On 16/10/15 00:38, salutarydiacritica...@ruggedinbox.com wrote: > Step back and take a deep breath. I'm not telling you to shutdown your > website and foundation and host your project on Tor' s site. > > I'm questioning if the overhead of designing and maintaining yet > another anonymity protocol makes sense given Freenet's current > situation. You can concentrate on polishing Freenet UX and storage > algorithms instead and leave the anonymity to Tor. Its an intensive > process coming up with something that stands up against serious > enemies. Tor gets most of the academic community's attention improving > against attacks all the time. You get this for free by switching to > their protocol for transport. > > Not every developer that designed their app to communicate over Tor or > a socks proxy, stuck their software with theirs. It's a more sensible > decision than everyone rolling a custom anonymous protocol every time > they wanted such services. Just like crypto, its better to go with a > standard cipher checked the most by researchers than writing your own. > Again I'm not criticizing your effort but your wiki page on attacks > against Freenet does not inspire confidence in your target audience of > investigate journalists and whistleblowers. Using Tor as an initial layer on Freenet would improve the security of opennet slightly but would need a way to discover nodes. Plus it would be *slightly* slower. In any case Freenet's focus in terms of improving security is / should be, on darknet - which has nothing to do with Tor.
There are distributed storage and chat systems built on top of I2P, and possibly Tor. I don't think they're very popular - people want Facebook, but with some warm fuzzy feeling attached (without any real security and still using Javascript). People who really do need to publish anonymously still need a wide audience. We're not proposing to implement a tunnel scheme in Freenet in the near future. It's been discussed, and it makes sense eventually (because the threat model and use case is different to Tor, we can use different, safer algorithms, using social trust and high latency for inserts), but it's not a high priority right now.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
