[tor-talk] What's better than Tor for criminals?
arma at mit.edu
Sun Jun 7 04:26:00 UTC 2015
On Sat, Jun 06, 2015 at 04:20:22PM -0400, Charlie Belmer wrote:
> I always took it to mean using malware infected hosts, rootkits, and C&C
> servers to do the dirty work, which not only makes you hard to trace, but
> can also point investigations at the infected host.
> On Sat, Jun 6, 2015 at 4:16 PM, Max Bond <max.o.bond at gmail.com> wrote:
> > Organized criminals will probably achieve better operational security by
> > conducting themselves in the real world as much as possible. This is not an
> > option available to a lone dissident in an oppressed country.
Right. The argument varies by type of criminal, but for the "what about
the terrorists" side, my argument goes something like:
"Scenario 1, I want to build a tool that handles millions of people,
that will work for the next year, and that I can tell you all about so
it can get peer review and people can trust it. That's the Tor problem.
Scenario 2, I want to build a tool that works for twenty people, for the
next two weeks, and I'm not going to tell you about it.
There are so many more ways to solve scenario 2 than there are to solve
You can watch the rest of the argument in video form at
As an added twist, the original question here reminds me of a training
I was doing long ago for some activists:
where I used the "if you're willing to break laws" line, and they
stopped me and said "We're willing to break laws. How can we get better
anonymity than Tor can provide?"
So yes, it's clearly not just about willingness to break laws. Rather,
it's that the willingness is often correlated with other priorities that
may work well for certain small groups of people but that don't scale well
to the Tor context. And since much of Tor's safety comes from the number
and diversity of users, it's not a great fit for these other priorities.
(Please don't misinterpret these arguments as claiming that no bad people
use Tor. We've got millions of users now, and when you're at that scale
you have a cross section of the Internet, which of course includes bad
More information about the tor-talk