-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Nick Mathewson wrote: > Congratulations; you just invented high-latency mix-nets. :) > > The problem is that nobody can prove that these "jumbling" > techniques do any good in resisting an attacker until you increase > the delay to the point where messages take a very long time to > arrive. When this happens, you wind up with a very low number of > users, so you don't get much anonymity anyway. > > You can find out more about the last 25 years of anonymity research > at http://freehaven.net/anonbib/ . > > yrs, in the end the only way to give a major boost to the anonymity of tor is to find some way to get more people running servers, and it is my opinion that the way to do this is to make clients run a low bandwidth link which is used to serve low bandwidth low latency streams. this would increase the anonymity of users by mixing their streams up with other users, which would have a damaging effect on the ability to do timing attacks because of the mixing and the uniformity of packets between servers and servers, and clients and servers. This will not be practical without some kind of latency classification in the system, because by and large streams are either high latency high bandwidth or low latency low bandwidth (connectionless versus interactive streams). the side effect is that it would probably help further reduce latency for interactive users and increase anonymity for all clients.
i believe it says in the faq that running a server on a machine used mainly for running a client helps anonymity because the node participates in unrelated traffic to the user's traffic. i have been complaining for quite some time about the arbitrary 20kb/s bottom end of server bandwidth limiting - the reason being that only connections with 256kbps upstream or better can do this, and mind you, are being quite heavily loaded, and connections with 56, 64 and 128kbps upstream links are excluded from participating unless a secondary program is used to force the traffic of the server to below 50% of the upstream. this is a very small modification with very big implications - it could mean that when installing, the user could be queried about their upstream bandwidth (or indeed there may be some way to directly determine this without user interaction) and have half of it assigned to server traffic as a top-end limit. it is not at all unreasonable to ask that people using the network give something back, especially when doing so will increase their anonymity. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEUmYY+KihKRqTxu4RA6KuAKDKqcuD+YsKMPvYQzaPoiLYY/Oa5wCgvGO1 Jt5eiOO0g4cPW79RHkhab0w= =xzDw -----END PGP SIGNATURE-----
