cross-posted from: https://lemmy.abnormalbeings.space/post/952648
TEXT VERSION: https://thelibre.news/trump-cuts-funding-to-foss-projects/
cross-posted from: https://lemmy.abnormalbeings.space/post/952648
TEXT VERSION: https://thelibre.news/trump-cuts-funding-to-foss-projects/
Does this government funding really ever result in a hands off approach. In the case of Tor I wouldn’t be surprised that funding comes with backdoor access.
Backdoor access to what?
The last reply I will make.
From September 19 2024
“In response, the Tor Project acknowledged that one user of an outdated application called Ricochet was likely deanonymized through a “guard discovery attack.” However, they emphasized that this vulnerability has since been patched in current versions of Tor software.”
https://cybersecuritynews.com/tor-claims-network-safe/
but that wasn’t his last reply
Excuse me? Are you saying using guard discovery is a backdoor someone gave to the government? I mean, you can think whatever, but the technology isn’t really… backdoorable? It doesn’t make sense in the context. Where will the backdoor lead? It has no where to go.
Okay buddy keep it going as long as you need to. You might enjoy Reddit more, it’s a safe space for people who cannot change their opinions. Bye.
(I am a different person, not arguing anything about this particular vulnerability or the government’s funding of Tor.)
I think you’re defining backdoor too literally. I get your point, but colloquially it just means to get something nefarious in. If someone is saying “the government has a backdoor in an encryption algorithm” it would mean they believe the government has a vulnerability in that allows them to easily break the encryption, not necessarily a separate “door” or something.
Yeah the government has an institutional thing I forget what it is called, with massive amount of known exploits. That’s not backdoors. A backdoor is a “planted” exploit, not a discovered exploit. It makes no sense to call all exploits backdoors.
TOR fundamentally cannot be backdoored. The US government funds it because more traffic on the network helps mask the traffic coming from CIA agents and the like
I’m not going to outright disagree with your opinion but I honestly have my doubts.
Go look at the code, then.
Yeah whatever. Sorry you got butthurt.
Look, you either check for yourself, or trust people who have. The only other option amounts to building your own parallel reality.
Let it go buddy.
You can also take an intermediate approach, actually. Usually I can tell from just the developer docs or whitepapers if something has a way of producing the guarantees it claims.
Showing my ignorance here, but would genuinely like an explanation - aren’t/weren’t compromised exit nodes a thing?