While OPs reasoning is sound (though the question of tracing how they spend their donations still remains open), the thing is that however well you started, you don't even get afforded one single mistake you can make.
No matter how small the mistake, if you made it, the cat is out of the bag and you're screwed. No matter whether you notice and correct it - in light of the current spying climate, you can be certain that your mistake was logged somewhere.
There's so many things to keep in mind in order to avoid mistakes, I can't even imagine them all.
Misconfigured your browser to not use tor when posting? Sending the bitcoins donated to you to somebody who gets compromised later? Disconnecting from tor without first logging out of StatCounter and then checking your stats? Plugging your USB-stick into a machine infected with some BIOS malware?
The possibilities are endless and you don't get even a single "extra life" (to use a gaming term). Screw up only once and you're screwed forever.
It's kinda like software security: It has to be perfect. Even if it's mostly perfect and only one single vulnerability exists and is known, you're as screwed as if your software was open like a sieve.
The days of anonymity on the internet are over. Yes, you can build sufficiently high hurdles to guard against most people, but those that really want to know, will know in time.
It's not like your anonymity is one in a billion. In fact, your security habits make you stick out like a flashing red light.
Perfect anonymity: 1 in 7e9
Fluent English speaker: 1 in 7e8
Tor user: 1 in 3e6
Tor user today: 1 in 1e5
Fluent English speaker and Tor user today: 2 in 10,000
Fluent English speaker and Tor user today and accessed both Google Translate and Outlook.com outside Tor today (because Google and Microsoft block Tor exit nodes): 1 in 1,000
All of the above and purchased a Kingston Digital DataTraveler from Amazon in the last year: 1 in 10
sure, there may only be 5,000 fluent English speakers who used Tor today (number seems low, btw), but you and the NSA have no idea (per NSA docs--away from Firefox users) who those people are.
Your logic may have found that needle in the haystack, but we don't even know which haystacks to look in.
And probably bad analogy, b/c not a heavy computer user, but if it took so long to find bin Laden, I'm sure many others (even heavy computer users) could hide for much, much longer.
The real risk, like others have said on this board, is one slip up can ruin you.
Around 100% for anyone using the normal Tor browser bundle.
Tor is designed to hide who you are talking to, not the fact that you are using Tor. IPs and other metadata about normal Tor relays are published publicly by the network and are used by the client to build circuits through the network.
There is a special form of hidden entry node called a bridge that is designed for use in censorship-happy countries like China, but using them is a manual process that isn't the default. Traffic through bridges is a very low percentage of overall Tor usage.
The "one slip up" does appear to be the more common risk today, but I think the reason the NSA wants to archive everything for later analysis is precisely panarky's scenario.
You are right that today it remains a bit difficult, but as time goes on, sheer engineering effort will give us a better set of tools to do this kind of "show me TOR + Outlook + Kingston buyers + Mozilla user agent" queries.
Perhaps we're looking at this problem the wrong way. What if, instead of trying to hide our activity online we drown our signal in noise; make activity logs worthless.
For example instead of everyone having a unique email address, why not have shared email accounts with many hundreds of thousands of people, but where messages meant for you are encrypted with your public key. Your email client will attempt to decrypt all messages the account receives but will only succeed with yours.
Or for making a blog post, rather than publishing on one single server / blog domain, why not post to hundreds or thousands of different blogs at once, using all kinds of different IP addresses. Perhaps even have other people that blindly post for you (mechanical turk/crowd sourcing)
Perhaps the meta level idea here is if we want to restore privacy, we need to sacrifice our individual identity (my email address, my blog, my phone) and lose ourselves in the crowd
Your argument has two parts:
1. Ensuring one's online privacy is hard. Very hard.
2. Because of this premise, the days of anonymity are over.
I take issue with the second point. It reflects a common post-NSA scandal sentiment, which is that we should throw up our hands and give up because security is hard and spy agencies are brazen.
Like invasions of privacy, rape, murder, bank robberies and traffic accidents will inevitably occur, no matter how hard we and our communities establish defenses against them.
