[tor-talk] torproject forum hosted by 3rd party, not least of problems

Sun Jan 16 06:58:52 UTC 2022

On 1/13/22, nusenu <nusenu-lists at riseup.net> wrote:
> Since tor-talk is apparently going to be closed down soon [1],
> here are a few suggestions:
>
> [1] https://gitlab.torproject.org/tpo/community/support/-/issues/40057
>
> let us know whether/when you will be closing tor-relays as well

https://lists.torproject.org/pipermail/tor-talk/2021-October/045779.html
"
I was surprised to learn that the forum is _not_ self-hosted on
torproject infrastructure.
It is hosted by "Civilized Discourse Construction Kit, Inc." the
company behind discourse.org.
That means the torproject does not have full control over the
infrastructure and its security and logging practices.
The forum privacy policy mentions that IPs get logged and stored over
an extensive amount of time
https://forum.torproject.net/privacy
As Jérôme pointed out [5] the forum is also subject to discourse's
privacy policy
"

Lol. Not to mention that hosted and "web" based means that
users can, unlike distributed standalone email, now be more
central exploited on attack surface from server side in browser/JS/etc
by rogue, bought, mole'd staff, corp changeup, court order, etc
at these companies.

And who cares what the channel is when every single Tor Project
communication channel has been intentionally "bricked up"
and 100% fully and completely censored for *years* by the
Tor Project Inc to avoid embarassement, avoid being called out,
preserve their personal cashflows, keep users from learning all
of tor's weaknesses and then forking or developing better, more
variety, and or more resistant anon overlay projects etc. After all,
Tor's monetary captured people rake in multiple millions of dollars
every year, including by problematic fundraising nft drops,
off a conveniently Govt funded design that's well over 20+ years old,
that even the NSA was quoted well over 10+ years ago saying that
the NSA could exploit tor. NSA GCHQ FVEY and myriad private
and GovCorp adversaries have all since then advanced their attacks
and technology light years ahead of tor's baked design. While Tor
adds irrelavant non-design trappings and periphery and social-activism,
decides to cancel users free concious choice to use
v2 Onioncat IPv6+UDP transport for whatever they want and
terminates that entire good class of usage, innovation, and app
development within onionland, censors user and operator knowledge
of same, ejects people who like code but refuse to apologize
for Tor or/play its socio-politic, game, monoculture, and more,
Tor's Government funded social marketing engine also consumes
and starves out a lot of funding from and steers messaging in
a space that needs a distributed nature in all things.

If the world knew how the Tor Project Incorporated has become
total hypocrites of the Freedom of Speech they claim to support,
Tor Project would be defunded, users would leave in disgust,
and the crypto overlay network space would flourish anew
generation again.

The fact of Tor Project's secret censorship agenda alone is enough.

Add in refusing to routinely acknowledge and publicly disclose for
users in exceedingly prominent places that Traffic Analysis and Sybil
are in operation, actually removing warnings from their website,
pasting over them with safe sounding phrases, putting users at
risk that way, among many other problems... makes things
even more serious.

https://www.hackerfactor.com/blog/index.php?/categories/19-Tor
"
Today, the Tor Project seems to be more focused on fund raising
than actual privacy, anonymity, or anti-censorship.
"

"Tor Stinks  -- NSA"