Hi all, I heard there may have already been some discussion on this topic but I haven't been able to find it in the archives.
I'm interested in how to best use existing anonymization tools (Tor, I2P, etc) with client applications. The current approach requires users to install the anonymizer (Orbot, etc) + the client (Chat Secure, etc) separately. Even if there was no further configuration necessary, I believe this is a deal breaker for most people. Alternatives that I have heard mentioned include a) putting Orbot into every client that wants to use it, and b) some type of embedded library that makes sure only one Orbot instance is running per device. Of course both of these solutions risk using up a lot of data for users who may not have understood what they are downloading. This has led me to a thought that Tor (etc), regardless of how it is incorporated, may be overkill for some applications. Specifically, my friend and I have started working on a proof of concept text messaging app that will use a custom mixnet to send SMSs. It is likely to have higher latency and be more traceable than a Tor based implementation, but will also consume less data (we are interested in starting with the US where most plans include unlimited SMS), extend battery life, and be a single step installation. I'm very interested in hearing your thoughts about the best way to incorporate existing anonymization tools and the merit of our proposed approach of a custom mixnet implementation. Ultimately it is a question about how to best manage privacy, usability, and user expectations. Marvin -- GPG key fingerprint = 52FD 362D 2E8D 11AB A931 06A1 D055 781A 7DC9 949A http://gounplugged.co/marvinUnplugged.asc _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
