Re: [tor-talk] wake up tor devs
scrib tedks: Not really, in 2004 onion routing was well-researched. All the projects have milestone dates, knock another five years off if that one doesn't make you happy. Tor is very incrementalist So is any other project, you can't just wish project/code into being. And everyone has their own maps. https://geti2p.net/en/get-involved/roadmap Dropping something like i2p, with zero academic background https://geti2p.net/en/papers/ In general: blah blah blah, we all started somewhere from the exact same position, zero. Including Tor. Tails *just* got burned by i2p and wisely disabled it. For you to be able to successfully bash any other network project, you need to be able to show that their whitepaper design fundamentals [1] are broken. Pointing out cute little javascript [2] XSS holes [3] that root your configuration system, while surely unwanted holes, is childish for a comparative reviewer to do. They are not architectural flaws in the overall fundamental design of the darknet itself. They are issues in the periphery that everyone makes and that will be fixed/rewritten in time. Tor is no stranger to this either, go look through the security and other sections of the Tor changelog. Further, Tor has known and unfixed de-anonymization attacks against its hidden services, and by extension possibly out to the client as well if the guard is evil. That's not a cute hole. And being fair, other networks likely have similar current weaknesses. [1] For example lacking better terms, Tor uses circuit switching over onion routing with fixed human directory authorties at the top, I2P uses packet switching over garlic routing with no such central authorities. [2] You could just as easily bash Tails or TBB here for leaving javascript turned on. [3] http://blog.exodusintel.com/2014/08/25/tails-from-the-cri2p/ The approach utilizes cross-site scripting vulnerabilities along with Javascript to reach into the internal I2P router configuration intranet. Sometimes questions just have simple answers. Some questions defeat themselves ie... * i2p should have attracted academics to the low-hanging fruit of showing their unique routing system correct Current trends award more rockstar for proving brokenness and treat proving correct as academic. BTW, no one has shown Tor correct, some show it weak to various things. * i2p should have attracted developers to the relatively popular project of helping defeat censorship and protect privacy (there are probably an order of magnitude more Java developers than C developers, so i2p even has an advantage here!) These are likely human factors, you have coders, you have salesmen, they don't usually come in one group/person. I2P just added salesmen by redoing their website and launching an umbrella. It's also not so easy to say there are more java developers skilled in this particular application space. * i2p should have hosted security-critical sites like the Silk Road You've clearly not spent any time in, and cataloging the contents of, the various darknets. * i2p should have been used by botnets for cc Botherders historically think in terms of clearnet and needed exits. There is no proof i2p is not in such use. And being a simple binary, Tor is much easier to package and run as part of an exploit. * i2p should have been mentioned in some leak from some shadowy security agency Whatever. Lack != Fact. * The major selling point of i2p should be proven security over alterantives rather than developed by anonymous people and not funded by the american government, which are secondary rather than primary advantages of the software and are respectively entirely uncorrelated and only weakly correlated with the security of the software Tor should as well be able to say the first quote, the third quote, and since anyone can be on the take, even the second as well... but it doesn't. Here's what these two projects actually say... https://geti2p.net/en/ https://www.torproject.org/ Further, i2p just isn't worth that treatment because it's shoddily developed ... the aggregate intelligence of your developer base. Unless you can argue the 5 contributors to i2p are geniuses Insults do not enhance your arguments, or your friend count. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] wake up tor devs
