[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Yet another reason to call him #$%& Re: yet another reason...

On 10/19/18 5:58 PM, Shawn K. Quinn wrote:

> Of course, #$%& has no clue how BitTorrent works. It's nearly pointless
> to route just the tracker callbacks through Tor, and routing the actual
> data over Tor would overload the network. I don't blame them for making
> it easy to block BitTorrent traffic; there are other filesharing tools
> which are a better fit if anonymity is a priority (Freenet, GNUNet, etc).

TOR schmore.  I would describe i2p as an anonymizing torrent
distribution network, with some other comms (in-network websites,
e-mail, etc.) piggybacking on the infrastructure that file sharing
traffic keeps up and running.


The Garlic Routing protocol used by i2p looks at least as secure as
Onion Routing - and IMO more so, because of both the protocol's
architecture, and the dynamics of real world traffic flow where a small
number of "dangerous" packets mix into a huge number of movies, TV
shows, record albums etc. in transit.  Extra paranoid users can
configure i2p to use longer chains, further complicating things for
adversaries.  By default all i2p nodes relay third party traffic, and at
present no (advertised) gateways connect i2p to the 'regular' Internet.

The high volume of torrent traffic over i2p, and the loooong duration of
typical downloads (25kbps counts as 'decent speed' in there), greatly
complicate matters for anyone doing traffic analysis, compared to the
hit-and-run pattern of TOR usage that typically lights up an entry and
exit router for just a few minutes per user session, during which easily
fingerprinted clusters of packets, all of them "of interest" to
potential adversaries, flow thick and fast.

The most reliable anonymity against State level adversaries uses TOR for
hit-and-run network access via a high gain antenna and open router, or
any dodge that physically decouples the user from the physical router's
IP address.  i2p can't do that very well, because it takes 20 minutes or
more to integrate into the network and start moving packets.  So
double-nought spies and their ilk can get that much mileage out of TOR.

So far I have not come up with a way to prevent what I call a Hydra
attack against /any/ distributed anonymizing overlay network:  An
adversary who owns and operates a majority of the relay nodes via
geographically dispersed proxies run from a single cloud server
literally "can't be beat" except by physically concealing one's identity
from the physical Internet router used.

Users who expect mere software to defeat network surveillance by top
tier actors have started out with false assumptions and end up taking
far greater risks than they would consider acceptable if they knew about
them.  The reluctance of intelligence services to reveal their
capabilities by acting on what they know too often provides the best
protection most users can get...


Attachment: signature.asc
Description: OpenPGP digital signature