[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Building a new Tor that can resist next-generation state surveillance

On Fri, Feb 17, 2017 at 3:42 AM, Eugen Leitl <eugen AT leitl.org> wrote:
> Anyone here able to evaluate the merits of the proposed new architectures?

There are some websites out there listing / ranking overlay
networks in tickmark feature and buzzword bingo tables.
I don't know of any project actually sitting down to brainalyze
their overall design and operation at any level of depth.
ie: "We kinda know what tor's doing with it's routing, and
how to break it or not, now what about network x's routing."
The sites just tick off 'uses onion / packet / garlic / mix routing',
'uses crypto x', etc, as found on the parent project website
and that's it.

> Or do we have to wait for the proof after pudding is served?

Tor has been serving pudding for years, and has a small but
relavant number of whitepapers outstanding against it, at least
a few of which range hard to unfixable outside of architecture.
Every tool will have some weakness somewhere, some you
can live with or fix, some you can't.

Guessing that today's biggest ignored threats to overlays are:
1) GPA's and GAA's, operating at the wire level.
2) Who exactly is running the network nodes.
n) What else ???

If that's reasonable, then any project trying to address
these should get a closer look.

There also needs to be some project doing serious
digging into disappearances, shutdowns, and court
cases, working the darknet forums and lawyers and
dockets, looking for any unexplainably dead canaries
arising from each active overlay network.

Reviewing designs... designing against threats... tracking proof...
three areas. Do it, get funding, make yourself a star.