<div dir="ltr"> <div class="gmail_extra"> <div class="gmail_quote">On Mon, Jun 10, 2013 at 1:42 PM, Amr Ali <<a href="mailto:amr.ali.cc@gmail.com" target="_blank">amr.ali.cc@gmail.com</a>> wrote: <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">This is not popular, but TOR is not as secure as "people" like to proclaim. Browser plugins can completely circumvent the intended security of communicating over TOR by establishing direct connections, node-poisoning (i.e., introducing several "Eve" nodes in the network) to mount traffic analysis and find correlations at the exit and entry nodes to identify the origin of the connection or the nature of the content. And in fact any distributed communication setup is vulnerable to these types of attacks. The difference between using something like TOR and not using it is basically raising the bar to face more skilled adversaries. The point is, you can surely try to make it harder, but it's futile if you become a subject of interest to a well funded and well organized adversary. That of course and you'll have to suffer a high degradation of QoS due to the security requirements of these types of distributed setups. There's a good solution on the rise (i.e., Homomorphic Cryptography) that would store your data in the cloud in encrypted form and you can run processes against it without exposing the data to the service provider, but that still has some work to be done to go mainstream. </blockquote><div> </div><div>Nice... :D </div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div class="im"> On 06/10/2013 01:26 PM, AMahdy AbdElAziz wrote: > Correct me if I'm wrong but AFAK, Tor is hiding your traces from the Website not > from the ISP. Your ISP is the final line sending you the "data" and knows > exactly from where this data is coming. > > -- > AMahdy AbdElAziz > <a href="http://www.AMahdy.net" target="_blank">http://www.AMahdy.net</a> > > > On Mon, Jun 10, 2013 at 1:14 PM, Mohammed Gamal <<a href="mailto:m.gamal005@gmail.com">m.gamal005@gmail.com</a> </div><div class="im">> <mailto:<a href="mailto:m.gamal005@gmail.com">m.gamal005@gmail.com</a>>> wrote: > > @Amahdy: > You can still use something like Tor if you want to hide your traffic > from your ISP. The problem with cloud sites is that YOUR data resides > at THEIR servers, so you have absolutely no control over it, and this > is a valid risk (whether you're willing to take it is a different > story). Stallman might be overdoing it, but he has some valid > arguments. > > That's why initiatives like decentralized social networks like > Freedombox and Diaspora are important to provide a future alternative > for centralized social networks and clouds like Google and Facebook. > > I recommend you watch two talk by Eben Moglen, one titled 'Freedom in > the cloud' and 'Why Political Liberty Depends on Software Freedom More > Than Ever' keynote speech at FOSDEM 2011. Search for them in youtube, > they're very informative. > > Regards, > Mohammed > > On Mon, Jun 10, 2013 at 1:08 PM, AMahdy AbdElAziz <<a href="mailto:amahdy7@gmail.com">amahdy7@gmail.com</a> </div><div class="im">> <mailto:<a href="mailto:amahdy7@gmail.com">amahdy7@gmail.com</a>>> wrote: > > +1 for Amr Ali. I kept repeating this for ever, it's your choice to either > > stay outdated and ages behind technology just seeking a way for a fake > > "privacy" and "free software", or to just move on like everybody on planet > > earth is peacefully with his life. What's the big issue if someone in USA > > knows your current location right "now"? What if they just hired a physical > > person to track your current location, would you be able to stop him? > > > > Just place a big bold line between your internet life and your real life and > > that's it. > > > > GNU Linux is "free open source software" but you never know what the > > executable that you download pre-built contains. Will you download the > > source of everything and compile? then make sure to "read" the source code > > of everything too AND tell me how you gonna compile a compiler from source. > > > > Right now even if you open the internet from a direct connection with no > > proxies, how can you tell that whoever providing you internet (your ISP) is > > not tracking you? They easily CAN do it, and if it's not them then whoever > > provide your ISP internet CAN do it. Big hassle to worry about it and at the > > end of the day, do you really have something on internet to hide it? Please > > just hide it now and forever! > > > > > > -- > > AMahdy AbdElAziz > > <a href="http://www.AMahdy.net" target="_blank">http://www.AMahdy.net</a> > > > > > > On Mon, Jun 10, 2013 at 12:52 PM, Amr Ali <<a href="mailto:amr.ali.cc@gmail.com">amr.ali.cc@gmail.com</a> </div><div><div class="h5">> <mailto:<a href="mailto:amr.ali.cc@gmail.com">amr.ali.cc@gmail.com</a>>> wrote: > >> > >> The problem is not privacy, what is privacy? It's BS, doesn't exist. If > >> someone > >> wants privacy they should simply stop using