Whispering Apples
November 15, 2011 11:01 PM Subscribe
Tor has user-friendly distributions available for all major platforms, including Android. Yet, Tor has always required jail breaking on iOS, until now.
There is however one big question about Covert Browser : Can you trust closed source crypto?
A priori, any closed source cryptographic software carries an enormous risk of major flaws or malicious backdoors. Do you trust this Stephan Hoffmann? If so, do you trust that Apple won't modify the App Store version?
In practical term, political dissidents should probably eschew iOS for Android's open source releases anyways. If you aren't so important though, Covert Browser still increases your privacy and security.
There is a similar project to Tor called I2P, which although not nearly as mature, claims better optimizations for hidden services. Tor's .onion TLD might offer more hidden sites however.
You should be aware that Tor and I2P cannot provide message security, which requires off-the-record messaging for IM and GnuPG for Email. Tor Browser bundles do however employ the Eff's HTTPS Everywhere for post exit node encryption.
There is however one big question about Covert Browser : Can you trust closed source crypto?
A priori, any closed source cryptographic software carries an enormous risk of major flaws or malicious backdoors. Do you trust this Stephan Hoffmann? If so, do you trust that Apple won't modify the App Store version?
In practical term, political dissidents should probably eschew iOS for Android's open source releases anyways. If you aren't so important though, Covert Browser still increases your privacy and security.
There is a similar project to Tor called I2P, which although not nearly as mature, claims better optimizations for hidden services. Tor's .onion TLD might offer more hidden sites however.
You should be aware that Tor and I2P cannot provide message security, which requires off-the-record messaging for IM and GnuPG for Email. Tor Browser bundles do however employ the Eff's HTTPS Everywhere for post exit node encryption.
This post was deleted for the following reason: Wow, I realize how weird it is to delete this today, but this post is full of editorializing, first-person voice, and really is a your-own-blog kind of thing. If someone wants to do a more objective post on the Tor news, that's fine. -- taz
is it just me or are there a whole bunch of hidden comments here?
posted by philip-random at 11:58 PM on November 15, 2011
posted by philip-random at 11:58 PM on November 15, 2011
If so, do you trust that Apple won't modify the App Store version?
Oh for goodness sake, is there any evidence that they have?
I mean, there are already literally thousands of secure utilities or apps that use strong crypto on the App Store — Prompt, for example, or any other SSH client.
Is there any evidence whatsoever that shows Apple has modified the code in those apps?
posted by Blazecock Pileon at 12:01 AM on November 16, 2011
Oh for goodness sake, is there any evidence that they have?
I mean, there are already literally thousands of secure utilities or apps that use strong crypto on the App Store — Prompt, for example, or any other SSH client.
Is there any evidence whatsoever that shows Apple has modified the code in those apps?
posted by Blazecock Pileon at 12:01 AM on November 16, 2011
« Older Teeth, Interrupted | This is my finest film yet Newer »
This thread has been archived and is closed to new comments
posted by jeffburdges at 11:19 PM on November 15, 2011 [1 favorite]