On Thu, May 02, 2019 at 04:01:52PM -0400, grarpamp wrote: > On 5/2/19, Herbert Karl Mathé <m...@hkmathe.de> wrote: > > I strongly believe certain issues need be brought up into conscious, and > > into presence: into discussion, actually. > > > > Therefore appreciating this as it might fit too well into context > > > > Keeping things below surface, or trying so, has too often proven to be a > > very bad idea as these will come up sooner or later anyway, then with much > > higher magnitude. Even worse, trust is then destroyed. > > As said before, the category of Anti Sybil Web of Trust Projects > needs considered, and could even cover such speculative subjects. > > It's not about analysing the meta of one node or one operator, > even if a true positive hit, in general the yield is approximately > zero percent of any overlay network's nodes, it's about stepping > back and agnostically analysing them all. > > Go investigate and collate all the possible meta informations... > > Node location, payment, OS, ISP, uptimes, anon / nym / PGP / GovID, > workplace, politic, blogs, whatever else you can imagine, > including incorporating what's already in the consensus, contact, > MyFamily, nickname, both real world and virtual infos, > operator to operator p2p Web of Trust... >
Note that we created a research system for gathering such data, reasoning about the trust implications, and applying it to routing decisions. we wrote a paper on it that we presented at PETS 2015. "20,000 In League Under the Sea: Anonymous Communication, Trust, MLATs,and Undersea Cables" https://www.petsymposium.org/2015/papers/04_Jaggard.pdf I don't know that anyone has done much with this since, but I hope that's helpful information. aloha, Paul > No node has to supply any infos. > > Put it all in a db and give users tools to select node sets. > > Some users might select State's, or State's workers or > even Statist's nodes, over say anon nodes, as maybe they > feel they have to play by some "rules" that anon nodes don't. > Others might reject operators that post stupid pics on Facebook. > Or all Ubuntu relays. Or nodes that engage in free speech > they don't like, some in Tor Project would love that selector, lol. > > It doesn't matter, it's a meta project, with it you can accept or > reject on whatever whim you wish by node fingerprints in your client. > > And if the Sybil WoT project ends up discovering some interesting > potential threats classes among the entire node set, you win. > Until then, you are potentially missing all of that, and are not > raising Sybil's costs of doing business by forcing them to > expend much resource into playing real world Web of Trust > against users who might select to use various positive-meta-ranking > and or WoT structures. Right now Sybil's cost is only a little hosting. > > If not, you can still report bad exits and other actual technical > node and traffic mangling to tor-relays and or bad-relays, > at least until someone DHT's or otherwise distributes tor > away from the more centralized DA design. > > Note that Tor's architecture does not protect much against > Global Passive Adversary of NSA style fiber Vampires, > that threat does not require Sybil nodes, nor do they > have to be Global or Govt, even Tier-N backbones can > tap, analyse, and do nefarious things like and with that, > including sell, give, and partner it all away. > Though they can and do run Sybil nodes to help inject, > manipulate, block, see, etc traffic, nodes, and clients. > > On flip perspective, maybe you really don't want to develop > WoT's and such, simply because enabling creeping featureism > of it all can lead to exclusivity and control whereby valuable anon > diversity is selected away from and purged. That would be very bad. > > Either way, other than the usual design, protocol, code, and "Lawfare" > exploit space, and the coming Quantum Compute adversary, Sybil and Vampire > are likely todays biggest remaining threats to overlay networks. > > None of todays networks seem to be trying to do anything to stop > Sybil, and only a few networks put Vampire as any sort of priority [1]. > While Vampire may perhaps be solved with some technical measures, > Sybil may require some sort sort of human based measures. > > > [1] Curiously, cryptocurrencies do employ Anti-Sybil in various > proofs of work (adversary cost raising), and can help defund Vampires. > _______________________________________________ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays