[monero-xmr]

Njalla is a misunderstood company. You can buy domains and VPCs with monero over VPN / Tor and be totally anonymous. However they will immediately roll over and give everything away to LEO. If you are conducting activity and a valid legal request comes to end that activity, they will. It is on you, the customer, the ensure you are operating privately and not conducting activity in a way that attracts valid legal requests.

Nitter should have anticipated this and planned accordingly. The law is the law. Njalla is a wonderful service but they are not outlaws. They are structured in such a way to make it more difficult to stop their customers, and they hold less data about them. But they operate within the law.

If you use their service and don’t take the adequate steps to protect your privacy, they will give away your data in accordance with the laws of the domicile they operate under.

[crotchfire]

Dude how do we know the legal request was valid? Or that there even was a legal request?

You're jumping the gun here. The primary concern is the absurd radio silence from Njalla. Not acceptable. Once they rectify that maybe there will be other problems revealed, but at the moment them being AWOL is the issue.

[monero-xmr]

It’s the weekend, maybe give them a few days. Njalla is not going to destroy their reputation over Nitter. Likely they didn’t even know anyone cared about this service.

[junon]

> Njalla is not going to destroy their reputation over Nitter

They're doing a decent job so far.

[crotchfire]

That's exactly my point: if the reason for suspending the domain was SO URGENT that it had to be done on a Saturday, then they can find time to explain their actions on the same day they took them.

> Likely they didn’t even know anyone cared about this service.

Er, you do know that both Njalla and Nitter cater to the surveillance-disliking crowd, right? I would be shocked (shocked!) if there aren't multiple Njalla employees who use nitter instances daily.

Can't tell if trolling or...

[dns_snek]

> Njalla is not going to destroy their reputation over Nitter

What exactly is this supposed to mean?

Building your product on top of a domain that someone else owns (by design) is an inherently risky proposition. The only type of customer Njalla would attract in the first place are fringe privacy-conscious customers who begrudgingly accept this risk.

This is exactly the type of nightmare scenario their customers don't want to run into. If they don't treat these issues as a matter of urgency and don't support their customers as much as they're legally allowed to by fighting BS requests, they'll very quickly find themselves out of business. I suppose the irony of this is lost on you, "monero-xmr".

[DoItToMe81]

Doubt it was a legal request. Njalla shoots first and asks questions later if there's any risk of controversy.

[nhggfu]

I'm pretty sure tor is not anonymous. I read a while back that the US gov controls most of the exit nodes (or something like that) + can do some decrypting monkeybusiness

[halJordan]

Anything that can be produced without evidence can be dismissed without evidence.

In our case, the evidence we do have is that tor is a hotbed for crime. That indicates tor is not some captive tool of the us government.

[antihipocrat]

Apply the same logic to your assertion. There could be many legitimate reasons for Gov intelligence to control exit nodes without prosecuting every illegal activity.. Same as with local police not prosecuting every crime openly committed in nightlife districts of every major city.

[theturtletalks]

Have you heard of parallel construction? LEOs use it to hide how they actually cracked the case and can get away with using inadmissible evidence.

[bugglebeetle]

I’m not sure this follows. Intelligence and federal police services routinely “manage” crime to various ends. Go read Tim Weiner’s Legacy of Ashes or Enemies for myriad examples.

[phero_cnstrcts]

Unless it’s the government doing the crime.

[nabogh]

Please don't just vaguely say you're pretty sure of something because of a half remembered fact

[monero-xmr]

Whether they can or can’t isn’t really the question. Tor is publicly believed to be private and the government has never tipped its hand that it’s not. In cases where maybe they could compromise Tor, they would have had to use parallel construction, because in court they have never stated they can compromise Tor.

So from an opsec perspective, the question is if the level of your activity rises to the point such that a government entity would take the effort to create parallel construction. If you are not doing something that would anger the government so much, then Tor is a good smoke screen in front of your activity.

Everything is effort and probability. Given enough time and resources you will always be unmasked - always!

[fbdab103]

Even if the government controls all of the Tor exit nodes, that does not give them omniscient knowledge. Presumably the wrapped communication protocols are still going to be encrypted. There would have to be a different information leakage to completely compromise you. So, not great if your interested in maintaining total secrecy, but better than nothing.

That being said, if the government was really interested in correlating timestamps with Tor activity, it is reasonable to assume they have that power. I assume Tor activity stands out, and every ISP might already be logging such connection events.

[monero-xmr]

As a thought experiment, assume the government has perfect knowledge of Tor activity, yet chooses not to reveal this fact. I would say government compromise is the perennial anxiety of Tor enthusiasts.

My point is that even if it’s true that Tor is compromised, the value of Tor as a honeypot is so great that the government has thus far refused to acknowledge they can. Because if they did, Tor would die overnight and something even stronger would replace it.

So even if you operate under the theory that Tor is compromised, it’s still vastly superior to clearnet because the value of Tor as a honeypot means most people using it for anonymity will remain anonymous.

[kmeisthax]

One thing to remember is that Tor was created by the government, specifically to encrypt the communication of CIA spies. They released it to the public specifically to provide plausible deniability to those spies. So backdooring the protocol right out of the gate would be an own goal.

That being said, I have no clue if they still use it. Presumably if the US government found a vulnerability in Tor, they'd either stop using it, or run some other layer of encryption on top.

[CableNinja]

Same reason the US didnt reveal they had an engima machine. If word got out, the Germans wouldve changed the codes or made a new process practically over night.

You just use the information to plan "random" "oopsie we spotted you" missions

[strken]

Was this about that time the US govt paid CMU $1m?

From memory that attack involved running a huge number of exit/relay nodes and someone was able to show a massive spike in online nodes as evidence, but I can't remember who.

[edm0nd]

this misinformation and nonsense gets mentioned so often

it is in no way true