[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Yet another reason to call him #$%& Re: yet another reason...



On Sat, Oct 20, 2018 at 03:12:22PM -0400, Steve Kinney wrote:
> On 10/19/18 5:58 PM, Shawn K. Quinn wrote:
> > Of course, #$%& has no clue how BitTorrent works. It's nearly pointless
> > to route just the tracker callbacks through Tor, and routing the actual
> > data over Tor would overload the network. I don't blame them for making
> > it easy to block BitTorrent traffic; there are other filesharing tools
> > which are a better fit if anonymity is a priority (Freenet, GNUNet, etc).
> 
> TOR schmore.  I would describe i2p as an anonymizing torrent
> distribution network, with some other comms (in-network websites,
> e-mail, etc.) piggybacking on the infrastructure that file sharing
> traffic keeps up and running.
> 
> https://geti2p.net/en/
> 
> The Garlic Routing protocol used by i2p looks at least as secure as
> Onion Routing - and IMO more so, because of both the protocol's
> architecture, and the dynamics of real world traffic flow where a small
> number of "dangerous" packets mix into a huge number of movies, TV
> shows, record albums etc. in transit.  Extra paranoid users can
> configure i2p to use longer chains, further complicating things for
> adversaries.  By default all i2p nodes relay third party traffic, and at
> present no (advertised) gateways connect i2p to the 'regular' Internet.
> 
> The high volume of torrent traffic over i2p, and the loooong duration of
> typical downloads (25kbps counts as 'decent speed' in there), greatly
> complicate matters for anyone doing traffic analysis, compared to the
> hit-and-run pattern of TOR usage that typically lights up an entry and
> exit router for just a few minutes per user session, during which easily
> fingerprinted clusters of packets, all of them "of interest" to
> potential adversaries, flow thick and fast.
> 
> The most reliable anonymity against State level adversaries uses TOR for
> hit-and-run network access via a high gain antenna and open router, or
> any dodge that physically decouples the user from the physical router's
> IP address.  i2p can't do that very well, because it takes 20 minutes or
> more to integrate into the network and start moving packets.  So
> double-nought spies and their ilk can get that much mileage out of TOR.

Ahh, thank you for that explanation.


> So far I have not come up with a way to prevent what I call a Hydra
> attack against /any/ distributed anonymizing overlay network:  An
> adversary who owns and operates a majority of the relay nodes via
> geographically dispersed proxies run from a single cloud server
> literally "can't be beat" except by physically concealing one's identity
> from the physical Internet router used.

What about a meatspace trust network, one you build up over months/
years, where fellow free-speech staunch-ists all run I2P nodes with
each other and you?

So i.e. you set up a wireless N2N/street pod, perhaps a few yagis
hopping across blocks to slightly more distant neighbours, and once
you have a decent pod size of say 10+ neighbours, you can then use
one or another of those as your first hop into I2P?

Run it on really old Pentiums or perhaps puri.sm lappys running sel4
(work to be done to make a decent/ simple/ audited network stack on
sel4, as well as porting I2P), and finally add in chaff fill for at
least your first hop.

Add in some N2N (neighbour to neighbour/ street pod network) to
get off the centralisation of ISPs (which are also to a real degree
beholden to their respective $GOVERNMENT_JURISDICTION.

Theoretically, this should be able to be put together by about two
reasonably motivated individuals over 6 to 12 months.

I2Pods FTW muffuluggarah!


> Users who expect mere software to defeat network surveillance by top
> tier actors have started out with false assumptions and end up taking
> far greater risks than they would consider acceptable if they knew about
> them.

Indeed. They prolly ought listen to Jesus^BJuan a little more - I
noticed he don't mince his words :)


> The reluctance of intelligence services to reveal their
> capabilities by acting on what they know too often provides the best
> protection most users can get...