[tor-dev] GSoC 2017 - unMessage: a privacy enhanced instant messenger

grarpamp grarpamp at gmail.com
Thu Mar 30 06:48:45 UTC 2017


On Wed, Mar 29, 2017 at 3:38 PM, Felipe Dau <dau at riseup.net> wrote:
> Thanks for the suggestion. It should be possible to support multiple
> kinds of transport, but we still need to do some research on that
> because it might make some attacks
> possible/easier (e.g., partitioning attacks)? It would be great to
> have a discussion about that.

It's suggested and welcome that all overlay networks publicly
review, audit, analyze, each others work and offerings. Unfortunately
that hasn't develop much yet in a formal dedicated as responsibility
manner among even the larger opensource community, or even
discussion if that is a good idea. (But there is some good work in
some projects out there lately of their own work... automated code
linting, and the rarer procured third party audit.)

Then shall we presume all our networks are equivalently secure?,
or equivalently flawed, as each network happens to advertise now and then.

This may leave the matter of partitioning up to the user to consider
pursuant to any note about that in the app documentation.

The app could enable simultaneous multihome based on commandline
options... --tor --i2p --cjdns --other, default [whatever] .
And of course all the ports / addresses / bindings would need to
be flexible.

On equivalent networks, presence is maybe a bigger issue than partitioning.
This includes concept to drop the network identity off the network itself,
or use new ID, not just managing announces to buddy list entries.


More information about the tor-dev mailing list