[tor-talk] Hidden vs Clearnet Services

[Raynardine]

On 1/29/2013 6:39 AM, Katya Titov wrote:
> Raynardine <raynardine at tormail.org>:
>
>> I do not like connecting to clearnet services from Tor.
>>
>> I am not alone in this.
>>
>> There are arguments about the reasons why Tor hidden services can be
>> better than clearnet services for users as well, but that would derail
>> this thread.
> I would be interested in such a thread.

I will need to compile all of the various arguments, but the biggest
reason is that clearnet sites are not anonymous, so they have no
incentive to maintain your anonymity.

In fact, most clearnet sites, because they are legally liable for
everything their users do, they have a strong incentive to use any
weakness in Javascript, Java, Flash, whatever they can use, to
deanonymize you.

Beside that cold hard fact, and the corollary to that, that even if a
supposedly saintly core developer or web site administrator swears up
and down that they'd never divulge the keys and surrender the
responsibility of their users to any men with guns, court decision, or
whatever, the problem lies in that they are a target.

Any non-anonymous website is a painted bull's eye, and it's only a
matter of time before the administrators and core developers for certain
websites commonly accessed by Tor users get sat down in a steel chair,
and get their fingers broken one by one.

You see where I'm going with this, I don't become overly graphic about it.

But my point is, unless both sides of a communication are 100%
anonymous, the non-anonymous website becomes a liability, not an asset.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 728 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20130129/f48dde4a/attachment.pgp>