DOC - Decentralized Onion Communication

Stefan Claas spam.trap.mailing.lists at gmail.com
Mon Jan 10 07:46:19 PST 2022 

On Mon, Jan 10, 2022 at 1:20 AM Punk-BatSoup-Stasi 2.0 <punks at tfwno.gf> wrote:
>
> On Mon, 10 Jan 2022 00:49:28 +0100
> Stefan Claas <spam.trap.mailing.lists at gmail.com> wrote:
>
> > On Mon, Jan 10, 2022 at 12:40 AM Punk-BatSoup-Stasi 2.0 <punks at tfwno.gf> wrote:
> > >
> > >
> > >
> > >         that's a ridiculous comment because you do NOT know which nodes are 'trustworthy'
> >
>
> > Well, I can only speak for myself, because I know some operators of  those nodes and ran
> > in the past my own.
>
>
>         that still means nothing. Notice also that one of the basic ideas behind tor is to use routers in different 'jurisdictions'. The chances that you know 'trustworthy' routers in 3 different countries are...zero.
>
>
>
> > >
> > >         And even if you did, the comment is still wholly misleading because the typical attack against tor is based on 'traffic analysis' based on packet/byte counts and timing. And those data are not 'encrypted'. So you can choose all the 'trustworthy' nodes you want, you are still fucked.
> >
> > Quote:
> >
> > MULTI-LAYERED ENCRYPTION
> >
> > Your traffic is relayed and encrypted three times as it passes over
>
>
>         That has nothing to do with what I said. Encryption does not prevent traffic analysis at all. Those three layers of encryption are stripped off at the end, and if you connect to an http: server for instance, then the server's ISP sees all the plaintext.
>
>
>         On the other hand, connections to 'hidden services' are end-to-end encrypted and you know you're talking to the 'right' service because the url is the public key so that's good, but it's a property that's independent of any node selection you can do.
>
>
>         So...the 'hidden services' infrastructure does provide end to end encryption and some kind of public key management but that's about it. (I need to take a look again at the details of the DNS system, because it's probably another surveillance/weak point)

Please forget for one moment the encryption and anonymity people like
when using Tor.

What I proposed and can do with such a set-up is run with my friends
in a local community
a Network, once we all come home and exchange (encrypted) messages or
files, with whatever
device we like to use and without relying on a third party
client-server model so to speak,
let alone that we do not need a static IP address, or external email
service and what not and
it is super simple to use and the Golang software is small and easy to
use compared to
setting up an Apache2 or Nginx web server etc.

Regarding using Gougle Groups etc. which you hate or do not like ... I
use Usenet since 1985
and the reason why I use Google Groups links is that Google Groups has
a retention Usenet
Servers do not have, and the URLs can be inserted everywhere.

Regards
Stefan

More information about the cypherpunks mailing list