Is there any evidence that SR2.0 was not set up by TLA in the first place?
@ Anura, on Detection of TOR users/hidden servers
What you wrote on detecting hidden services is absolute plausible. Yet another demonstration of how powerful metadata analysis is!
Anyhow, I doubt this to be the truck-sized weakness, since it is no wekness of running a hidden server in TOR, it's a general weakness of running a server.
@ JK, on war on passwords
The password removel plans remind me of what I keep telling my clients: Tokens are fine but they can be seized or duplicated.
@ Pete, on systems that cannot be taken down
Is it possible, in theory, to set up a website or a peer-to-peer system that cannot be taken down?
In short: No.
The biggest weakness is communication between nodes. Even if you secure nodes with biggest effort, you still rely on communication lines. To take you down, just take down the whole communication system. Period.
Solution would of course be the installation of own infrastructure.
You would have to set up your own infrastructure which makes it in turn so very easy to find out who participates. Let alone the challenges related to establishing a global communication system from scratch.
@ Rick, on genome data
On the Google/Genome thingy -- I wouldn't even know why I should want to store my genome in the cloud or even analyze it there.
The idea of research usage in the cloud is painful -- it is a sure bet that there will be medical stuff unwittingly uploading genome data of unknowing patients. And guess what, it will be the poor ones who have no other chance.
In this context: Never forget the growing military side of Google. Who knows how far we are away from weapons targeting just persons with a special genetic pattern? Welcome to holocaust 2.0.
@ Rick, BoppingAround, on private conversation
Regarding private conversation -- it has become surprisingly hard to have a really private conversation. When I need a really private conversation with someone, we go to a nearby public bath or gym. Not for the fitness, but for the showers.
I consider them quite hard to evasdrop from scratch without greater effort: Walls are quite plain and easy to check for manipulation. No smartphones or other wearables. And the shower makes a solid background noise. Unfortunately such institutions with unixes showers are hard to find. Sauna might pose an alternative, but I don't trust the wooden panelling and there is no background noise.
Additional plus: You do not have to enter together and the two of you training at the same timeslot does not necessary mark an event of interest. Thus: Make fitness a hobby!
@ Thoth, on how clients perceive crypto
On the disappointment of educating others on INFOSEC: Crypto is magical. We are the 2.5% (just my gut-based estimation) of users who understands what goes on before the browser shows the nice lock symbol and how wothless this is in fact. 97.5% of users just have no other chance than belive what the magician says. Of course they cannot stand a chance against LSA. We cannot and we won't change this. We partly need to accept it.
@ All the Germans reading here
Best wishes on the 25th anniversary of tearing down the wall. It takes the heart of a lion to stand up to an organization such as Stasi. My salutes to those on the streets of Leipzig, Dresden, and Berlin in fall 1989. Enjoy your freedom*, you earned it.
-- Which also can be seen as an answer form history what change it needs for education to become more educative.
* Yes, I do realize that in Germany freedom has been restricted over the last years, too -- but it's still not as half as bad as in other countries. At least you still have notable investigative journalism. And yes, I read about BND asking for more money to break SSL and Benni's link. Investigative journalism. I just love it.