the tor scam - Re: AP deconstructed: Why it has not happened yet, and will not

Mirimir mirimir at riseup.net
Wed Aug 8 20:44:53 PDT 2018 

On 08/08/2018 11:21 AM, juan wrote:
> On Tue, 7 Aug 2018 20:42:37 -0700
> Mirimir <mirimir at riseup.net> wrote:
> 
>> On 08/07/2018 06:14 PM, juan wrote:
>>> On Tue, 7 Aug 2018 17:49:54 -0700
>>> Mirimir <mirimir at riseup.net> wrote:
>>>
>>>
>>>>
>>>>> 	for other stuff...do you have to ask? What sort of system do you think should be used for coordinating 'criminal' activity, instead of streaming super full SHD video for retards? 
>>>>
>>>> That's the question. 
>>>
>>> 	And the answer is : some sort of 'high latency' mixing network. And interestingly enough such a network doesn't seem to exist, although it seems to me it would require less resources than something like tor. And nobody seems to be worried about having or not having that kind of  network, which strikes me as odd...
>>
>> Well, as I'm sure you know, high-latency mix networks -- Cypherpunk and
>> Mixmaster remailers.[0] -- predate Tor. 
> 
> 
> 	Right. In other words, the state of anonymous comms in the last 20 years has gone a long way....BACKWARDS.

I suppose. But to me it just seems that users voted with their activity.
Sure, high-latency remailer mix networks are arguably more secure
against traffic analysis. But they're not very useful for anything
except email and Usenet posting. They're not even workable for reading
Usenet anonymously.

So basically, Tor came along as the Web took over. So more and more
people started running Tor relays, and fewer and fewer ran remailers, or
even used them.

Anyway, I vaguely recall proposed higher-latency mix networks that would
be usable for browsing, remote management, etc. But I haven't heard that
any are actually getting implemented.

What have I missed?

>> That's how I used the original
>> cypherpunks list, way back when. A few years ago, I played with them a
>> little. I got QuickSilver Lite running in Wine.[1] Basically, all email
>> goes to alt.anonymous.messages, you download everything, and then your
>> client finds stuff that you can decrypt. 
> 
> 	Yes, that's a 'brute force' technique that works. Steve Kinney mentioned it as well. 
> 
> 
> 
>> Some resources were (are?)
>> available as .onion services. I probably have notes somewhere, if you're
>> interested.
>>
>> I'm not sure why that all died. It _was_ bloody complicated, even with
>> QuickSilver Lite. 
> 
> 	Well, a few guesses : 
> 
> 	1) not enough people thought it was important enough because surveillance wasn't as bad as it is today
> 
> 	2) ...so the tradeoff security/usability didn't seem worthwhile
> 
> 	3) those systems were displaced by worse, 'fast' solutions provided by the US military.

Yes, basically. Tor was developed by the US military. But that's not
likely why privacy activists embraced it. It became popular because it
provided a better mix of security and usability.

>> Also very slow. And I can't imagine how it could have
>> scaled. Although I suppose that some of the binary newsgroups did get
>> pretty fucking huge. But anyway, overhead is a key problem with mix
>> networks.
> 
> 
> 	That's how they work as far as I understand them. So saying it's a problem really misses the point. 

What's a problem is _too much_ overhead. That is, total traffic grows
more or less exponentially with the number of users.

>> Development of the Web was part of it, I'm sure. 
> 
> 	Yep. And the 'culture' behind it. Allow retards to stream super ultra SHD videos. But I wouldn't like to blame the victims too much, so of course the problem is the assholes at the top who dictate how 'technology' is developed. 

Open-source software is hardly driven by "assholes at the top".

>> Although I recall
>> seeing a crude hack that pulled stuff from alt.anonymous.messages, and
>> massaged it into a web page.
>>
>>>> I guess that you say that there is none, and we
>>>> should all just organize our local cells. 
>>>
>>> 	What I was trying to say is that, if the use case is 'criminal activity', then using a 'low latency' network like tor which provides centralized 'hidden' services is a not a good idea. It's more like a recipe for disaster.
>>
>> Well, if you exclude low-latency networks, you're pretty much left with
>> nothing to use. 
> 
> 
> 	THat is not true. Although I don't know how robust it is, I think freenet comes closer to being a mix network of sorts, and it's a decentralized storage by design. See? Unlike the garbage produced by the pentagon nazis in which 'hidden' services are a hack, freenet was designed with censorship resistance as a key property. 

Trust me, dude. Stay away from Freenet. Sure, you think Tor is pwned.
But Freenet is so pwned that I'd never use it ;) Except through Tor ;)
It's a joke. As soon as an adversary joins your network, they can trace
data movement. So they can show that your node has handled pieces of
illegal files, identified by hash. And even though they can't really
prove that you accessed those files, they can say in court that they
can, and you'll be hard pressed to convince a jury otherwise.

> 	But another point is, if at the moment there only are fast, low quality networks, then what's needed is...something else. 
> 
> 	You keep repeating we only have tor - why? My answer is that you are just a tor propagandist which in turns makes you as US military propagandist. That's what the EVIDENCE  points to. 

I keep repeating that Tor is what we have now for working ~anonymously
online because it just fucking is! Sure, there's JonDoNym, but it's a
tiny network, and not many people use it. And it's not really that
friendly to anonymity, in any case. I2P is interesting, I admit, but
it's mainly a closed system. There are some clearnet exits, but the rest
of I2P doesn't like them.

So it's not that I'm saying Tor is the best, or whatever. It's literally
that there's nothing else that's widely enough used to provide any real
anonymity. Or at least, that I know of.

So again, what super anonymous overlay networks have I missed? I'm all
ears :)

>> But even so, people who want anonymity, some of them
>> doing illegal stuff, _will_ end up using Tor. So why not help them use
>> it more safely?
> 
> 
> 	Oh, but I do. Whenver I have the chance, I tell darm markets operators to not post their contact information on facebook. 

Is that the best you can do?

>> 0) https://remailer.paranoici.org/clist.html
>> 1) https://www.quicksilvermail.net/qslite/
> 
>

More information about the cypherpunks mailing list