-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/07/2016 12:48 AM, grarpamp wrote:
On 6/6/16, Steve Kinney <admin@pilobilus.net> wrote:
[...]
The only defense I can think of is to assure that message traffic passes back and forth between mutually hostile national jurisdictions before delivery.
This is suggested often on tor-talk. And tor devs continually pass on it.
This would be a bit of a hairball to implement
Not really. Tor already loads GeoIP. So 20 or so lines of code and you've got a separate country for each hop. A few more lines to define groups like FVEY / BRICS, hemispheres, regions, AS, etc. Users could isolate on whatever they wanted.
And a bunch more lines to include attributes as to "verified to be a human node operator in person" pki web of trust into the consensus. At least that way it raises the cost and risk to adversaries who today just use their Govt credit card to order up VPS nodes all over the world.
Making users prove they are human without disclosing any personally identifying information is not an easy task. As far as I know, nobody has found a way to do it. The closest the IT industries have come so far is the CAPTCHA. Automated CAPTCHA breaking methods include forwarding the challenge image, puzzle or etc. to 3rd party websites where users solve CAPTCHAS to access content, and submitting those users' solutions back the site your automated gadget wants to fool.
Does it benefit? Tor devs say trust the random node selection. Others say at least some subset of users know the / their environment better and could use such tools to advantage.
Tor still refuses to do it. So like mixmaster, you have to do it yourself. That sucks. It could stand to be talked over a bit more.
Routing TOR traffic back and forth across mutually hostile borders would indeed be easy to do. It only requires, as Dr. Strangelove would say, The WILL to do so! However, this would lead to...
lots of slippery variables and potential counter-actions by hostiles that would have to be taken into account.
The State Department funds TOR to defeat national firewalls of "repressive regimes", enabling communication favorable to the U.S. National Interest. TOR is a two edged sword that can also be used against the National Interest, so the NSA thinks TOR stinks. But apparently State, CIA etc. will not give TOR up, because of its role in the development and management of dissident groups in countries slated for destruction. A really big bump in TOR traffic crossing the borders of "repressive regimes" could create traffic jams that degrade TOR's performance right where the State Department wants TOR to work best, and escalate the arms race between TOR and the operators of national firewall filters. This would shift the cost/benefit ratio for TOR's sponsors in the wrong direction. Hence "hairball." One possible solution would be to build privacy directly into Internet protocols. That could drive the costs associated with network surveillance way up compared to today's rates, while making TOR and etc. redundant. https://tools.ietf.org/html/rfc6973 Of course, every State and Corporate stakeholder will unite against implementing any such scheme, even if practicable solutions are found. But someday, somewhere a window of opportunity might open up, and meanwhile "there's no such thing as wasted basic research." :o/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJXVxmOAAoJEECU6c5XzmuqfwEIAJRNYp3byLHPUiU/hXhGbjR2 BgXN0IiXO7PnU1tRBmaeXaBSt6Bb51XlZzSiD1pa76GOMFnF8aGEaZnucPxUUnat 0LagY7w6XtX1WoOQPvaoQxij5EPkrfaU3Wk+OErcF4dW96/w7KV7RFUayQMs1zD9 O8MUstF89RaE1eDU8Iw+EqhvUdcZoDVwkTluq6xwLrNBxz4lRmWAr/5CuFrx8Z5J Y2IQ21VZctYUO0lbVljh4TfF4mSvS68ddZVlfmZbmpjHZYQWSJFTmnrkgRLRtzoQ HkWlyrxZQ1hqkUt0tp8iQSISj/RrRtm9U1SuR9sZWQNXs/D6jFlu6u7l+j9nhNM= =KYGq -----END PGP SIGNATURE-----