For example, I downloaded Tor network and using it for illegal activities. Can my govt track me? Can US govt track me? I know it encrypts something but if I remember correct, FBI was able to find some Tor users before.

Note: illegal activities was for example. I’m not going to do anything illegal. I’m just planning to serve my instance with a onion address.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    16
    ·
    edit-2
    1 year ago

    ToR was started by the US Navy and still gets funding from the navy every year. ToR is a tool used by the US for spooks and spook assets globally. The only reason it was made public was to generate enough noise to hide the spook talk.

    So applying your logic means you shouldn’t use ToR either.

    • iso@lemy.lolOP
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      Hmm, maybe you’re right. But still its not like they didn’t released the source code for a year.

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        https://github.com/signalapp/Signal-Server

        Its there now, but you never know what they are really running on their servers. In end to end networks, you should never trust the network, only the clients.

        I think you need to take time and model out your threats, the EFF has tools to help you do this, then choose the tools that match best.

        • iso@lemy.lolOP
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          You’re right. Thats why I like Matrix more than Signal now.

          Also I’m not looking for a security method to escape from a specific target. It’s all curiosity about general security.

          • jet@hackertalks.com
            link
            fedilink
            English
            arrow-up
            8
            ·
            1 year ago

            matrix leaks metadata to the servers much worse then signal, just FYI. Hating how a team runs is different then then risk profile of the product.

            Don’t like emotions cloud your decision making

            • iso@lemy.lolOP
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              I’m not hating. I just like keeping my half encrypted data on my own server instead of fully encrypted on someone else’s server.