[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Building a new Tor that can resist next-generation state surveillance



> On Fri, Feb 17, 2017 at 12:42 AM, Eugen Leitl <eugen AT leitl.org> wrote:
> 
> > On Fri, Feb 17, 2017 at 12:45:50AM -0500, grarpamp wrote:
> > > https://arstechnica.com/security/2016/08/building-a-
> > new-tor-that-withstands-next-generation-state-surveillance/
> > >
> > > Forgot to put the link above.
> >
> > Anyone here able to evaluate the merits of the proposed new architectures?
> > Or do we have to wait for the proof after pudding is served?

On Sat, Feb 18, 2017 at 09:46:44PM -0800, Steven Schear wrote:
> If you must use tor its best to combine it with a good, multi-hop, VPN. I
> prefer i2p (there's now a fully C++ version for those who don't trust Java)
> and cjdns.

Now there's an open door for discussing "trust" :)

C++ might be more performant ("might"), and similarly "might" be more
secure.

Neither is a certainty and C++ can certainly be worse on the 'security'
front. DJB has an approach to software dev which seems to be "extremely
defensive" from my minimal viewing some years back, and that's just C.
Certain fundamentals will always be required, no matter the impl.
language, e.g. design by composition vs design by inheritance, minimal
binding between "modules" or "libraries" / API, deterministic input
validation, etc etc.

Algorithmic and protocol "security" are another matter again.

Sorry for the ranting, but just as "character" is hopelessly overloaded
in Java, "security" is also an overloaded term, not useful without much
qualification.  Of course.

Good luck,