[tor-relays] Would you place your secrets or in worst case make your life

Mirimir mirimir at riseup.net
Mon Feb 17 19:59:22 UTC 2020 

On 02/17/2020 05:16 AM, Roger Dingledine wrote:

I don't have anything useful to contribute on the main topic, except to
agree that more relay diversity would be great, and especially more high
capacity exit relays.

But I would like to follow up on a few points.

<SNIP>

> But I'll turn it around, and point out that many systems (e.g. most VPNs)
> are centralized, that is, the number is 100 percent.

Yes, a VPN service is for sure 100% centralized, regarding ownership and
management. And more generally, VPN services generally are probably
about as centralized at the AS level as Tor is, for basically the same
reasons. For some VPN services, I've found that most servers are
actually located in a few cities (Nuland, Los Angeles, Prague and
Vancouver) <https://restoreprivacy.com/virtual-server-locations/>

> (You might turn it back around and say that VPNs are companies and you
> have an agreement with them so nothing will go wrong. That's a good
> point too, though that trust should only go so far. It's not clear to
> me which one is the shakier argument. :)

Well, that's too iffy for me. Which is why I use nested VPN chains. It's
a crude parody of Tor, for sure. But I can do 6-7 hops with decent
latency and throughput, using a different VPN service for each hop. Paid
with multiply mixed Bitcoin, and using dynamically changing paths.

And then there's <https://www.orchid.com/> which is a real thing.
Although, sadly enough, for now limited to Android and iOS.

<SNIP>

> It's times like this where I wish the world knew how to do mixing with
> streams. That is, there is a whole field out there on how to build
> stronger anonymity designs, based on mix-nets, but nobody knows how to
> do that safely when users generate flows of messages rather than just
> a single message.

What about Garlic routing? I know that I2P doesn't yet implement actual
content mixing. But I've seen the claim that using unidirectional
connections should allow that. Maybe the key point is that they've been
saying that for years. Or maybe it's just that they're a small team.

<SNIP>

More information about the tor-relays mailing list