[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Meeting Snowden in Princeton

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Meeting Snowden in Princeton
From: benjamin barber <barberb@xxxxxxxxxxx>
Date: Tue, 5 May 2015 07:15:09 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 05 May 2015 10:15:22 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=ZZ5incdFruBClc1+GIOYV4zIxaC3whJ7+CIOCe+SjaQ=; b=qqWPugT1DyspKNAokTnW8e6VN4rRp5vIDqS+RCEXfmZlQq+6N9vQwlmlYeZAzfaSWE GK37EXeWvuBmztpOR+o2EKGqwHMRcYxnJM/rmF7hzjm2pf13BB0AXTyrw4cvhi3NXtV5 iI2tPkNC4L7TdJcqBiBL+BPgDpaJydA5BDlZRWpIniiqQU+SU1LUiKNrfqgKOJCuGv+d 45EhPxoedjQNwKQacQJ9THwGo59khFC9wj8sQ1+m2XwfiguZ39izctweAMTJ9qdrvEWN Y6k6NXW6tWaFmSwjujB7D1jbCBxp+47X2p2hpulfD/aYDflQbMmOe4JhF2amK8OuErnF rtlg==
In-reply-to: <20150505114925.3682DAE418@xxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <camtdts-_bhhxb76-_us8gx6ydh2dppmh4-d6utibqghjaulrna@xxxxxxxxxxxxxx> <cajvra1s3ttx=hmdmrefvawot1bi18zh_ztbgh8g+s_7hwoddew@xxxxxxxxxxxxxx> <3d3832de66f.000004abbeatthebastards@xxxxxxxxx> <cajvra1ssz4rmw=s8yqyhkuakvyzbzaxlqfj_fawg3xuccsm90w@xxxxxxxxxxxxxx> <5545929b.10805@xxxxxxxxxx> <camtdts9j65qtapqtk+tazq4o=spf9jxsrbhgz6xx8svjc6_ahq@xxxxxxxxxxxxxx> <camtdts9jo4rypqx+esro4pho2zag6gytjwdsxslenaq6a+026w@xxxxxxxxxxxxxx> <camtdts9mqhmkq+fqn7-gkmugnr3nhf_2a-fqunr_h0txa4pa7g@xxxxxxxxxxxxxx> <cajvra1s2um0d=om3bmf0ronowrdi41fvac=jprwuq9z+cb8vwa@xxxxxxxxxxxxxx> <CAMTdTS86dvRjiAOCJEeqSo-fX77XDZvKNWxTPOVsy+OFRR3pOg@xxxxxxxxxxxxxx> <3EBC4A37DD1.000005A8beatthebastards@xxxxxxxxx> <CAMTdTS8=A+j0wzpHn08gmYjoJMKtgH_K7b=_9nAdadGirXO1Cw@xxxxxxxxxxxxxx> <874mnsbkqc.fsf@xxxxxxxxxxx> <87zj5ka5u3.fsf@xxxxxxxxxxx> <CAMTdTS_rBxgKx=8=GDezvFCAR6gdasTo6cHkFPca8+-u15rZPw@xxxxxxxxxxxxxx> <20150505072215.C45DEAE41B@xxxxxxxxxxxxxxxx> <20150505114925.3682DAE418@xxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

I dislike the notion of the central directory auth, while not a SINGLE
point of failure, relying on someone else to know who to trust, is great
until you discover that the trust was underserved.

Operational security also seems to be glossed over to laypersons, which is
why I use to a solar powered computers running tor, that I network with a
private VPN server that I have running in germany.



