US cuts funding to F-Droid, Tor Browser, Let's Encrypt and Tails Linux

AbnormalHumanBeing@lemmy.abnormalbeings.space · 13 days ago

US cuts funding to F-Droid, Tor Browser, Let's Encrypt and Tails Linux

HiroProtagonist@lemmy.ca · 12 days ago

Does this government funding really ever result in a hands off approach. In the case of Tor I wouldn’t be surprised that funding comes with backdoor access.

rbesfe@lemmy.ca · 12 days ago

TOR fundamentally cannot be backdoored. The US government funds it because more traffic on the network helps mask the traffic coming from CIA agents and the like

HiroProtagonist@lemmy.ca · 12 days ago

I’m not going to outright disagree with your opinion but I honestly have my doubts.

CanadaPlus@lemmy.sdf.org · 12 days ago

Go look at the code, then.

HiroProtagonist@lemmy.ca · edit-2 12 days ago

Yeah whatever. Sorry you got butthurt.

CanadaPlus@lemmy.sdf.org · 12 days ago

Look, you either check for yourself, or trust people who have. The only other option amounts to building your own parallel reality.

HiroProtagonist@lemmy.ca · 12 days ago

Let it go buddy.

CanadaPlus@lemmy.sdf.org · 12 days ago

You can also take an intermediate approach, actually. Usually I can tell from just the developer docs or whitepapers if something has a way of producing the guarantees it claims.

KeenFlame@feddit.nu · 12 days ago

Backdoor access to what?

HiroProtagonist@lemmy.ca · 12 days ago

The last reply I will make.

From September 19 2024

“In response, the Tor Project acknowledged that one user of an outdated application called Ricochet was likely deanonymized through a “guard discovery attack.” However, they emphasized that this vulnerability has since been patched in current versions of Tor software.”

https://cybersecuritynews.com/tor-claims-network-safe/

KeenFlame@feddit.nu · 12 days ago

Excuse me? Are you saying using guard discovery is a backdoor someone gave to the government? I mean, you can think whatever, but the technology isn’t really… backdoorable? It doesn’t make sense in the context. Where will the backdoor lead? It has no where to go.

JackbyDev@programming.dev · 12 days ago

(I am a different person, not arguing anything about this particular vulnerability or the government’s funding of Tor.)

I think you’re defining backdoor too literally. I get your point, but colloquially it just means to get something nefarious in. If someone is saying “the government has a backdoor in an encryption algorithm” it would mean they believe the government has a vulnerability in that allows them to easily break the encryption, not necessarily a separate “door” or something.

KeenFlame@feddit.nu · 10 days ago

Yeah the government has an institutional thing I forget what it is called, with massive amount of known exploits. That’s not backdoors. A backdoor is a “planted” exploit, not a discovered exploit. It makes no sense to call all exploits backdoors.