Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
Edward Snowden Profile picture
Edward Snowden
@Snowden
I used to work for the government, but now I work for the public.

Aug 24, 2019, 9 tweets

@toholdaquill @NSAGov @Tails_live I wouldn't expect any system to be totally secure, much less remain secure forever in the face of adversary advances, but that's not the claim. Security is process of choosing between "less safe" and "more safe;" and continuing to fork toward safety until you reach "safe enough."

@toholdaquill @NSAGov @Tails_live Against a TLA, Tor (when used with particular care for what is being transmitted, and how, so as to limit the impact of bad exits and traffic analysis) was and is, in my opinion, far better protection than typical alternatives like static VPN tunnels.

@toholdaquill @NSAGov @Tails_live "Far better" doesn't imply "secure against TLA," it just means "more safe." "More safe," in isolation, often means "not safe enough," which is why we layer in protection for defense in depth. Even way back in prehistoric 2013, Tor was simply the outermost layer.

@toholdaquill @NSAGov @Tails_live All we know today is that at a certain point in time, old standbys like Tor, OTR, and GPG were "safe enough" for the given threat model, because they successfully protected the communications they needed to in the manner they were required to.

@toholdaquill @NSAGov @Tails_live One day, they may no longer be safe enough. We don't know when that is until someone proves it: maybe it's today, maybe it's never. But none of the most common kinds of conspiracy-minded FUD we see raised against Tor today have been backed by anything more than air.

@toholdaquill @NSAGov @Tails_live The primary threat facing someone trying to stay anonymous on the internet today is their own bad opsec, and that is precisely the same as it was in 2013. Tails—and Tor—reduced the number of ways anyone on my team could make dangerous mistakes, and so were crucial protections.

@toholdaquill @NSAGov @Tails_live If you look at the way post-2013 whistleblowers have been caught, it is clear the absolute most important thing you can do to maintain your anonymity is reduce the number of places in your operational activity where you can make mistakes. Tor and Tails still do precisely that.

@toholdaquill @NSAGov @Tails_live If I were going to reprise my work in 2013 in a 2019 environment, I'd almost certainly still use Tor and Tails via different hacked WiFi APs for each communication. Even if traffic analysis reveals the origin of your communication, it doesn't need to lead back to you. Layers!

@toholdaquill @NSAGov @Tails_live The technology changes, but the principles are always the same.

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling