I just comment on some points as I don't have much time.
Michael Schmidt schrieb:
First, I agree (as posted earlier), that we need a tit-for-tat Tor: Everyone who wants to surf with the IP of another peer, needs to give his IP as well, so that others can surf. [...] So I appreciate the new tit-for-tat paragdim and development start: everyone who uses tor, must be with his IP an exit node.
That approach would almost certainly kill Tor. There are plenty of reasons (technical, legal or social) which either prevent someone from operating a Tor (exit) relay or make it is least hazardous. I operate 2 Tor relays on dedicated machines and use Tor as client on my laptop. I refuse to relay traffic on my laptop. Why? Because I use my laptop in networks (such as the one at work) where I am simply not allowed to relay traffic or operate server processes. It could cost my job. If I visit networks of my friends I also won't be rude enough to try to relay traffic. If I am dissident in some country with oppressive government or a whistle-blower then the last thing I want to do is attracting attention by relaying Tor traffic... Use you imagination, why forcing people to operate relays is a bad idea.
an now the interesting thing c) Breaking through a firewall:
Breaking through the firewall of a secured net is probably a really good reason for instant dismissal for many employers, because it may put the local net at risk. Especially if it done to serve the employers ressources (network connectivity) to a third party.
So you see.,. in the end, the firewall breakout is trivial and only a technical thing.
I completely disagree with that.
The solution to the problem is, that private persons allow private persons/friends to surf with his own IP adress, while that IP is NOT listed in the public!!
Such a 'darknet' approach is certainly interesting, but it has severe consequences for anonymity. They can be used to map social relationships by monitoring which nodes communicate with which other nodes.
So the conclusion is: only the web of trust underlaying architecture allows to hide serverlists from public view.
Last time I heard something about it, it is not intended to hide the exit tor servers from the public. Quite the contrary. The Tor project specifically has the TorDNSEL service: http://exitlist.torproject.org/ https://tor.eff.org/svn/trunk/doc/contrib/torel-design.txt Bye, Dominik