Folks: I posted the Tahoe-LAFS v1.8.2 release announcement on the liberation-tech mailing list:
https://mailman.stanford.edu/mailman/listinfo/liberationtech Which is the mailing list associated with a Stanford University project exploring the effects of anti-censorship technology on society. A journalist named Rebecca MacKinnon expressed interest so I wrote the following summary for that list. Regards, Zooko ---------- Forwarded message ---------- From: Zooko O'Whielacronx <[email protected]> Date: Sat, Feb 5, 2011 at 5:35 PM Subject: Re: [liberationtech] ANNOUNCING Tahoe, the Least-Authority File System, v1.8.2 To: Rebecca MacKinnon <[email protected]> Cc: [email protected] On Wed, Feb 2, 2011 at 8:28 AM, Rebecca MacKinnon <[email protected]> wrote: > This sounds great. Thanks for sharing. > As a non-techie I would love to know what others on the list think of it. Thanks for the interest, Rebecca MacKinnon. I should hasten to add that Tahoe-LAFS was not designed with censorship-resistance in mind. Tahoe-LAFS's security properties are focussed on the data: we make it very difficult for anyone, even a sophisticated and well-funded power, to delete data, forge data, or read data that was not intended for them. However, we make no attempt at "anonymity"—to hide who is uploading, downloading, or hosting the data, or which files they are using (but Tahoe-LAFS does conceal the *contents* of the files from unauthorized readers). Instead of trying to obscure the relationship between the client to the server, we just use direct TCP connections. We do have one feature which lends itself to circumventing censorship, which is that the data is spread over multiple servers so that if some of the servers are unreachable you can retrieve the data from the others. This is similar to the effect that you get by replicating the data—uploading a copy of it to each of several different servers—but it is much more efficient in terms of upload bandwidth and server-side storage. Also, perhaps more importantly, the "unforgeability" guarantee that Tahoe-LAFS provides is independent of the behavior of the storage servers, so you can spread the data across many separate servers without risking forged data, even if some of the servers turn out to be malicious or get taken over by malicious parties. Now at the dawn of the Tahoe-LAFS project in 2006, we decided not to try to include anonymity features because we knew from experience how difficult those can be to do right. I hoped at the time that people would eventually combine Tahoe-LAFS with anonymizing and circumventing transport layers, and I'm happy to see that almost five years later that has started happening—there are at least three different projects in progress to combine Tahoe-LAFS with three different anonymizing transports: Tor: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1349 I2P: http://duck.i2p.tin0.de/ anonymous-proxy-servers.net: http://anonymous-proxy-servers.net/wiki/index.php/Tahoe-lafs-setup N.B. I do not know much about the latter two. I understand Tor well enough and know enough about its developers to have a degree of confidence in the security that it offers, but I haven't studied the latter two yet. Regards, Zooko _______________________________________________ tahoe-dev mailing list [email protected] http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
