The Tor Project, which created the Tor browser and administers it to this day, says it isn't surprised or takes issue with the CIA using its software.
"We believe onion services are a key next step in securing the web, similar to the standardization of https as more secure configuration than http, so it[sic] that sense, it is not a surprise that the CIA would want to take advantage of the privacy and security protections that onion services provide," said Stephanie Whited the communications director for the Tor Project in an email to Motherboard. "Tor software is free and open source, and so anyone can use it, including the CIA."
(Score: 4, Informative) by takyon on Wednesday May 08 2019, @02:55AM (3 children)
Tor is under active development [torproject.org] and is supposed to be a moving target, getting more secure over time, not less. Or they could just be introducing newer bugs.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 2) by Arik on Wednesday May 08 2019, @03:01AM
But as you point out, we really don't know. Which unfortunately may kill it.
The utility of the software relies on both actual and perceived security. If it fails on either count, long term, it fails.
If laughter is the best medicine, who are the best doctors?
(Score: 2) by canopic jug on Wednesday May 08 2019, @05:30AM (1 child)
One confound will be the spread of HTTP/3 which is based on UDP instead of TCP like its predecessors. That makes the individual connections stateless and that much harder to manage. Tor will have to have significant parts re-written and perhaps redesigned to work with that hot mess.
Money is not free speech. Elections should not be auctions.
(Score: 2) by takyon on Wednesday May 08 2019, @05:31AM
Is there any reason why Tor clients can't use HTTP/2 or whatever protocols they want?
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]