On Wed, Sep 17, 2014 at 7:00 PM, Ted Smith te...@riseup.net wrote: This seems very counterproductive, given that some networks (Tor) are far more researched and developed than others. The exact same thing would have been said ten years ago about Tor. On the contrary, once things look 'pretty good' on paper, you need live networks to test things out at scale and attract attention. If it's not broken you need to support it, let it run and see where the idea goes. If it's not your own project or favorite app you may unfairly downplay it, naturally. So running such nodes in that manner helps give everyone agnostic chance. There's a reason why the NSA has Tor Stinks presentations and not I2P stinks presentations. NSA may have give preference in analysis/presentations to systems based on usage they see. Tor has share, others don't. And if NSA docs on any other system existed at the time, Snowden may not have got them, thus we can't know what they say. The real question is: with Freenet, I2P, Gnunet, CJDNS, Phantom, Tor, etc... afaik all seemingly 'pretty good' and not broken... *why* are their adoption shares ranked however they are? Well, you must discount Tor since it is the only one with seamless integrated exit feature at scale [though you can coordinate exiting manually over OpenVPN with a few of the other networks]. If Tor had no exit feature, you'd likely find it *behind* other nets in market share since it carries only TCP. And it's probably at equivalent levels of RD as a non-exit transport (or lesser since the other nets never had real design interest in exit, whereas Tor 'got lucky' bolting on hidden services after the fact). -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] wake up tor devs
On Thu, 2014-09-18 at 02:42 -0400, grarpamp wrote: On Wed, Sep 17, 2014 at 7:00 PM, Ted Smith te...@riseup.net wrote: This seems very counterproductive, given that some networks (Tor) are far more researched and developed than others. The exact same thing would have been said ten years ago about Tor. Not really, in 2004 onion routing was well-researched. Tor is very incrementalist, which is a sustainable strategy for producing large-scale systems. Dropping something like i2p, with zero academic background, on the world means you have to analyze an entire system from scratch, which means in practice nobody but the developers can comment on it. On the contrary, once things look 'pretty good' on paper, you need live networks to test things out at scale and attract attention. If it's not broken you need to support it, let it run and see where the idea goes. If it's not your own project or favorite app you may unfairly downplay it, naturally. So running such nodes in that manner helps give everyone agnostic chance. There's a reason why the NSA has Tor Stinks presentations and not I2P stinks presentations. NSA may have give preference in analysis/presentations to systems based on usage they see. Tor has share, others don't. And if NSA docs on any other system existed at the time, Snowden may not have got them, thus we can't know what they say. The real question is: with Freenet, I2P, Gnunet, CJDNS, Phantom, Tor, etc... afaik all seemingly 'pretty good' and not broken... *why* are their adoption shares ranked however they are? I think it's because they're all either abandoned, noticeably insecure, or in their infancy. Tor is the only one with an active developer community, a strong basis in research, and a proven track record of security. Sometimes questions just have simple answers. -- Sent from Ubuntu signature.asc Description: This is a digitally signed message part -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] wake up tor devs
On Wed, 2014-09-17 at 17:07 -0700, Seth David Schoen wrote: Ted Smith writes: There's a reason why the NSA has Tor Stinks presentations and not I2P stinks presentations. I don't know of a good basis for estimating what fraction of NSA's capabilities or lack of capabilities we've learned about. It's not perfect, but using the available information is all we can do. Absence of evidence *is* evidence of absence, though it isn't proof of absence. Further, i2p just isn't worth that treatment because it's shoddily developed by a handful of underfunded developers and it has a totally untested security model. Tails *just* got burned by i2p and wisely disabled it. All complex systems have bugs, and finding those bugs is a function of the aggregate intelligence of your developer base. Unless you can argue the 5 contributors to i2p are geniuses, then there's no way i2p has fewer bugs pound for pound compared with Tor. Tor just has way more intelligent people hard at work both on the code and the theory. To further drive this home, here are other things I'd expect to have happened if i2p was somehow better or even equivalent to Tor: * i2p should have attracted academics to the low-hanging fruit of showing their unique routing system correct * i2p should have attracted developers to the relatively popular project of helping defeat censorship and protect privacy (there are probably an order of magnitude more Java developers than C developers, so i2p even has an advantage here!) * i2p should have hosted security-critical sites like the Silk Road * i2p should have been used by botnets for cc * i2p should have been mentioned in some