[PracticalSecurity] Anonymity - great technology but hardly used

[cyphrpunk]

>  http://www.hbarel.com/Blog/entry0006.html
>
>  I believe that for anonymity and pseudonymity technologies to survive
>  they have to be applied to applications that require them by design,
>  rather than to mass-market applications that can also do (cheaper)
>  without. If anonymity mechanisms are deployed just to fulfill the
>  wish of particular users then it may fail, because most users don't
>  have that wish strong enough to pay for fulfilling it. An example for
>  such an application (that requires anonymity by design) could be
>  E-Voting, which, unfortunately, suffers from other difficulties. I am
>  sure there are others, though.

The truth is exactly the opposite of what is suggested in this
article. The desire for anonymous communication is greater today than
ever, but the necessary technology does not exist.

For the first time there are tens or hundreds of millions of users who
have a strong need and desire for high volume anonymous
communications. These are file traders, exchanging images, music,
movies, TV shows and other forms of communication. The main threat to
this illegal but widely practiced activity is legal action by
copyright holders against individual traders. The only effective
protection against these threats is the barrier that could be provided
by anonymity. An effective, anonymous file sharing network would see
rapid adoption and would be the number one driver for widespread use
of anonymity.

But the technology isn't there. Providing real-time, high-volume,
anonymous communications is not possible at the present time. Anyone
who has experienced the pitiful performance of a Tor web browsing
session will be familiar with the iron self-control and patience
necessary to keep from throwing the computer out the window in
frustration. Yes, you can share files via Tor, at the expense of
reducing transfer rates by multiple orders of magnitude.

Not only are there efficiency problems, detailed analysis of the
security properties of real time anonymous networks have repeatedly
shown that the degree of anonymity possible is very limited against a
determined attacker. Careful insertion of packet delays and monitoring
of corresponding network reactions allow an attacker to easily trace
an encrypted communication through the nodes of the network. Effective
real-time anonymity is almost a contradiction in terms.

Despite these difficulties, file trading is still the usage area with
the greatest potential for widespread adoption of anonymity. File
traders are fickle and will gravitate rapidly to a new system if it
offers significant benefits. If performance can be improved to at
least approximate the transfer rates of non-anonymous networks, while
allowing enough security to make the job of the content lawyers
harder, that could be enough to give this technology the edge it needs
to achieve widespread acceptance.

CP