Some legal trouble with TOR in France

Tony Tony at tdrmail.co.uk
Sun May 14 12:34:51 UTC 2006 

Talking of Microsoft; it is a claimed advantage of the new OS versions
coming out such as Longhorn server - they include 'Bitlocker' encryption
that is apparently highly secure and integrates with motherboard
chipsets (TPM modules) to provide end to end code authentication and
hardware security. If any one thing required to unlock it is missing -
e.g. original hardware, TPM or pass code, USB dongle, etc. then no one
is going to reading your data unless a compromise is found in 256 bit
AES encryption. 

So if for instance they take your disks away as per the French TOR node,
then you could destroy your hardware key (wipe TPM module, destroy
motherboard chipset or USB dongle) and they are not going to be reading
anything, ever. Even if they do take the whole system away then they
wont be able to login to access your data even if they can boot unless
they have your password (and biometrics or USB token, etc.) 

You can login using a USB token and then store the token away from the
PC. If the PC is taken then you can destroy the token (one minute in a
microwave oven is pretty effective). Then even if you are later required
by law to give up your 'passwords' you can show that is no longer
possible.

See http://www.microsoft.com/technet/windowsvista/security/bittech.mspx
and http://www.microsoft.com/technet/windowsvista/security/bitlockr.mspx

Another advantage of this is that they can't easily trojan or root kit
your OS at a low level - it would fail the signed code integrity checks
and would not boot.

I recommend not securing it with your finger prints though.
http://news.bbc.co.uk/1/hi/world/asia-pacific/4396831.stm

I wonder how law enforcement organisations and even organisations that
don't care about international (or even their own) laws such as the US
government will react to the increasing future common use of secure
encryption. Even our phone calls can now be secured from their
monitoring: http://www.philzimmermann.com/EN/zfone/index.html




-----Original Message-----
From: owner-or-talk at freehaven.net [mailto:owner-or-talk at freehaven.net]
On Behalf Of Landorin
Sent: 14 May 2006 01:45
To: or-talk at freehaven.net
Subject: Re: Some legal trouble with TOR in France

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
I'd say if you can register a server with the required data given you
can unregister it the same way imho. Just contact the adress for
registering.
Speaking of cloned hard drives and having his keys... that's where
"Truecrypt" kicks in. ;) Nicely encrypted files with hidden volumes
within the file. ;)

By the way, if you even want to melt the hardisk then you need to go
to the Mount Doom and drop it there, that's the safest way and since
you're already on it, that way you can make the Microsoft Tower of
Evil and its virtual armies collapse, too. ;) I doubt the normal
police has such good programs that survive melting and formating. ;)
In the end, it's up to you to decide what is necessary to trust your
hardisks again. Yet if I were the police I wouldn't waste my time on
someone who obviously had nothing to do with the crime, I'd rather
concentrate on finding criminals that can be traced back (and if they
listened to you then they know it's a waste of time in any case
because they can't track anyone back with your PC).

Sincerely,
Landorin

Anthony DiPierro schrieb:
> On 5/13/06, Ringo Kamens <2600denver at gmail.com> wrote:
>> He has a good point. They surely have a clone of your drive which
>> means they
>> have the private keys to the server which could destroy the user's
>> anonymity.
>>
> If I understand things correctly then the name of the node should be
> told to someone who can permanently take it out of the directory
> servers.  Is this possible/necessary?  Or does everyone have to add an
> excludenodes?
>
> Anthony
>
>


- --
Accelerate cancer research with your PC:
http://www.chem.ox.ac.uk/curecancer.html

GPG key ID: 4096R/E9FD5518
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
iQIVAwUBRGZ9ni4XdI7p/VUYAQJ7nRAA23sfYnBQ5kka8PtX5ubnKz784KS+MoY0
Dl3GbcNHuIxGRUPVrPlsg5kmYLXocuUPHzUBiHsl20bWMNn6BWE4/rjPaZZaEz6I
KgxMUx9PmQhZQOH9r+1gNoJnfB2VM2J8coms1g0O3zlwK6H9bTwCc0DPgGVcLkWI
BhaS6YWuPPLgIUMi+DVYGJar6Lj/Ke1i/nYnVCc0u+F5MIi8vweuTui0tDQOg29E
9mMX1FhQTsEIeb2G4VsFt04Ye3voMVHXhf4kyOaI77PwLAm1grA4Dg2uHo4Lspb0
RbLoKxQBnExQCkPHWadxwqEyb6tOBibWaF/OA5mEsW27Dh0SlpW351uJ90Jxiun6
IPbIRx3KkE+5W3hppXqIPKMezIrubX4sxJ2P6ONTHwm3il9qRBMB8eUJzBZMbx4F
UsB1Wt6y9wVoeCwkc4uaUpnNozbhlyWMQxIr5fpjJ0f8QYgJ/BsqWoxmoaGJ6kSA
ukdN93g5mxhQ4R3D5zBU/jpAvv3zLEcNoFlg9HnotYBYK/x3u6n/d03B0TeKd1s8
nM4iOTDvIc2jISNtV1hMxzd9tX4CkIsVSz7aCUiTJnHFnngeGdqCu+7x6sDQB6t5
4vPUpfJFnGp+P/TnTu0diOaYCdiCkeyVhisCZX7+cy6z+7UIHZEtkGTZD4NC3ugd
FKjerbzR/kg=
=J51j
-----END PGP SIGNATURE-----

More information about the tor-talk mailing list