Yet we keep trying to confront these serious societal problems, year after year, and if we can help or save just one individual, the effort has been worthwhile.
So, let's focus on gradually improving our security through action and education. It's time to do away with the spirit of apathy and hopelessness that is starting to pervade discussions about online privacy.
> "Like invasions of privacy, rape, murder, bank robberies and traffic accidents will inevitably occur, no matter how hard we and our communities establish defenses against them."
The crucial difference between invasions of privacy and the rest of your list is that strong deterrents exist for the latter part of your list. Even if you ignore the legal consequences of rape, murder, and bank robberies, all expose you to the risk of violence in response to your actions. Traffic accidents are by definition both unintentional and unexpected, whereas most invasions of privacy are not.
These things have all been minimized to soceitally acceptable levels because of specific deterrents that are in play. Presently, there are few deterrents to both public and private invasions of privacy by large companies or institutions. Until strong deterrents exist, the violations will continue. This is why a few changed rules at the NSA and a slap on the wrist for senior intelligence officials won't prevent privacy violations in the long term. Until jail sentences start getting handed out that are comparable to those for robbing banks, large institutions will continue collecting troves of data and using it to rob people of their privacy.
The main point I take away from your comment is that the fights against rape, murder and bank robberies are more mature than the fight against invasion of privacy.
A look back in time reveals that the deterrents against these violent crimes have been established gradually, through education, civil organizing and political lobbying. For example, contrast the perceived consequences of rape in the 1940s with those in 2014.
The United States has also made considerable strides toward the right to privacy. For example:
- Weeks vs. United States, establishing Americans' right against unreasonable search and seizure
- Lawrence vs. Virginia, which reinforced couples' rights to privacy concerning sexual conduct
- Griswold vs. Connecticut, which solidified the right to marital privacy.
I don't dispute that protecting personal privacy is hard. Nor do I dispute the fact that agencies such as the NSA have cast an ominous shadow on the United States' hard-won victories in the privacy arena.
But American history is full of victories concerning privacy, some of which seemed far-fetched in their times. The silver lining of the NSA scandal is that it made everyday Americans more aware of privacy issues. That awareness should be leveraged in a positive way, to demand accountability and build on deterrents against snooping.
Protecting your privacy is literally impossible. People will squirm, people will say they do it, but none of it is true. People just hate to not be in control, and so they'll justify their inane behaviors as "protecting my privacy!" when in reality, there is literally no successful known way to do such a thing.
If there were a successful way to protect information, it'd be known and used.
But there isn't. All you can do is make it harder. It's not apathy, it's reality.
I protect my privacy dozens of times every day: closing my blinds, signing out my email account, encrypting some personal documents, locking my car doors.
This is not to say that a government agency couldn't crack my encryption, or break into my car, but I take small reasonable steps to protect my property and information.
Protecting and guaranteeing beyond a doubt are two distinct concepts. When people create a false dichotomy between these things, they give themselves a license to not even try.
So it's simple... Don't screw up and the days of anonymity on the internet are not over. The fact that it's possible should make us all happy: now we have a very low-level techy-only solution to anonymity. Like all low-level techy-only solutions, this can be built upon to make more general-purpose solutions and hey-presto - we're back in the game!
That's what really excited me about this challenge. I heard about how DPR got caught from a StackOverflow login, and I wanted to see how difficult it would be to maintain anonymity.
It turns out that it's really fucking difficult. Also, it kind of sucks that I couldn't talk to any of my coworkers about being on the front page of Hacker News!
It's not about being perfect. It's about costs. If de-anonymizing you is prohibitively expensive, no one will do it without a very good reason. Problem is, it's becoming increasingly cheap, because most technologies we use these days are built with blatant disregard for privacy issues. Modern Web is designed to track you and it leaks your personal information left and right in the process of tracking. If we improve the technologies, the costs will shift.
If you're doing something illegal that will attract serious attention from competent police, you are dumb for using electronic communication to do it. Smart mobsters did their business face to face in the 1950's. Smart street-level drug dealers use proxies (kids, grandparents, etc) to conduct transactions.
