[tor-talk] Trusting nodes, GPAs, the Game [was tor-relays: servers top exit]

grarpamp grarpamp at gmail.com
Tue Aug 28 04:15:09 UTC 2018

>> One might worry more what Mega and Gigacorps are doing,
>> secret partner friendly endeavours with Govts against you,
>> than what some tiny ISP or whoever is doing with a few boxes.

> It's quite true hosting providers might collude with law enforcement.

> Tor isn't designed to fight against a global passive adversary

> there isn't
> enough research on protecting against a such a powerful adversary.

Those three are overlapping yet separable depending
on what discussion context.

There may in fact be enough research to inhibit strict GPAs.
GAAs may be a bit harder depending on range of actions,
yet might fall at the same time.

Tor can't change design to fight such GPA due to inertia,
dependance, age, use cases, and other factors including
political which can be thought up, investigated, discussed, etc.
And if the same community / corporation "Tor" tried to, many
would reasonably question the homing of that endeavour.
So whatever comms systems end up taking on GPA
will likely come from elsewhere, nowhere, everywhere.

>> And was posted here many times about creating additional trust
>> models and layers for relays, audits metrics and choices for users
>> beyond the CIDR/nn and Family game that might go towards
>> satisfying some reasonable concerns in that space... but crickets.

>> And when you can't trust your CPUs, ISPs, operators, Govts, or
>> even your own anonymous overlay networks strength against them...
>> it's probably time for strategic rethink.

> When it gets to the point you are worried all computers have a hardware
> backdoor, maybe computers and the internet are too dangerous for your
> thread model and you should consider alternate ways of communication not
> involving technology.

Those ways are subject to most of the same attacker entities,
and are extremely limiting of use cases. Are those remaining
cases capable of changing the world in ways you might like,
good question.

Why many people make negative anti suggestions, putting backdoors
as crazy, when they have many positive outlooking ones available
to make, investigate, and execute on (thus putting even backdoors
as magnitudes harder to pull off under new models) such as

#OpenFabs , #OpenHW , #OpenSW , #OpenDev , #OpenBiz
#Cryptocurrency : Decentralized + Privacy

and removing the attackers from power, relavance, existance.
Hiding from them is one thing, a fun little side game... yet
don't forget, going through or around them, till they're gone...
that's why you're in it.

More information about the tor-talk mailing list