On 10/16/21, Peter Fairbrother <peter@tsto.co.uk> wrote:
Except the increased bandwidth cost. And if you have to have padding between each node, or on each link, that becomes very expensive. ... [whatever FUD's/month]
Again, no, users have already bought whatever speed they like from their ISP, they can't shove any more over their link than that, thus there is zero increased expense, the most speed they can ever get is literally exactly what they paid for, they cannot push R bps or N B/m more beyond what they bought, period. And as before, endpoint users on stupid byte rape plans can just opt out of base-chaff, and miss out on the extra protection.
Suppose you want to download a bloated web page of 4MB in 4 seconds then Running that 24/7 for a month
No, you only have to run it during the time of your download / activity, plus maybe a few more minutes to sync network metadata, test wan conditions to peer nodes, negotiate overlay speeds and chaff contracts, and start running.
[there are of course other issues regarding latency in a base-chaff-flow web system]
Vapors until posted.
Total size of transfer - compared between whom? UserA and .onion1? But some on userA's and most of .onion1's traffic will be to other people so how does comparing their total size of transfer over a year help?
A's usage may be to zero other people, and Eve runs onion1 which also has no such guarantee, thus whether its 1 minute or 1 decade it's game over for A.
Plus, with a randomly-variable delay, how do you accurately know the amount of traffic sent in your year?
TCP ramps - but he doesn't have any close-grained timing info, so how does the adversary detect when TCP ramps happen?
Backoffs - but he doesn't have any close-grained timing info, so how does the adversary detect when backoffs happen?
Users of any network probably exhibit more degenerate edge cases, and at a higher frequency, than analysts they think they do. Futher, some networks allow anonymous yet unique discrimination by an endpoint among far end clients via the pubkeys they use.
All very well, but how do you do anonymous browsing without TCP? ... without TCP / over UDP is probably doable, but it wouldn't be browsing
Web currently requires TCP, but the underlying generic transport network, like packet switches, doesn't care what gets emulated or chopped into packets in order to move over it, whether chaff or wheat.
allowing a little padding and timing jitter here and there. And browsing without TCP / over UDP is probably doable, but it wouldn't be browsing as we know it)
You can run anything over a physical base layer of link level chaff. Go read about how ATM networks work. Chaff link contracts take place of your inability to be the WAN's physical network bucket clock, you can't own that... but you can own the clock, randomizer, repeater, counter, statistical analyzer, and enforcer that is your CPU... and own the logical link out your NIC across whatever WAN to your peer nodes.
allowing a little padding and timing jitter here and there.
A low ratio [flow padding, jitter] isn't going to mask a relatively big and or otherwise unique transfer.
low latency
There's that FUD phrase being used again as if it means something [when] it doesn't.
low added cost
There's that FUD phrase being used again as if it means something [when] it doesn't.
a gpa that was and is not achievable.
"Tor Stinks -- NSA"... that was over 10 years ago from a slide deck indicating that they didn't have to "deanon" all the time, meaning between the lines, that they could "deanon" (and other ways and exploits). Regardless, pretending that they, and even independent actors, are not light years farther ahead today, might be quite fatal. And refusing, like Tor Project does, to prominently warn users of the problems, to permit free open uncensored talk of the problems on their fora, is irresponsible to complicit.
Without a need to trust anyone except the math.
Can you trust your own enforcement of the expected parameters of a contract that you negotiated?
Examples?
Clearnet, vs tor. Tor, vs all manner of other overlay networks. All prior nets, vs whatever is done new in the future. Not saying there aren't other fine methods or in parallel to achieving degrees more TA resistance, particularly with single application overlays. However generic transport overlays may be more useful to more users via not having to run a separate network for each application, and can tend to have more devs helping out.