-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Indeed. I think it's TOTALLY RAD that someone is using SIP for a novel innovative use case. As much as I hate that protocol, the hate only comes from the myopic implementation details suggested by big telcos.
The more smart old school Internet people on the problem the better. Also, Hans. I like that you just suggest a "Peer to Peer proxy". I believe a proxy in this case changes the network design from a unicast network to a multicast network. The proxy would serve as the multicast point for all nodes, removing the "peer to peer"-ness of the architecture. Regardless, it's a good idea. I'm pointing out jargon. - -lee On 9/18/14, 12:38 AM, Hans-Christoph Steiner wrote: > > http://engineering.bittorrent.com/2014/09/17/how-does-bleep-work/?shareadraft=baba133_5418786f2fdc2 > > The Distributed Hash Table (DHT) for finding contacts looks quite > nice. A notable downside is that Bleep negotiates a direct SIP/RTP > connection between the two users. That means anyone that can see > the network traffic can see lots of metadata (who is talking to > who, when, for how long, and where each participant is located). > So that means the Great Firewall, Halalnet, NSA, Five Eyes, ISPs, > anyone snooping on open wifi, etc. can all see that metadata of the > SIP/RTP direct connections. > > We discussed this stuff a lot during the OSTN/ostel project. We > figured that having a proxy between the two communicating parties > can definitely provide privacy gains. If that proxy is high > traffic, and has some level of time quantization, then the network > observer would have a hard time correlating which connections to > the proxy are actually talking to each other. If one side of the > communication is outside of the view of a network observer, then > the proxying helps even more. For example, if someone in China is > talking to someone in Canada, and the proxy is in Brazil, then only > Brazil would see the traffic to both sides. China would see the > Chinese side and the proxy, and Canada would see the Canadian side > and the proxy. > > So the ideal would be if Bleep also provided some kind of p2p proxy > for the direct connections. And of course, it needs to be open > source to be taken seriously. > > .hc > > Josh Steiner wrote: >> Looks like BitTorrent is getting into the private communications >> game: >> >> http://www.theverge.com/2014/9/17/6338417/bittorrent-bleep-secure-chat-app-public-alpha-released >> >> >> "Bleep keeps messages encrypted for their entire ride, so >> theoretically only their sender and receiver should be able to >> see them." >> >> ... >> >> "Bleep avoids that by sending its communications directly between >> the people who are talking, rather than relying on an >> intermediary. That said, there's still a matter of making that >> connection between two people in the first place, as they have to >> figure out where on the internet one another actually is. That's >> handled with a traditionally BitTorrent type of network that >> distributes the information across the phones and computers of >> people hooked into Bleep. BitTorrent says that this information >> is encrypted so that your computer's digital location won't be >> seen by anyone but the party you're actually looking for, and no >> one but the receiving party should even know who you're looking >> for either. Altogether, BitTorrent says that it would be >> "practically impossible" to gather metadata on who's talking to >> who." _______________________________________________ >> Guardian-dev mailing list >> >> Post: [email protected] List info: >> https://lists.mayfirst.org/mailman/listinfo/guardian-dev >> >> To Unsubscribe Send email to: >> [email protected] Or visit: >> https://lists.mayfirst.org/mailman/options/guardian-dev/hans%40guardianproject.info >> >> >> You are subscribed as: [email protected] >> > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUGuykAAoJEKhL9IoSyjdl3dIP/j+TuX9dJUQhC/LPqgNTCJ32 ntE6bgIC0rAZZlyQNbEbrpdHu6JRE+W9SPzIyFh7Bly2GtVSM/pPdcuGpOxqu6BO YaJkRWjIfHGn/OWz55s6b3creQ3CpoVIF1/7VHXZj4nUcA4S1xyX2lXcLhaePDa7 fvslOzQKgfjzvvrExStBCTXncUMv5oZzRGStMUe0cUCTPaf/og1cJDogldjmy0iM K+gF49fQNYyJLZ6JGhSTcBpMEWurSCcfxm9kqkdCVmLDQ7pY1L+snaoczH0gUEr1 WyWMEzFa/7r4bI8skHzuL8ktfZq8BmKGaxNjNWPPHrZ3/foaBs4RCSxfvmD5uZ6J ZhhWRFjt6BSNbkCWlNKxbOFg8Ea+DwbMwvrjJqnHOakljtc4xz9sCEp5MCbElxBc 6FPRREtjXT8yaEhLc2cI+JQnMXm4sktscm0b0m/E29nIWfqZsty8aUNHjm+zVegE G7gjzeNqDuk50LWgsV+5xy+f/1B4PAsh8bp1kSuGzXj3AgpiduRvAUgZcS3/dYKR ymMQBjolSdeexrxUBqgNHaiuUS5r8sDvdQBhABqynLmO5k3t7mdyjO5LmEQa79NW uEyxeac3Ts+m7gxv+6sgTaP6B6n/DZJtgCQQmyl/zH3Gj8Vi9jfmjigBqIseh7B4 HHFp3XmLZtoyOiIG4bII =VgTQ -----END PGP SIGNATURE----- _______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