leak from some shadowy security agency * The major selling point of i2p should be proven security over alterantives rather than developed by anonymous people and not funded by the american government, which are secondary rather than primary advantages of the software and are respectively entirely uncorrelated and only weakly correlated with the security of the software None of these things have happened, and while there are alternative explanations, one simple and probable explanation is just that i2p isn't as good. I think that's only approximately or indirectly true of people working in an organization like NSA or GCHQ. This is nonelethess a good point and something I'll remember. -- Sent from Ubuntu signature.asc Description: This is a digitally signed message part -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] wake up tor devs
The real question is: with Freenet, I2P, Gnunet, CJDNS, Phantom, Tor, etc... afaik all seemingly 'pretty good' and not broken... *why* are their adoption shares ranked however they are? I think it's because they're all either abandoned, noticeably insecure, or in their infancy. Tor is the only one with an active developer community, a strong basis in research, and a proven track record of security. Sometimes questions just have simple answers. So freenet is 'abandoned'? 'noticeably insecure'? or in 'its infancy'? I eagerly await some serious information here. Plus your idea that tor works because allegedly there are no NSA documents saying otherwise is a joke. Absence of Evidence is not Evidence of Absence -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] wake up tor devs
On Thu, 18 Sep 2014 10:30:24 -0400 Ted Smith te...@riseup.net wrote: On Wed, 2014-09-17 at 17:07 -0700, Seth David Schoen wrote: Ted Smith writes: There's a reason why the NSA has Tor Stinks presentations and not I2P stinks presentations. I don't know of a good basis for estimating what fraction of NSA's capabilities or lack of capabilities we've learned about. It's not perfect, but using the available information is all we can do. Absence of evidence *is* evidence of absence, LMAO though it isn't proof of absence. yeah whatever. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] wake up tor devs
Why is Tor wasting time in implementing secure hidden services? Why not copy from here if they are doing it right: Tor I2P CellMessage Client Router or Client Circuit Tunnel Directory NetDb Directory ServerFloodfill Router Entry GuardsFast Peers Entry Node Inproxy Exit Node Outproxy Hidden Service Eepsite or Destination Hidden Service Descriptor LeaseSet Introduction point Inbound Gateway NodeRouter Onion Proxy I2PTunnel Client (more or less) Relay Router Rendezvous Pointsomewhat like Inbound Gateway + Outbound Endpoint Router Descriptor RouterInfo Server Router Why not distributed directory authorities and hardcoded? Why not secure tunnels independent of guards? Or does Tor want to remain less secure? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] wake up tor devs
On 09/17/2014 03:04 PM, bm-2cuqbqhfvdhuy34zcpl3pngkplueeer...@bitmessage.ch wrote: Why is Tor wasting time in implementing secure hidden services? Why not copy from here if they are doing it right: Tor I2P Cell Message ClientRouter or Client Circuit Tunnel Directory NetDb Directory Server Floodfill Router Entry Guards Fast Peers Entry NodeInproxy Exit Node Outproxy Hidden ServiceEepsite or Destination Hidden Service Descriptor LeaseSet Introduction pointInbound Gateway Node Router Onion Proxy I2PTunnel Client (more or less) Relay Router Rendezvous Point somewhat like Inbound Gateway + Outbound Endpoint Router Descriptor RouterInfo ServerRouter Why not distributed directory authorities and hardcoded? Huh? Tor uses distributed directory authorities, and the main ones are hardcoded in the software. Why not secure tunnels independent of guards? Using entry guards protects against Sybil attacks. Or does Tor want to remain less secure? ;) See http://tor.stackexchange.com/questions/27/how-does-tors-threat-model-differ-from-i2ps-threat-model. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] wake up tor devs
