On 07/11/2014 02:15 PM, carlo von lynX wrote: [...]
Using ratchets to authenticate at the current point in time without needing an "absolute" identity (the thing about OTR being used in an ephemeral way) is how Briar does it. It makes it harder to reconstruct the social graph as you need to break into both sides of a communication. If you then periodically inform everyone of a new .onion you are about to use, then you make it harder to link a .onion to a person, but you risk losing people if you can't be sure everyone got that address change - and the more friends you have, the lesser that works as a form of social graph protection really.
Well, that last part is a general axiom. If I push an update to 300 people on Monday about my skydiving addiction, no amount of briars can keep an unregulated insurance industry from adjusting my rates on Tuesday. (At least without also restricting all the other features which make a social network more useful than email.)
It only takes one of the 300 recipients to have some ill-considered software/os/device settings to defeat the "privacy".
-Jonathan -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
