[kwlug-disc] The Open Technology Fund is a front of the U.S. government.

Fri Dec 10 21:30:03 EST 2021

Chris Frey wrote on 2021-12-10 3:33 p.m.:

> Do you trust the US government?

Depends on which part of the US government I suppose. NASA seems mostly 
okay, for example.

> Do you trust Signal?

I have no opinion on them, but ... probably. Moxie Marlinspike's 
project? Yeah, probably.

> there was official resistance from Signal against people including
> their own compiled versions in their own projects, such as the Android
> project F-Droid.

Wait, they put out a security-focused project and object to having it 
redistributed in compiled form embedded in others' projects?

Seems reasonable, since they don't have time to audit all those 
projects, who likely use the Signal brand to enhance their own image of 
being secure.

> The lack of openness was a black mark on them

I'm reading it rather the opposite, am I misunderstanding something?

> Do you trust Tor?

Probably. I believe they put in their best effort to be secure but I 
don't know how well. Surely not perfectly.

> But I don't
> know who runs the exit nodes, and it is a giant target for surveillance.
> Those that use it have to balance that risk with the benefits.

Agree with that.

> So when I read an article like the one on Mint Press News, it is merely
> adding more data to what I already know.  And it is data.

But is it accurate data? More on that in a moment.

> There is a
> link from that article to a PDF from usaid.gov, titled
> "Congressional Budget Justtification" which directly links the US
> government, USAGM, and OTF.  Is there a reason I should not believe
> a document from usaid's own website regarding their own plans and funding?
> What am I missing?  Did I read something wrong?

The US government, like any large organization, has sections that 
compete with each other.

NSA wants to read everything, everywhere, all the time.

US State department might want ToR to allow foreign dissidents to 
communicate freely.

If US Congress funds ToR through various channels, doesn't mean a lot to 
me. In fact, it's probably a Good Thing™ since it would likely never 
have come to fruition otherwise.

And I am *no* fan of the US in general (but like lots of Americans, 
there's great people there just like everywhere).

> 
> Sure, Mint Press may be a propaganda arm of Russia.

Hence I didn't follow the link. Will not drive any form of engagement 
with such sites.

> But that doesn't matter when they can point
> to the US themselves to support a reported fact.

Did those links merely show that some part of the US gov funds the projects?

If that's all, then the 'facts' seem to have been given out of context 
and are actually spreading disinformation.

> Nor do I
> believe that Tor is the only game in town when it comes to privacy
> technologies.  There's HTTPS, GPG, openvpn, wireguard, regular vpn's,
> multi-hop vpn's like cryptohippie, steganography, and last but not
> least, you can combine them all in multiple ways and invent your own.

Not relevant to non-techies - the very people that have access to 
information that needs to spread while ensuring their safety.

> I don't know why it is important that we all be cautious regarding
> Mint Press or Russia in particular.  We're talking privacy and security
> here.

Russia is against privacy & security more so than most western countries.

If their supporters are saying, "Beware ToR & Signal because US gov 
funding", I'd take that as an endorsement of ToR & Signal, personally.

   Caution is the order of the day.  Trust no one.  Test everything.
> And grant your neighbour the same freedom you yourself would like to
> enjoy.