On 30 August 2017 at 10:51, Jon Tullett <jon.tull...@gmail.com> wrote:
> Blog post refers: > http://www.hackerfactor.com/blog/index.php?/archives/773- > Tor-and-the-Perfect-Storm.html > > Leaving aside the accusations of bias in the first part, what is the > view of the proposal to force hidden services to rotate addresses? > Simply, it's as short-sighted as any other perspective that sees Onion networking as an anonymity tool, rather than as a better-than-mere-TCP+SSL mechanism for providing communications privacy, integrity, availability and assurance. In case those terms need spelling out: - onions provide circuit-level privacy on-par with the likes of VPNs, but without the setup hassle. - ditto, providing integrity at the circuit level, thereby inhibiting the likes of (say) "sslstrip" - availability of a service; I'm finding it interesting to consider that the TCP/IP Internet requires the existence of companies (mentioning no names) to provide DDoS mitigation, but sites which set up with Onion addresses are getting comparable levels of DDoS mitigation for free*. Tor blockproofing and (importantly) Onion DDoS-protection is pretty good. - assurance: if you can type in the (static) Onion address, you know immediately with whom you are communicating. Proposals to undermine these qualities in the name of $GOAL are on-par with Law Enforcement demands for "golden keys" to undermine the integrity of end-to-end encrypted conversations**. Practical example: the point of the Facebook onion site is to provide the above-listed four benefits - plus a better quality of service - to people who choose to access Facebook over Tor; the point is to free the communications path from mediation of any form. To see this as a threat, or to argue that "well maybe $THIS_SITE is okay, but $THAT_SITE should not be afforded such protection" - is to call for censorship. - alec *For a Twitter thread in this vein: https://twitter.com/AlecMuffett/status/899521422774722564 **For more on this thesis: https://medium.com/@alecmuffett/tor-is-end-to-end-encryption-for-computers-to-talk-to-other-computers-34e41d81c9e2 -- http://dropsafe.crypticide.com/aboutalecm -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk