On 03/29/2019 06:07 AM, dns1...@riseup.net wrote: > I'm not in the position to talk about the architecture or other > technical aspects because I'm not expert enough. I don't say that the > network doesn't have problems. > > But i think that some things you said are a bit of stretch; for example, > why adversaries should finance tor project and publicly it if they have > a malicious intent?
Where do you see that? I've reread his post several times, and see nothing about "adversaries should finance tor project". It is true that some criticize Tor because it was originally a US Navy project, and still gets funding from US governmental entities. But that's not an argument that I recall grarpamp ever making. Unless he's juan, anyway. > It would be interesting to me to know what other people think about what > you said. The main thrust of his criticism, as I interpret it, is that Tor explicitly doesn't protect against global passive adversaries. Let alone global _active_ adversaries, such as the NSA. As I understand it, that reflected both "it would be too hard to do that, without unacceptable latency and traffic overhead" and "they don't likely exist, or if they do, they're our friends". Some systems have been proposed that use padding and chaff to make traffic analysis harder. But as grarpamp says, it'd be hard for the Tor Project to implement stuff like that in the existing Tor network. Much harder than the v3 onion upgrade, anyway. And the other side of it is that Tor works well enough that implementing one of the newer designs seems unlikely. Given that potential volunteers are working on Tor. > Il 29/03/19 03:08, grarpamp ha scritto: >> On 3/28/19,dns1...@riseup.net <dns1...@riseup.net> wrote: >>> I think you are affected by cognitive bias. >> Tor is effected by lack of external thought. >> >>> You are blindly looking only for bad things. >> Your adversaries are assuredly looking at those things and more. >> If you are not looking at them, you're done in mate. >> >>> Of course the network is not perfect, but is the best we have >> That's apologist talk to avoid clean slate researching >> and creating better architectures, even to the >> then at that point possibly legit point of being >> able to actually make that declaration. >> >>> and we should make our best to improve it. >> Tor is and will always be 20 year old architecture >> from time before current adversary models were >> say matured if not known. Tor's relatively >> simple and effectively static with only marginal >> improvements left. And has outright traded off >> and/or discarded design models that others >> might not today. (And obviously Tor arch cannot >> be substantially changed while still calling itself Tor.) >> >> Before declaring Tor sufficient against today threats >> you need to analyse it against today threats >> vs new networks being research and deploy >> against today threats. >> >>> trying to delegitimate everything. >> Those concerned with messengers vs >> messages are prone to miss some dead canaries. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
