W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: SSL/TLS everywhere fail

From: Willy Tarreau <w@1wt.eu>
Date: Sat, 5 Dec 2015 08:17:19 +0100
To: Jacob Appelbaum <jacob@appelbaum.net>
Cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, Mike Belshe <mike@belshe.com>, Amos Jeffries <squid3@treenet.co.nz>, httpbis mailing list <ietf-http-wg@w3.org>
Message-ID: <20151205071719.GA23498@1wt.eu>
A bit off-topic, but since it was brought here...

On Sat, Dec 05, 2015 at 03:51:11AM +0000, Jacob Appelbaum wrote:
> If I was a betting person, I'd bet they continue to work - except Tor
> Project, I expect that to be blocked if it isn't already. Here is our
> user graph for the entire year of 2015 for Kazakstan:
> https://metrics.torproject.org/userstats-relay-country.html?graph=userstats-relay-country&start=2015-01-01&end=2015-12-05&country=kz&events=off

I always find it a bit funny that the infrastructure that provides you
with a supposedly safe network respecting your privacy openly collects
data based on your source address and phones home to feed statistics
that are presented to the public. When you look at small places such
as Niue, you see between 0 and 1 user basically, so the deployment is
probably so small that everyone there knows exactly who's the person
being using Tor and can monitor his/her internet usage in real time :


It may be a kid supposed to work on his lessons and whose parents are
monitoring from their workplace using this graph, knowing when he's
wasting his time on the net instead of working. This kid would have
remained unnoticed by *not* using Tor and maybe he doesn't understand
how his parents know he lies! That's always the problem when one
starts to get many users, it becomes hard to resist to the temptation
to collect data, it might be in human nature :-/

Received on Saturday, 5 December 2015 07:18:00 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC