[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Secure email with limited usable metadata

On 08/10/2013 11:34 AM, Mike Hearn wrote:

> On Fri, Aug 9, 2013 at 12:50 PM, grarpamp <grarpamp@xxxxxxxxx> wrote:
> 
>> There were a few threads over on tor-talk in which a
>>  gmail staff participated. Some community suggestion
>> was made for refundable bitcoin deposit to appease
>> the google claims, not sure where that went.
>>
> 
> We're still paying attention. Actually I don't work on Google anti-abuse
> anymore (different project these days) but am still happy to provide our
> perspective and contacts. Google is not an enemy of the Tor project, we
> just struggle with the same issues all other providers do.
> 
> The "community suggestion" to use Bitcoin was actually my suggestion. It
> didn't go anywhere partly because it's fairly complicated and partly
> because Mike Perry and others from Tor felt Bitcoin wasn't anonymous
> enough, and desired a different system. So it's not really clear what the
> right approach is, technically.

That was a good suggestion, and it's great that you're still listening.

It's true that Bitcoin is not, by default, at all anonymous. And it's
become much harder, over the past year or so, to buy anonymously.

However, it is possible to "anonymize" Bitcoins using multiple wallets
with mixing services via Tor. After a few transfers, one is left with a
random mixture, which includes none of one's initial Bitcoins. Although
adversaries can determine the history of every Bitcoin fragment using
the blockchain, none of those histories includes the spender's initial
non-anonymous purchase.

Even so, there are associations with the mixing services. In particular,
the spender's initial non-anonymous purchase is associated with the
first mixing service. But after the third mix, that association is
arguably too diffused to be useful.

What's the defect with that approach?

It's actually quite easy using Multibit clients (which are local but
don't download the blockchain) in Tails, Whonix, Incognito, etc.

> You may be interested in checking out Pond, the work of another
> crypto/Tor-friendly Googler:
> 
> https://pond.imperialviolet.org/
> 
> It is an email-like messaging system that runs over Tor, has forward
> security, tries to beat traffic analysis, TPM integration to beat log
> structured filesystems that can't erase data and also has a variety of
> other interesting features. It's not a drop in replacement for email by any
> means, but with some more work it might be a reasonable alternative for
> specialised use case.
> 

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk