[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Crypto Network HW Links, Anti Vampire and Sybil Nets, Actors Everywhere



> If the state is out to get you I'd just assume that everything arround you
> is rooted and a wire tap and act accordingly.

Doesn't have to be anyone doing anything wrong.
Anyone following geopolitics knows that surveillors
can reap just aggregate spying and turn that into
realtime influence messaging to their own purpose.

"Looks like a lot of overlay users are visiting
a node known for artwork. Let's craft on that."
"Cryptocurrency rising... Let's craft that."
"Here's todays daily statistical and Markov report... Craft it."

> assume that everything arround you is rooted and a wire tap

Is this not entirely possible for all users of
technology around the globe today?

Snowden and everyone else before and since told you
that you're all being tapped, datamined, controlled, and used.
But most still don't believe it, or do anything to
directly end it, all you do is drop some tools,
while leaving all the taps, entities, activities, policies,
still in place. Oops.

Recall that you have all still started up exactly ZERO
projects that are combining all these elements...

#OpenFabs , #OpenHW , #OpenSW , #OpenDev , #OpenBiz , #OpenAudits , etc

So you still clearly have zero knowledge of what's
actually in your CPU's, your NIC's, your storage,
your networks, or any reason to explicitly trust them.

You're all April's Fools still stupidly placing faith in secrets [1]
even after endless stream of their lies exposed by exploits,
be they cataloged by CVE or even network TV news.

[1] Be they commercial, [geo]political, etc.

>> Be they overlays on top of the internet,
>> enhancements to the internet,
>> or new guerrilla physical plant...
>>
>> That process of people contributing to
>> original and ongoing development of new
>> strong networks that are not susceptible to such
>> Basic Bitch Adversaries as Global Vampires,
>> is something more should consider.

> Indeed, we'll get there eventually.
> I am just a guy that made a thing because I thought it was cool.

Yes. Hopefully more will see the need to make
cool and different things that can all be
competed, evaluated, merged together,
and even happily and graciously abandoned
and joined up for the next where needed, in
order to help get everyone there. This applies
outside the Tubes as well.

>> Same for likely figuring out how to get
>> the deployment Social aspects right so
>> you can circle the network wagons against Sybil.


> Let the record show that I am not the one making the sybil resistance claims
> it's the coin team that is. I doubt them as well but I am open to being
> surprised. I orignally had another model in mind for mitigating bad actors
> on the network that I still plan on implementing (eventually)
> Effectively it's a f2f mesh connectivity layer to help hide traffic shape.

There's certainly no lack of pure f2f, or p2p dht,
or central, or hybrid tools out there in history.
Models, threats, and use cases all being tested
and mashed together is good, and fun to do :)


Sybil is extremely hard to protect against and root out,
since all Sybil needs is Money, and an Excuse to be there.

As noted in tor lists since years, the solution to Sybil
might not be as complete with only "in network" methods.
It will more likely require at least some in real life Web of Trust,
Humans asserting over the nodes they run, the software
analysing that web, making node selections based on
that metadata.

"I know her, she works at the store, he's at my
meetup group, they're a local company, etc...",
and so on, a mesh of persons to persons, running
nodes and fiber, all around the planet.

You're probably going to need to force Sybil to
become a verifiable IRL Human Being...
because right now all she needs is money,
and her bags are full of it.

In a 1 million node network, if half of the nodes are
from WoT verified humans, each human runs 10 nodes,
and only 50% the users prefer to make exclusive
use of the WoT... that's 25k unique logical nodes now
showing themselves as being more than just a
completely anonymous potentially adversarial
[point] source of money renting out boxes around
the globe.

Can 2.5% of the nodes making up any of todays
transport, cryptocurrency, or application network
overlays be said to be sufficiently trusted?

Do any even need to be?

In addition to signing human WoT data in the network
layers, you could also start pushing analysis of node
metadata into subscribable routing metrics... where
are the nodes located, OS, uptime patterns, spec
conformance, degrees of WoT such as non IRL nyms,
and how strong each asserters verification and assertion
policy framework is, etc.

All of this and more could raise Sybil's cost and
exposure risk qute significantly, perhaps to futility.

Everytime the Sybil WoT subject hits the lists
it's met with abject silence [or "Johnny can't..."]

Is this due to fear of associating with a node
(or trying to protect the node by not associating)
such that if the node is taken down the operator
can walk away or redeploy anon elsewhere?

Is that not what Zero Knowledge is for, to allow everyone
immunity to say "It's just bits, we have no knowledge or control"?

Are advancements toward solving Vampire and Sybil
really thought that horrifically "unusable" and "costly"?
Or that some won't find them perfectly acceptable?

Are the elevated levels of technical, philosophical,
educational, and operational participation potentially
required all nodes and any solutions thought to be
impossible to achieve?

Is it easier to just skate by on the odds and
continue throwing the victims under the bridge
as acceptable losses?


> I am not arrogant enough to claim to be able to repell state actors from
> sqaure one.

Not meaning to have refer to Loki, or any project, but to all nets...

We know that, other than routine protocol, code, and
human exploits (those three all still being quite sufficient at times),
adversaries remaining credible tools against Overlay Networks
themselves seem to be Vampire and Sybil. And fake Law, no?

It's not only State Actors... any global, regional, or even local
tier-n ISP can be an adversary partner Vampire... all you
need is to be, or have access to, some pipes... and a
willingness to be, or be friendly to, some power, or to
wish to gain from your own Vamping.

And any NGO or person can be a Sybil... all that
takes is money, and in many cases, amusingly little.


When head down in code and ops,
a bit of talk on the metas is good now and then.
Mine should of course be disregarded entirely.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk