inserting you their code in real time now.) There most definitely is an exploitable line, and very likely more than one; if not by intention (it is EXTREMELY easy to sneak a malicious obfuscated line to a FOSS project; for a government or trillionaire corporation that's like a laughable amount of effort) then by pure statistics (even excellent code will have about 1 bug on 100 lines of code; if not in 100 then in 1000, 10000 or 100000). And if there is an exploitable line, you can bet your life they know about it -- do you think NSA won't put their greatest effort into searching for a way to infiltrate the biggest communication network of criminals, terrorists and other competition? This will be on top of every government intelligence service list, they will pour incredible amounts of resources into finding those lines, so you would be really crazy they don't know about them. So why don't they just go and bust all the bad guys selling drugs and CP on Tor? OK, does that question even need an answer? Do you think they will reveal this? The moment they do, everyone stops using Tor and they can no longer spy. They literally don't give a single shit about some harmless incels downloading illegal videos or making laughable amounts of pocket money selling marijuana, why would they give up their biggest weapon and spend great money and resources on busting a few horny neckbeards (there wouldn't even be enough space in jail for them lol)? They just want you to think it's safe to use so that you use it and they can spy on you. GOVERNMENTS AND CORPORATIONS LIKE GOOGLE LITERALLY SPONSOR TOR, they WANT YOU TO USE IT -- if you can't see what this means then there's likely not much hope in trying to explain anything. They will use the info they gather to bust the big guys who threaten national security, economic stability or whatever, without revealing how they did it of course. Also if they find you're using Tor you automatically get on their watchlist so it may actually be even less "safe" than vanilla clearnet with HTTPS. "BUTTT BUT IT OPEN SOARRRS EVERYONE CAN CHECK THE CODEEEEE" -- are you shitting yourself? Your "everyone" here means someone with excellent expertise AND tremendous resources that analysis of such a huge codebase requires, who is also willing to spend them -- how many entities like that are there in the world? A handful maybe, most of them exactly the mentioned bad guys like government and monster corporations, all of them rich capitalists, i.e. without any morals; now even if there is an independent entity of this kind and if such an entity does the insane, makes the investment and finds the exploit, do you think it will throw its investment out of the window for "public good", or does it try to profit from it by selling the knowledge to the highest bidder (or just staying silent about it)? Hmmm but if that's true, surely Tor developers also know it's futile, why are they even developing it? Because it's their living, they're sponsored, it's a pretty comfy job, they're just snake oil sellers who maybe even believe it works. Hmmm but wait, there are many good guy organizations who need security and will sponsor people to look for vulnerabilities. No -- any organization that really NEEDS a private conversation won't be dumb, it won't search for hyped things but something that's cheap and works, i.e. they will just use encrypted email or encrypted [snail mail](snail_mail.md) that flies under the radar easily and just works as long as math works. Some will sponsor Tor because it is still useful, e.g. it helps break some [censorship](censorship.md), but no one serious about privacy will rely on Tor. So nope, you're not safe with Tor. You are never safe under [capitalism](capitalism.md). Anyway, let this show you how futile any effort for "privacy" is in a shitty society -- the solution doesn't lie in increasing privacy and security, but in [unfucking society](less_retarded_society.md).