On Wed, Sep 17, 2014 at 5:04 PM, bm-2cuqbqhfvdhuy34zcpl3pngkplueeer...@bitmessage.ch wrote: Why is Tor wasting time in implementing secure hidden services? Why not copy from here if they are doing it right: Tor I2P CellMessage Circuit Tunnel ... Why not distributed directory authorities and hardcoded? Why not secure tunnels independent of guards? Or does Tor want to remain less secure? Yes, there should be more comparative analysis of approaches amongst all the current networks. Create a dedicated group that publishes such things on a darknet wiki. Hold not just project specific meetups as is done today, but genuine summits amongst all such projects that puts their specific projects aside and determines what models might best suit the next 10-20 years. Determine whether the community is too chained by legacy project/product entrenchment to adopt new better approaches that have come up in research since they themselves started their own projects. Find any worthy new techniques and peel off interested developers into new projects. Try to ensure that big well known projects aren't soaking up all the fanfare/funds when equally valid small projects, or new projects would benefit the world the same or more than the gorilla in the room. For example, there seems some merit in filling your internode links with chaff padding up to the bandwidth limit you configure in order to mask both when and how much you are communicating. But it does not seem any project is doing that? Perhaps because chaff transmission/management/security models are not well developed. Or just the 'woah, bandwidth' reaction, which in reality of the simplest design only affects you and what bw you were willing to purchase or experience anyway (as when operating under a non-chaff network with a given/high utilisation condition). Another example... there was, or is, at least one group accepting funds and then running some of the various overlays equally at once... tor, i2p, freenet, cjdns, mailmix. Take some time to step back and see what together you can do with the big picture in all areas... research, development, operations, marketing. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] wake up tor devs
On Wed, 2014-09-17 at 18:08 -0400, grarpamp wrote: Another example... there was, or is, at least one group accepting funds and then running some of the various overlays equally at once... tor, i2p, freenet, cjdns, mailmix. This seems very counterproductive, given that some networks (Tor) are far more researched and developed than others. There's a reason why the NSA has Tor Stinks presentations and not I2P stinks presentations. -- Sent from Ubuntu signature.asc Description: This is a digitally signed message part -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] wake up tor devs
Ted Smith writes: There's a reason why the NSA has Tor Stinks presentations and not I2P stinks presentations. I don't know of a good basis for estimating what fraction of NSA's capabilities or lack of capabilities we've learned about. And even when someone _working at NSA_ writes that attack X doesn't work or doesn't exist, they may not know that attack Y achieves some of the same goals. For example, there were press reports that there was some major cryptanalytic breakthrough a few years ago and that it has far-ranging implications*. I don't think the details have ever become public; a best-case-for-cryptographic-privacy scenario might be that it's only an operationalized, albeit expensive, attack against 1024-bit RSA or DH (one of the possibilities considered in Matthew Green's analysis). In any case, many people working on surveillance within NSA might not know what the breakthrough is or how it works, and may still be assiduously working on attacks that in principle are largely redundant with it. (Their NSA colleagues may want them to be working on redundant attacks because many of the existing attacks are described as fragile -- so they want to have parallel ways to achieve some of the same stuff.) Most of us don't work in highly compartmentalized organizations or organizations that try to practice a very strict need-to-know rule. So we might think that if someone in an organization says at some time that something is easy, or difficult, or cheap, or expensive, that that reflects the general attitude of all the parts of that organization. (Like if somebody working at Intel said it was hard to fabricate semiconductor devices in a particular way, or somebody working at Boeing said it was hard to take advantage of a particular aerodynamic effect, or somebody working at EFF said it was hard to sue the government under a particular legal theory, you might tend to think these things were basically true, as far as those people's colleagues knew.) I think that's only approximately or indirectly true of people working in an organization like NSA or GCHQ. * Possibly relevant reporting and discussion includes http://www.wired.com/2012/03/ff_nsadatacenter/all/ http://www.wired.com/2013/09/black-budget-what-exactly-are-the-nsas-cryptanalytic-capabilities/ http://blog.cryptographyengineering.com/2013/12/how-does-nsa-break-ssl.html http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?_r=1; (including claims of widespread success at defeating cryptography, partly on the basis of sabotaging it but at least partly on the basis of development of advanced mathematical techniques) -- Seth Schoen sch...@eff.org Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk