Håkan Geijer> All your passwords in one online service means adversaries (eg the state) have only one place to get your passwords.
Yes, but a well-designed service will not be able to turn it over. For example, 1Password and BitWarden (don't trust LastPass, fuck 'em for their repeated bad security) claim that they cannot hand this data over to cops.
https://1password.com/legal/law-enforcement
https://bitwarden.com/help/bitwarden-security-white-paper/
The cloud is just a relay to sync things effectively. There's a lot of trust yes, but trust always ends somewhere. For most people and most activists even, this is acceptable. I think the pool of those who need security above what a cloud service can offer is growing because of increasing repression, but it's still a fine solution for many.
> Isn't Tor a massive honeypot?
No. It's open source and too many anarchists and libertarians and just plain cryptography nerds can analyze the code and assert that it's not backdoored. Go to the right places and you can meet devs and relay operators yourselves.
> If it truly is as effective as people say it is, then it would already be banned already, surely?
Plenty of things that are effective aren't banned, like even basic e2e encryption for chat. Plus the State still benefits from it working as advertised as it undermines other governments and gives dissidents a means of communication and anti-censorship.
All GNU social JP content and data are available under the