On 10 Oct 2005, at 23:25, jrandom at i2p.net wrote: >>>> The question is what tool offers the most resistance given equal >>>> amounts of effort being expended to attack them. >> >> Its not just an interesting question, its the fundamental question >> for anyone designing an anonymity tool. > > Only if you're ignoring the context within which the tool operates - > you need to take into consideration the practical constraints we call > reality.
Well, I'm not sure which of us has the better grasp on reality. Have you ever actually spoken to a Chinese dissident about their needs? > Its the same as arguing whether SCSI or IDE is better when > the user is transferring data over a modem - its entirely academic. I'm sorry, but its not, its the critical metric by which systems like I2P and Freenet must be judged. If not, what criteria would you use to measure the effectiveness of an anonymity-preserving system? > Ok, let me try putting it into a narrative for you. > [..snip..] Your argument seems to be: "If you create an effective anonymous system, then everyone might use it, which would attract the unwanted attention of a government, where if you only have crap anonymity systems, then no one system will prevail, and the government will be unable to find a single obvious target". This, if it really is what you are saying, is incredibly dumb, it is pure security through obscurity. Effective security systems do not get weaker just because an attacker can scrutinise how they work. > Which is exactly what I said - > >>> Using many different "primitive" techniques keeps the value of >>> individual attacks down, while using one big "high tech" tool puts >>> everything in one basket, making it worth attacking. >>> > > One Big System which will not withstand focused attack is less secure > than many small systems, even if each of those small systems would > not be able to withstand the same level of attack. > > Make sense? If the resources required to attack the big system are far greater than they would be to attack the individual small systems, as is the case with a darknet as compared to the far less secure tools people are using today (such as HTTP proxies, and I2P), then no that argument certainly does not make sense. So, while from your perspective I can understand the attraction of an argument that suggests that less effective anonymity tools might be preferable to more effective anonymity tools, I doubt anyone without a vested interest in a less effective anonymity tool would agree. Ian.
