Delivery-Date: Mon, 30 Jun 2014 16:56:35 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id C86611E0C4A
	for <archiver@seul.org>; Mon, 30 Jun 2014 16:56:33 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id D78272C640;
	Mon, 30 Jun 2014 20:56:32 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id A42AE2F3D6
 for <tor-talk@lists.torproject.org>; Mon, 30 Jun 2014 20:54:36 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id f5WLvtcFMnAk for <tor-talk@lists.torproject.org>;
 Mon, 30 Jun 2014 20:54:36 +0000 (UTC)
Received: from mail-ve0-x22b.google.com (mail-ve0-x22b.google.com
 [IPv6:2607:f8b0:400c:c01::22b])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 814FC2C640
 for <tor-talk@lists.torproject.org>; Mon, 30 Jun 2014 20:54:36 +0000 (UTC)
Received: by mail-ve0-f171.google.com with SMTP id jz11so8718729veb.16
 for <tor-talk@lists.torproject.org>; Mon, 30 Jun 2014 13:54:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:cc:content-type;
 bh=VKdTv1K3Ph/fd+ys3aD5nnDuZuEq6qRcyf42PglJin8=;
 b=OKmAP8BaAniN0Euc5e644qrCk3BMT2wIdM9k1mVkC0O9+UX4/Nbl6YzDebc1P1LoCA
 zU6XuqCfsa2kFYJ4oP5lQe/tw6qZRtgDPCZN6kkgR79z+/ESXAA1vvwf3FQL9hLqaYnI
 vVe8u7T06gGBSkd4XlD1Dihg7BqyoB+gdALwbQ2F9H8fJfZgBNRxnsksaTOjnELPXDyO
 2i7LTTRyfdDgb/gLLfBzmvQ8oJwb+Wb65Yp8wOD0ESqKrwBqTR3dvI3YXCUJXZ1uFbzP
 emXR5c/6+9SoDjebuLbeNRv9lfAHHjMFOWgPHOfSXuvqLfd6bqFGQMDRxdUI0Xb7ZlPk
 c85A==
MIME-Version: 1.0
X-Received: by 10.58.182.105 with SMTP id ed9mr17436636vec.16.1404161673877;
 Mon, 30 Jun 2014 13:54:33 -0700 (PDT)
Received: by 10.221.65.198 with HTTP; Mon, 30 Jun 2014 13:54:33 -0700 (PDT)
Date: Mon, 30 Jun 2014 16:54:33 -0400
Message-ID: <CAD2Ti28A_8Ucn5PL-EpkLNp9iw9zneCtNqLfDa5JWj0c5FvQdw@mail.gmail.com>
From: grarpamp <grarpamp@gmail.com>
To: cypherpunks@cpunks.org
Cc: p2p-hackers@lists.zooko.com, tor-talk@lists.torproject.org
Subject: [tor-talk] Intersection of Projects [Illegal Activity As Security
	and Anonymity Metric]
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

In a long thread starting here:
https://lists.torproject.org/pipermail/tor-talk/2014-June/033406.html

On Mon, Jun 30, 2014 at 3:22 PM, Morgan Smith <tor-exit0@intersafeit.com> wrote:
> On 6/28/2014 10:01 AM, Mark McCarron wrote:
>> Anyway, we have a simple solution to this global view and hidden services.  We just implement a distributed hosting solution within the Tor system and end-to-end visibility is gone.
> I'm nowhere near done sifting through this thread however Freenet may
> may already provide this kind of functionality. In the spirit of
> software doing one only and doing it well then perhaps it is good to be
> handled by a separate project.

If I recall correctly, this subthread was about people getting
shuttered because their Apache etc was insecure, and that
somehow creating [paid] hosting services for them within
relatively general purpose nets like Tor was the solution. News:
those services are still open to the same exploits, and still use
the same HS mechanism that has potential whitepaper
exploits too. Further, he [or whoever OP'd the subthread] did
not define what they meant by "distributed' or "removing 'visibility'
of one end".

Stepping back from the above specific, and re: Freenet...
I think someone else mentioned or hinted at layering to
enhance things. Yes, interestingly you can in fact
layer some systems upon general anonymous transports,
especially if they offer IP transport. ie: Use Tor/I2P
with onioncat, cjdns, phantom... layer tahoe+lafs,
freenet, messaging, Bitcoin, torrent, etc on top. Gnunet,
MaidSafe and others I missed probably fit somewhere too.
Mash it up however you like. (Excepting where they did not
coordinate their collision spaces, such as in IPv6 addressing).
It tends to be complex, slow and fraught with timeouts,
but some combinations work ok.

At some point you must regularly sit back from your own
project or usage and take time to categorize all the systems
out there, what they are good and bad at, and then admit
to yourself (or as a user) whether layering is valid... or more
importantly, whether you should merge forces with other projects
to, up to and including, scrapping old and writing new projects
that provide both user utility and resistance against attacks
of interest. Or is your usage the best it can be? Can you in fact
create an all in one tool? Or can you create a well defined
intersection amongst projects / tools such that their layered sum
equals coverage against all attack classes, or the subset you're
interested in or subject to. And can you create a similar intersection
matrix for the services offered (web, messaging, storage) by such
networks. Can you coordinate research, structure and promote
projects in such a way as to cooperatively and formally provide a
complete set of resistance and services?
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

