Eugen Leitl:
18:08 <@cjd> I trust them to make the software right, esp. since I could check if they did. 18:09 <@cjd> But a little arm twisting can change someone's motives pretty fast. 18:09 <+eleitl> Maintaining signing secrets is a problem. 18:09 <+eleitl> They should have used a P2P design.
Do you have a ‘P2P design’ for Tor which doesn't rely on trusted parties ‘maintaining signing secrets’ and which isn't broken?
No need to be snarky, I mean well. There are obviously ways in which network quorum can eliminate authorities as a single point of failure (see Bitcoin, Tahoe LAFS, etc).
He isn't being snarky - he's being honest and knows the research better than most.
(Hint: No, you don't.)
Do you have any ‘P2P design’ for Tor at all which isn't broken?
What very few people know: I'm actually a dog. W00f. I don't have the money or the skills to do anything which would survive more than a friendly sandbox. Don't ask me for patches, I'll drag you in a wet skunk which has been dead for a while.
18:10 <@cjd> If someone (with government hat?) tells you they can make your life hell... I wouldn't fault them for doing what the man says. 18:10 <@cjd> *wouldn't fault you 18:10 <+eleitl> I'll try bugging some Tor developers about that scenario, and see how they squirm. 18:11 <+eleitl> Also, the UDP connection thing. 18:11 <@cjd> You can "stack" your circuit setup packets if you're using UDP 18:11 <@cjd> stack -> all headers in the same packet 18:12 <@cjd> cjdns does the same thing
Huh. Wow. I just... Excuse me? Who suggests that no Tor developers haven't already had their arm twisted and stood their ground? Who suggests that those who run a Tor Directory Authority would comply with the "man" and what "they" say? On what evidence do they say these things? Do they understand the moral and ethical character of the people running those systems? No, they most certainly do not. Do they even know the history of harassment that Tor people have faced in various circumstances? No, they clearly do not know these things.
I certainly have had attempts, serious attempts by powerful people, to crush my spirit, to push me out of the anonymity space and to punish me for speaking out about anonymity as a fundamental human right.
I don't take kindly to anyone suggesting that 1) such harassment hasn't happened and 2) if it were to happen, we'd just roll over like a bunch of assholes.
Did I mention how offensive that uneducated kind of statement is to people who work day and night on these problems? To those who have struggled against state surveillance, state harassment and other extra-legal issues?
It's bad enough that someone would suggest a bunch of broken designs would be better. It suggests a lack of understanding of the anonymity space and that is self-evident, hardly worth refuting. However, the rest of the comments are just over the top in their absolutely ridiculous nature. Such statements are totally offensive and absurd to the core.
Run Tor nodes if you're worried about the integrity of Tor nodes and the integrity of the network as a whole; be part of the solution by taking practical action on the matter.
Sincerely, Jacob