unsubscribe me please
Le 29 avr. 2015 16:51, <[email protected]> a écrit : > Send guardian-dev mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.mayfirst.org/mailman/listinfo/guardian-dev > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of guardian-dev digest..." > > > Today's Topics: > > 1. Methods for using anonymization tools (Marvin Arnold) > 2. Re: Methods for using anonymization tools (Patrick Connolly) > 3. Re: Methods for using anonymization tools (Tom Ritter) > 4. Re: Methods for using anonymization tools (Marvin Arnold) > 5. Re: Methods for using anonymization tools (Nathan of Guardian) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 28 Apr 2015 13:03:22 -0500 > From: Marvin Arnold <[email protected]> > To: [email protected] > Subject: [guardian-dev] Methods for using anonymization tools > Message-ID: <[email protected]> > Content-Type: text/plain; charset=utf-8 > > Hi all, I heard there may have already been some discussion on this > topic but I haven't been able to find it in the archives. > > I'm interested in how to best use existing anonymization tools (Tor, > I2P, etc) with client applications. The current approach requires users > to install the anonymizer (Orbot, etc) + the client (Chat Secure, etc) > separately. Even if there was no further configuration necessary, I > believe this is a deal breaker for most people. > > Alternatives that I have heard mentioned include a) putting Orbot into > every client that wants to use it, and b) some type of embedded library > that makes sure only one Orbot instance is running per device. Of course > both of these solutions risk using up a lot of data for users who may > not have understood what they are downloading. > > This has led me to a thought that Tor (etc), regardless of how it is > incorporated, may be overkill for some applications. Specifically, my > friend and I have started working on a proof of concept text messaging > app that will use a custom mixnet to send SMSs. It is likely to have > higher latency and be more traceable than a Tor based implementation, > but will also consume less data (we are interested in starting with the > US where most plans include unlimited SMS), extend battery life, and be > a single step installation. > > I'm very interested in hearing your thoughts about the best way to > incorporate existing anonymization tools and the merit of our proposed > approach of a custom mixnet implementation. Ultimately it is a question > about how to best manage privacy, usability, and user expectations. > > Marvin > > -- > GPG key fingerprint = 52FD 362D 2E8D 11AB A931 06A1 D055 781A 7DC9 949A > http://gounplugged.co/marvinUnplugged.asc > > > ------------------------------ > > Message: 2 > Date: Tue, 28 Apr 2015 16:05:57 -0400 > From: Patrick Connolly <[email protected]> > To: Marvin Arnold <[email protected]> > Cc: Guardian Dev <[email protected]> > Subject: Re: [guardian-dev] Methods for using anonymization tools > Message-ID: > < > caftjcwdxgt6v6mcv78emcppvyfsxiufg+x-ogoahj+8cf66...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Really interested in hearing more about this mixnet approach to sending > SMS. Definitely overlaps with my current interests. Perhaps worth starting > another thread, or feel free to reach out personally if you're interested > in speaking. > > -patcon > > > -------------------------------------------- > Q: Why is this email [hopefully] five sentences or less? | A: > http://five.sentenc.es > > *NOTE* that my emails are delayed from arriving in my inbox until 9am > daily. If urgent, please use another way of getting in touch. > #slowwebmovement <http://www.musubimail.com/gmail_timer.html> > > On Tue, Apr 28, 2015 at 2:03 PM, Marvin Arnold <[email protected]> > wrote: > > > Hi all, I heard there may have already been some discussion on this > > topic but I haven't been able to find it in the archives. > > > > I'm interested in how to best use existing anonymization tools (Tor, > > I2P, etc) with client applications. The current approach requires users > > to install the anonymizer (Orbot, etc) + the client (Chat Secure, etc) > > separately. Even if there was no further configuration necessary, I > > believe this is a deal breaker for most people. > > > > Alternatives that I have heard mentioned include a) putting Orbot into > > every client that wants to use it, and b) some type of embedded library > > that makes sure only one Orbot instance is running per device. Of course > > both of these solutions risk using up a lot of data for users who may > > not have understood what they are downloading. > > > > This has led me to a thought that Tor (etc), regardless of how it is > > incorporated, may be overkill for some applications. Specifically, my > > friend and I have started working on a proof of concept text messaging > > app that will use a custom mixnet to send SMSs. It is likely to have > > higher latency and be more traceable than a Tor based implementation, > > but will also consume less data (we are interested in starting with the > > US where most plans include unlimited SMS), extend battery life, and be > > a single step installation. > > > > I'm very interested in hearing your thoughts about the best way to > > incorporate existing anonymization tools and the merit of our proposed > > approach of a custom mixnet implementation. Ultimately it is a question > > about how to best manage privacy, usability, and user expectations. > > > > Marvin > > > > -- > > GPG key fingerprint = 52FD 362D 2E8D 11AB A931 06A1 D055 781A 7DC9 949A > > http://gounplugged.co/marvinUnplugged.asc > > _______________________________________________ > > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > To unsubscribe, email: [email protected] > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20150428/74b0426e/attachment-0001.html > > > > ------------------------------ > > Message: 3 > Date: Tue, 28 Apr 2015 21:54:16 -0500 > From: Tom Ritter <[email protected]> > To: Marvin Arnold <[email protected]> > Cc: guardian-dev <[email protected]> > Subject: Re: [guardian-dev] Methods for using anonymization tools > Message-ID: > < > ca+cu71nhft4e3uhd52dja3xnwtffkbt0ts-mjegxltofd9w...@mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > On 28 April 2015 at 13:03, Marvin Arnold <[email protected]> wrote: > > Hi all, I heard there may have already been some discussion on this > > topic but I haven't been able to find it in the archives. > > > > I'm interested in how to best use existing anonymization tools (Tor, > > I2P, etc) with client applications. The current approach requires users > > to install the anonymizer (Orbot, etc) + the client (Chat Secure, etc) > > separately. Even if there was no further configuration necessary, I > > believe this is a deal breaker for most people. > > > > Alternatives that I have heard mentioned include a) putting Orbot into > > every client that wants to use it, and b) some type of embedded library > > that makes sure only one Orbot instance is running per device. Of course > > both of these solutions risk using up a lot of data for users who may > > not have understood what they are downloading. > > > > This has led me to a thought that Tor (etc), regardless of how it is > > incorporated, may be overkill for some applications. Specifically, my > > friend and I have started working on a proof of concept text messaging > > app that will use a custom mixnet to send SMSs. It is likely to have > > higher latency and be more traceable than a Tor based implementation, > > but will also consume less data (we are interested in starting with the > > US where most plans include unlimited SMS), extend battery life, and be > > a single step installation. > > > > I'm very interested in hearing your thoughts about the best way to > > incorporate existing anonymization tools and the merit of our proposed > > approach of a custom mixnet implementation. Ultimately it is a question > > about how to best manage privacy, usability, and user expectations. > > > Well, you outline a number of reasonable complaints with the state of > installation of anonymity tools and lack of reuse - but I don't really > see how your approach improves upon it. =) > > As far as a micro-optimized mixnet, I would suggest looking at Ibis, > which was designed for twitter (which in turn was designed for SMS.) > https://ibis.uwaterloo.ca/ > > Those criticisms/suggestions given, it sounds like a very cool > project, and I would like to subscribe to your newsletter! =) > > -tom > > > ------------------------------ > > Message: 4 > Date: Wed, 29 Apr 2015 08:56:43 -0500 > From: Marvin Arnold <[email protected]> > To: Tom Ritter <[email protected]> > Cc: guardian-dev <[email protected]> > Subject: Re: [guardian-dev] Methods for using anonymization tools > Message-ID: <[email protected]> > Content-Type: text/plain; charset=windows-1252 > > Thanks for letting me know about Ibis, Tom. It looks really cool. I'll > put up a mailing list soon for anybody interested in learning more about > my project. For the moment, you can follow the very young code here > <https://github.com/gounplugged/UnpluggedDroid>. > > But I didn't mean to hijack my own thread. Still very interested in > hearing general thoughts about the issue. I'm particularly interested in > hearing the opinions that disagree with the main premise and don't > believe the current state of anonymization creates many barriers for users. > > Marvin > > On 28/04/15 21:54, Tom Ritter wrote: > > On 28 April 2015 at 13:03, Marvin Arnold <[email protected]> wrote: > >> Hi all, I heard there may have already been some discussion on this > >> topic but I haven't been able to find it in the archives. > >> > >> I'm interested in how to best use existing anonymization tools (Tor, > >> I2P, etc) with client applications. The current approach requires users > >> to install the anonymizer (Orbot, etc) + the client (Chat Secure, etc) > >> separately. Even if there was no further configuration necessary, I > >> believe this is a deal breaker for most people. > >> > >> Alternatives that I have heard mentioned include a) putting Orbot into > >> every client that wants to use it, and b) some type of embedded library > >> that makes sure only one Orbot instance is running per device. Of course > >> both of these solutions risk using up a lot of data for users who may > >> not have understood what they are downloading. > >> > >> This has led me to a thought that Tor (etc), regardless of how it is > >> incorporated, may be overkill for some applications. Specifically, my > >> friend and I have started working on a proof of concept text messaging > >> app that will use a custom mixnet to send SMSs. It is likely to have > >> higher latency and be more traceable than a Tor based implementation, > >> but will also consume less data (we are interested in starting with the > >> US where most plans include unlimited SMS), extend battery life, and be > >> a single step installation. > >> > >> I'm very interested in hearing your thoughts about the best way to > >> incorporate existing anonymization tools and the merit of our proposed > >> approach of a custom mixnet implementation. Ultimately it is a question > >> about how to best manage privacy, usability, and user expectations. > > > > > > Well, you outline a number of reasonable complaints with the state of > > installation of anonymity tools and lack of reuse - but I don't really > > see how your approach improves upon it. =) > > > > As far as a micro-optimized mixnet, I would suggest looking at Ibis, > > which was designed for twitter (which in turn was designed for SMS.) > > https://ibis.uwaterloo.ca/ > > > > Those criticisms/suggestions given, it sounds like a very cool > > project, and I would like to subscribe to your newsletter! =) > > > > -tom > > > > -- > GPG key fingerprint = 52FD 362D 2E8D 11AB A931 06A1 D055 781A 7DC9 949A > http://gounplugged.co/marvinUnplugged.asc > > > ------------------------------ > > Message: 5 > Date: Wed, 29 Apr 2015 10:23:33 -0400 > From: Nathan of Guardian <[email protected]> > To: [email protected] > Subject: Re: [guardian-dev] Methods for using anonymization tools > Message-ID: > <1430317413.3471661.260184101.07801...@webmail.messagingengine.com > > > Content-Type: text/plain > > > On Tue, Apr 28, 2015, at 02:03 PM, Marvin Arnold wrote: > > I'm interested in how to best use existing anonymization tools (Tor, > > I2P, etc) with client applications. The current approach requires users > > to install the anonymizer (Orbot, etc) + the client (Chat Secure, etc) > > separately. Even if there was no further configuration necessary, I > > believe this is a deal breaker for most people. > > I've been hearing the idea that it is "too hard for people to install > another app" argument for a very long time. Yet, if you look at the > habits of most smartphone users, you will see that many people are happy > to install an app, if it benefits them in some new way, and especially > if it is free. That is why many users, typical outside of the U.S., use > multiple messaging apps to reach different groups of users or friends. > > The idea that installing Orbot, or any core service type app, is too > hard is just not something I agree with. We have had well over 5 million > downloads of Orbot, and while that is not 50 million, it is something. > Additionally, if we had some network effect feature in the app, say > allowing Orbot users to share files with each other over hidden > services, then I think we could easily see a 10x growth in the next > year. > > > Alternatives that I have heard mentioned include a) putting Orbot into > > every client that wants to use it, and b) some type of embedded library > > that makes sure only one Orbot instance is running per device. Of course > > both of these solutions risk using up a lot of data for users who may > > not have understood what they are downloading. > > Tor is directly built into ChatSecure and Onion Browser on the iOS side, > since that is a requirement of how that platform works (no long live > background services). > > Now it is true that Tor can add a decent amount of overhead to your > traffic, and that is something to take seriously, and make sure the user > understands. > > > This has led me to a thought that Tor (etc), regardless of how it is > > incorporated, may be overkill for some applications. Specifically, my > > friend and I have started working on a proof of concept text messaging > > app that will use a custom mixnet to send SMSs. It is likely to have > > higher latency and be more traceable than a Tor based implementation, > > but will also consume less data (we are interested in starting with the > > US where most plans include unlimited SMS), extend battery life, and be > > a single step installation. > > Regardless of what I have said before this, I do think this is a great > idea to explore! > > > I'm very interested in hearing your thoughts about the best way to > > incorporate existing anonymization tools and the merit of our proposed > > approach of a custom mixnet implementation. Ultimately it is a question > > about how to best manage privacy, usability, and user expectations. > > One of the benefits of using Tor, or any general > anonymity/circumvention/onion-routing system, is that your traffic is in > the mix with all the other traffic, and that is all in the mix with all > mobile IP traffic. SMS on the other hand, is one of the most surveilled > and filtered mediums, and so I am somewhat concerned about using it as a > transport for anonymity. > > Thanks for sharing! > > +n > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > guardian-dev mailing list > [email protected] > https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > > ------------------------------ > > End of guardian-dev Digest, Vol 58, Issue 27 > ******************************************** >
_______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
