On 08/27/2014 08:17 PM, Jonathan Wilkes wrote:
Does your software have a friendly UI that shows the user sharing
their internet connection _exactly_ what requests they are making on
another's behalf? Does it store a log and require the user to read
and analyze that log?
I'll just go ahead and say I'm worried about this approach.
In the AMA, there's a response that mentions initial problems with the
userbase exchanging email addresses over a public forum to build out the
graph. That is _exactly_ the same problem that Oneswarm encountered
(and which Retroshare continues to have). That they would back initial
users into that same corner rather than studying the problems of
Oneswarm and Retroshare beforehand and choosing a different design is a
bad sign.
I also think the risks to users in the "uncensored" countries are
understated. Setting up the software looks to be at the technical level
of setting up a Tor relay-- clicking some buttons and maybe changing
some firewall properties. Yet in the case of Lantern that same user
takes on many of the risks of running a Tor _exit_ relay, which requires
a much higher level of expertise, time, and courage to do right. It
certainly isn't the same level of risk, but it is much higher than
running a Tor relay.
It should at least be stated that your user must not only trust the
"censored" user to refrain from requests that can get you in trouble,
but you must also trust that the censored user's machine hasn't been
exploited to send such requests. I don't think that level of trust is
warranted. (Or at least the potential benefit of better scaling than
Tor doesn't outweigh that risk.)
-Jonathan
-Jonathan
On Wednesday, August 27, 2014 4:30 PM, Adam Fisk
<[email protected]> wrote:
Forgot the link =):
http://www.reddit.com/r/IAmA/comments/2er083/we_build_lantern_an_app_that_you_can_run_at_home/
On Wed, Aug 27, 2014 at 1:29 PM, Adam Fisk <[email protected]> wrote:
> Hi Folks-
>
> I just wanted to let you know we're doing an "Ask me anything" about
> Lantern over on Reddit right now.
>
> Please feel free to ask whatever you like, and PLEASE UPVOTE IT ON
REDDIT!
>
> Thanks so much.
>
> -Adam
>
> --
> --
> pgp A998 2B6E EF1C 373E 723F A813 045D A255 901A FD89
--
--
Adam
pgp A998 2B6E EF1C 373E 723F A813 045D A255 901A FD89
--
Liberationtech is public & archives are searchable on Google.
Violations of list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech.
Unsubscribe, change to digest, or change password by emailing
moderator at [email protected].
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
[email protected].
