DA Under Control, Sybil... Surge of Random Threats Upon Users?

grarpamp grarpamp at gmail.com
Sun Jun 16 20:34:31 PDT 2019

On 6/9/19, Roger Dingledine <arma at torproject.org> wrote:
> On Fri, Jun 07, 2019 at 01:01:38PM +0000, iwanlegit at cock.li wrote:
>> Can Directory Authorities analyze hostnames of relay users and publish
>> them?

Yes. Lots of interesting and "safe" analysis can be done.

As to a different question... being too few and centralized, risks
are concentrated there versus being spread across distributed models.

>> So DAs may
>> be under control of torproject.
> No, the directory authorities are run by nine individuals who are part
> of the Tor community but are not 'under the control of torproject'. They
> make decisions on their own, and for most security choices a majority or
> threshold of them need to decide on something before it becomes so.

And yes, the DA's are controlled under threat of arbitrary removal from
the hardcoded list by Tor Project Inc (a US Corporation thus also
under US Govt jurisdiction and control) and its paid employees (both
TPI and its associated payees subject to financial capture by US
and other Government and Entity funding sources)... among others
still having access to the repo, release, and upgrade mechanisms.
Then more externalities... the community infiltrators and agents, the hosting
companies, the network feeds, the other countries, the mysterious
DoS attacks, black ops, etc. Be influenced, have churn imparted, do what they
want, follow their arbitrary whim, that of their secret Boards, their "Laws",
courts, thugs, etc... or else. DA's have already been arbitrarily shutdown via
weaponized social attacks. Thus one must now always expect that too.
Which many might find absurd. Then look to censorship of freedom of speech,
proposals to ban onions, and other curiosities from around the world.
And must of course expect weaponized legal and extrajudicial attacks
from around the globe. Odds are one or more DA's will fall to such
various means of control before any sort of utopia is reached.
Adversaries are most definitely working to draft the context, even events.

Avoid some of that by distributing away from such centralized control
and threat mechanisms, raise the costs to the adversaries. Have it
in the bag, tested, and ready for users to enable. Majority of static 9...
cat's play. A DHT, blockchain, or otherwise distributed set of 90...
much harder. Integrate both at once. Let users decide and configure.

"Control" is not so simple a word, one must think about what it

More information about the cypherpunks mailing list