If it's just an exercise in screwing around looking for theoretical security, nobody cares. Best case, you're wasting time better spent elsewhere. Worst case, you're going to get in trouble for laundering money via bitcoin.
If you're a leaker, etc. You'd have better security printing and mailing cash to people. Mail content is protected legally and requires a warrant to open. If you insist in using technology, print a GPG-encrypted letter in an easily OCRable font.
The answer is not trying to protect ourselves. That's a losing and lost battle. We should try to tear down anonymity, hiding and protection of the powers that be.
..Make Obama, and any "Obama", wear a cam and mic, open all the time, connected to the inet. Make all bank accounts and transfers of everybody (corps included, of course), open to see to anyone.
..The above of course is extreme and won't happen. But that's the direction we should aim for. Not protect ourselves. We lost already. Open up the opponent.
I know you're being hyperbolic, but an economy where every transaction is public and searchable would be AMAZING.
You think a free market is efficient at allocating resources? what about a free market with perfect information for all players. It changes from poker to chess, deception is no longer a valid strategy.
Finally someone who gets it! I've been saying this for ever. Our society is moving to one with fewer and fewer secrets.
When Facebook pushes privacy concerns, it's actually just reflecting our new reality and trying to stay relevant.
The "issue" that we will be coming up against is that people need time to adjust and to be honest, people aren't used to knowing everything about each other.
To give an absurd example for the purposes of illustration: If your boss finds out that you like to cross dress on the weekend it may reflect poorly on you . In reality this is simply b/c he knows something unusual about you and your coworkers continue to look "normal" in his eyes. If he knows that you crossdress, Jeff likes to be tied up, and Bob's wife is a tranny then it no longer becomes a big deal.
The same goes for more sensitive things, like the amount of women that have abortions, or misscarriages, or people that have mental disabilities or are on antidepressants, or do hard drugs in their spare time. We shield ourselves from certain things to the point where when we get exposed to them we don't react appropriately b/c we have no reference point.
The reason Obama wouldn't be okay with a mic is mostly because no president before him has had a mic. So if he cusses out other world leaders on the daily, he'll look like a grade A asshole - regardless of whether or not other presidents have done it.
While I believe that any presidential person in power including his staff is mainly interested in their own protection, they are also partially aligned with my protection.
The degree at which they oppose me or protect me is unknown by me, but for the most part I believe they are protecting me, not for me, but because I naturally align with them.
Now, if you are not an American, their interests are much less aligned with yours. In that case, I agree.
For example, I would appreciate if all foreign government officials had all their emails, phone calls etc. open, but would like to protect my officials.
Hypocritical? I don't think so, its basically a matter of wanting the people with alignment to me to continue having power.
"I believe that any presidential person in power [..] they are also partially aligned with my protection"
Citation needed? If you were a eg a google employ at the time of wage fixing, would you think it cared about you, cause "your had aligned interests"? Maybe you should q what your interests are, and what of the politicians and mega corps.
Call me cynical, but they care for your protection, as much, and for the same reasons, as the kings used to "care" about their serfs.
"The degree at which they oppose me or protect me is unknown by me, but for the most part I believe they are protecting me"
Stockholm syndrome? Sad love story? You (us) being played, manipulated and exploited?
No matter how small the mistake, if you made it, the cat is out of the bag and you're screwed. No matter whether you notice and correct it - in light of the current spying climate, you can be certain that your mistake was logged somewhere.
There's so many things to keep in mind in order to avoid mistakes, I can't even imagine them all.
Misconfigured your browser to not use tor when posting? Sending the bitcoins donated to you to somebody who gets compromised later? Disconnecting from tor without first logging out of StatCounter and then checking your stats? Plugging your USB-stick into a machine infected with some BIOS malware?
The possibilities are endless and you don't get even a single "extra life" (to use a gaming term). Screw up only once and you're screwed forever.
It's kinda like software security: It has to be perfect. Even if it's mostly perfect and only one single vulnerability exists and is known, you're as screwed as if your software was open like a sieve.
The days of anonymity on the internet are over. Yes, you can build sufficiently high hurdles to guard against most people, but those that really want to know, will know in time.