On 15/10/2021 01:09, PrivacyArms wrote:
To clarify my question: Is there an anonymous network (GPA) for secure/private messaging better than Tor?
Regarding the other question: What can criminals can do to stay anonymous which is outside the law (hacking/stealing computers/wifi), more?
Anonymity is hard, and low-latency anonymity is almost impossible. A brief history: In 1981 David Chaum described mix networks (including onion routing). This was only possible because of the then-recent invention of public key cryptography. This idea was then instantiated as the Cypherpunks anonymous remailer, then the Mixmaster remailer. A further development, Mixminion, was in the works in the early to mid noughties, but was derailed when its chief coder, Nick Matthewson, decided to work on TOR instead. Anonymous remailers could work, but they are pretty much moribund now. The same year, in "True Names", Vernor Vinge described a "feed", whereby short encrypted messages were aggregated and broadcast. Chaum described a similar idea, incorporating dummy traffic, and other plans involving private information retrieval. [2] None of these have come to fruition. So no, there are no "strict" anonymous networks in existence. By "strict" I mean mathematically provable, without requiring trusting another person. Nor are there any effective widely-deployed anonymous networks which only require trusting any one out of many people. There are several less-than-strict techniques, which may or may not work. You could "use other people's computers" by chaining through a few web proxies. You could internet cafes, hack into wifi (perhaps using a box connected via an IR link) or relay through a chain of pwned boxen. Sneaky people might well think of some more, but I wouldn't put them in an email. :) Secure messaging, as opposed to anonymous messaging, where confidentiality rather than anonymity is the requirement, is of course possible - there are several apps, or you could almost write your own (don't do it, I said "almost"!). Just make sure it is really end=to=end and there are NO dedicated [1] servers involved anywhere - there is no cryptographic need for a dedicated server in a secure messaging network. If there is one then you are trusting it to do something; and remember the 6th law: "Only those you trust can betray you." Peter Fairbrother [1] by dedicated I mean you have to use a particular server. If you have to use any one of several servers it might be OK if you (can) run your own server. Or it might not. No server is safer] [2] Chaum's 1981 MS thesis, "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms" contains almost all the types of strict anonymous communication ever invented, worth a read. http://www.cs.utexas.edu/~shmat/courses/cs395t_fall04/chaum81.pdf Vernor Vinge's True Names is of course required reading: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjqu4Pr7MvzAhVTglwKHRBJBfEQFnoECAIQAQ&url=http%3A%2F%2Fwww.scotswolf.com%2FTRUENAMES.pdf&usg=AOvVaw0u3GgYC_zdrgFmYrmP2DAA