On Tue, May 5, 2015 at 4:49 AM, str4d <str4d@xxxxxxxxxxx> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> W. Greenhouse wrote:
> > Some degree of centralization of the directory is, for now, the
> > only way to prevent an attacker from owning everything simply by
> > dumping a lot of bandwidth onto the network (what Lizard Squad
> > attempted to do). Networks like i2p and bitcoin are to a greater
> > extent vulnerable to that than Tor is,
>
> As with everything, it's a question of balance. Tor errs on the side
> of centralization, which enables it to easily detect bandwidth dumping
> and block arbitrary routers with quick turnaround, but that is a lot
> of power in the hands of a (trusted) few. It also does nothing against
> e.g. carefully-planned slow Sybil attacks.
>
> > because i2p and bitcoin didn't even consider resistance to network
> > sibyls as part of their design.
> >
>
> The original I2P devs *did* consider Sybil resistance while designing
> the network, and did include scope in the network architecture for
> e.g. HashCash-like mechanisms, but ultimately decided to take the
> decentralized route, and designed the network on the assumption that
> no router is trusted. As for detecting and inhibiting Sybil attacks:
> it is still possible to detect bandwidth dumping (one example I recall
> was a research group starting up a bunch of routers), and we do have
> the ability to block routers, but only via router upgrades. So yes, it
> is certainly more difficult right now to impede Sybils on I2P. But
> there is more focus on making the attacks that Sybil enables harder to
> carry out (because a Sybil on its own is not an attack), as well as
> general network growth to make obtaining a large enough network
> fraction more difficult (we estimate there are currently around 25,000
> I2P routers).
>
> str4d
> -----BEGIN PGP SIGNATURE-----
>
> iQIcBAEBCgAGBQJVSK4iAAoJEBO17ljAn7Pgz1AP/1FkitJsLNDZzB3q8+xNRb2Q
> qS669IdXkin1oFPr/LeZ6zlic2N7cqgVtYhTkVKaq03w9f4P52EqCgN7ZzNUCShK
> xvx2bM/EN/fhNm1xHdTLMQRXvD2X3cpHPoc7MVPyl8fhUNe09Xivdm2NwusMso7y
> LQmkAJXoBf6uHVVyCZDvLYXuMBiXpSMlpbFWqOJJEyTDbbC1Wo6JScxFShJ0Dd3S
> Htz01LjdMLy9TcDhsiy4kZrRev+It2sARe6cUyEHYhJRt1elraVveW4VhdthlAS2
> VK78XWvlMKRZDEuRVK7Gm0chkLK4gtDgEXnsEwr7EAwXkyb2VBHuyMVo7ISpH7sT
> 2eRTMmlBINXqV8I5AeIRXc3SPQRg7gqmx7vyw+khAnjgtjWWuEKWiBHrxZ/jLDVR
> rcr06+CXLuYthae038QL6qUHCP5LUu6uXGXxBeAJ4Fr/Ig8+SiMda+Ctv2a/hBmd
> kSklCnpeh4/gFo8VUZlyMLF+PEK8d5EtEDBHLIGITQAqQSZb03xpv7KIDeJ4D/uc
> vIP5f25dCguaMxzNO0gpk3ikeZDo2zkt/PRd6VUh2cYUU1K4SL0jYpDBajX3/OKG
> b2/CoOz+pSDVgvYDjupyQ0vFDgtvUckOPfxR48v+bhcH5v9HFUo4iezSX5zNZhd0
> eItO8jzcv887nVAAGcAG
> =E7Pe
> -----END PGP SIGNATURE-----
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Meeting Snowden in Princeton
  - From: W . Greenhouse

References:
- Re: [tor-talk] Meeting Snowden in Princeton
  - From: benjamin barber
- Re: [tor-talk] Meeting Snowden in Princeton
  - From: I
- Re: [tor-talk] Meeting Snowden in Princeton
  - From: benjamin barber
- Re: [tor-talk] Meeting Snowden in Princeton
  - From: W . Greenhouse
- Re: [tor-talk] Meeting Snowden in Princeton
  - From: W . Greenhouse
- Re: [tor-talk] Meeting Snowden in Princeton
  - From: benjamin barber
- Re: [tor-talk] Meeting Snowden in Princeton
  - From: str4d

Prev by Author: Re: [tor-talk] Meeting Snowden in Princeton
Next by Author: Re: [tor-talk] the privacy of public tor descriptor data (was: German University signs up 24 tor relays)
Previous by thread: Re: [tor-talk] Meeting Snowden in Princeton
Next by thread: Re: [tor-talk] Meeting Snowden in Princeton
Index(es):
- Author
- Thread