On 10/27/2013 01:26 PM, Bill Cox wrote:
Here's the problem: Tor has little public support, because most Tor
traffic is wasted on supporting bad behavior.
I don't think that's the main reason Tor has little public support. I
think Tor has little public support because using Tor is slower and less
convenient than not using Tor, and people (at least in the USA) seem to
value convenience above most other things.
Here's my solution: Build a Tor-like network for routing anonymous data,
but track behavior of all users' secret identities, and make their
Internet history public. Allow node operators to choose categories of
public identities they which to support.
This would not be anonymous data. You're asking people to publish their
full internet histories for the privilege of being able to use the
network. Are you aware of the work being done toward de-anonymization
of rich data sets? I think many people's web browsing habits alone
would be sufficient to discover their physical identity with relatively
high certainty. Even if we were to assume that the data was not
possible to tie back to someone's physical location to put them in
harm's way, if their network use patterns are how they do their
activism, then publishing their network use patterns provides an
adversary with a lot of information that is very helpful to disrupt this
same activity (e.g. "Which web sites do they usually use to distribute
their [tools|analysis|incitements]? Which chat channels do they
frequent? Where/how do they get their e-mail? Can we destroy or
subvert those services?)
For example, I would choose to promote all forms of non-violent free
speech. I should be able to contribute my bandwidth to this purpose.
If a dissident in China goes by the public ID of ChinaCat, and has a
high reputation for promoting freedom, they are welcome to use my
bandwidth. If someone just wants access to redtube.com, they can get
that access from someone else.
If you prefer this, then you should personally make arrangements with
ChinaCat directly. I'm not convinced that you could ever make such an
arrangement scale cleanly without gross oversimplifications that
wouldn't meet many people's assumptions about what the terms mean. Is a
sit-in at a restaurant "non-violent free speech"? What about a work
stoppage at a factory? how about when the workers barricade the factory
against its owners? What about people who sabotage or destroy machinery
in their factory? What about destruction of machinery that is prepared
to destroy desparately needed housing stock? What about people who
smash the windows of low-wage corporate franchises? What about smashing
the windows and doors of fire-prone sweatshops? Are all of these things
non-violent free speech? can you imagine that someone else might have a
different answer for any of them than you do?
There are various technical aspects to this idea. For example, would
prefer that the social graph between secret identities be public so I
can use a simple network flow algorithm over trust edges between
identities to determine how much I trust someone.
I think it would be worthwhile to spec out such an algorithm, and then
think through the spec under a handful of real-world use cases. what
does it mean to do "network flow over trust edges"? What specifically
does "trust" mean in this context? Can you give an example of how that
would let you automatically determine how much you trust someone? What
does that kind of automated trust discovery mean from a human
perspective? What are the ways it could be exploited by an adversary
intent on causing trouble?
sorry to be a pessimist, but i'm not convinced this is an effective or
even desirable framework.
--dkg
_______________________________________________
Freedombox-discuss mailing list
Freedombox-discuss@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