the Internet, find a cave and > >> protect it against satellite thermal imaging, and stay there for good. > >> Also it > >> is not about interfaces, Stallman is simply being stupid and ignorant by > >> suggesting that having your own mail-server or replicating any of today's > >> infrastructure technologies will help you in any significant way; > >> absolutely > >> not! It's about Big Data and information dissemination. > >> > >> There are just a few reasons that most "people" really need privacy for > >> and they > >> are mostly unjustified and often ludicrous. There's no way you can assert > >> the > >> privacy of a piece of information once it goes outside your machine; > >> granted > >> there are methods to help you "feel" more secure, but truth of the matter > >> is, > >> security in itself is a "feeling", it is an illusion, it's confidence > >> built upon > >> the unlikelihood of a persistent adversary, and that's why we invented the > >> nomenclature of Advanced Persistent Threat (APT) which is used to account > >> for > >> worst case scenario profiles of malware, individuals, and organizations. > >> Nothing > >> can be secure or private indefinitely, it is theoretically impossible due > >> to the > >> lack of an epistemological authoritative root that can assert the security > >> or > >> privacy of any piece of information (e.g., Certificate Authorities are > >> pseudo-roots because who can be authoritative about their security? No > >> one!) > >> > >> I've helped build services that you just won't believe how accurately it > >> can > >> pin-point your location and identify you out of millions of other users > >> based on > >> very small data facets it collects once you visit any site that uses the > >> service > >> (and you cannot do much about it btw unless you want to start using Lynx), > >> it > >> sits on-top of billions of fingerprints. It is simply preposterous to even > >> think > >> that you have significant control over anything that comes out of your > >> computer. > >> > >> </rant> > >> > >> National security under today's challenges (i.e., the fact that the > >> virtual can > >> and does affect the physical) forces governments to tap into the most > >> fertile > >> pool of intelligence.. I've gone on and on about this on my blog > >> > >> > (<a href="http://d4de.tumblr.com/post/52374664591/thoughts-on-big-data-and-information-dissemination" target="_blank">http://d4de.tumblr.com/post/52374664591/thoughts-on-big-data-and-information-dissemination</a>). > >> > >> On 06/09/2013 10:13 PM, Eslam Mostafa wrote: > >> > Hey guys, > >> > while reading this article: > >> > > >> > > <a href="http://www.guardian.co.uk/technology/2008/sep/29/cloud.computing.richard.stallman" target="_blank">http://www.guardian.co.uk/technology/2008/sep/29/cloud.computing.richard.stallman</a> > >> > > >> > i was offended by this "The concept of using web-based programs like > >> > Google's > >> > Gmail is "worse than stupidity", according to a leading advocate of free > >> > software." yeah felt stupid for a moment :D what does the guy use ? > >> > > >> > "this mail has been sent using GMAIL" > >> > > >> > -- > >> > Eslam Mostafa, > >> > My Blog <<a href="http://cseslam.wordpress.com" target="_blank">http://cseslam.wordpress.com</a>> > >> > My Website <<a href="http://eslammostafa.com" target="_blank">http://eslammostafa.com</a>> > >> > GNOME Memeber > >> > Python/js/GTK+ Developer > >> > > >> > > >> > > >> > > >> > > >> > >> -- > >> Amr Ali > >> > >> -- > >> Ubuntu-eg mailing list </div></div>> >> <a href="mailto:Ubuntu-eg@lists.ubuntu.com">Ubuntu-eg@lists.ubuntu.com</a> <mailto:<a href="mailto:Ubuntu-eg@lists.ubuntu.com">Ubuntu-eg@lists.ubuntu.com</a>> <div class="im">> >> Modify settings or unsubscribe at: > >> <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg" target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a> > > > > > > > > -- > > Ubuntu-eg mailing list </div>> > <a href="mailto:Ubuntu-eg@lists.ubuntu.com">Ubuntu-eg@lists.ubuntu.com</a> <mailto:<a href="mailto:Ubuntu-eg@lists.ubuntu.com">Ubuntu-eg@lists.ubuntu.com</a>> <div class="im">> > Modify settings or unsubscribe at: > > <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg" target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a> > > > > -- > Ubuntu-eg mailing list </div>> <a href="mailto:Ubuntu-eg@lists.ubuntu.com">Ubuntu-eg@lists.ubuntu.com</a> <mailto:<a href="mailto:Ubuntu-eg@lists.ubuntu.com">Ubuntu-eg@lists.ubuntu.com</a>> <div class="HOEnZb"><div class="h5">> Modify settings or unsubscribe at: > <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg" target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a> > > > > -- Amr Ali -- Ubuntu-eg mailing list <a href="mailto:Ubuntu-eg@lists.ubuntu.com">Ubuntu-eg@lists.ubuntu.com</a> Modify settings or unsubscribe at: <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg" target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a> </div></div></blockquote></div> </div></div>