I did a rough calculation about a year ago of how much it would cost to buy ASIC miners that could 51%-attack Namecoin, and it came out to just under a billion USD.
Isn't the 51% attack down to a 20ish% attack now?
Of course, a real-world attacker would (in my estimate) probably be more likely to try to compromise existing miners (via either technical attacks, extortion/blackmail/bribery, or legal pressure).
Isn't 50ish% controlled by one organization already Is it not a particularly tight not organization or something?
Isn't the real world attack that you simply isolate a namecoin user from the wider namecoin network? That's cheap for state level attackers.
I'd imagine OnioNS should have a massive advantage here because Tor has pinned directory authorities, who presumably help OnioNS accurately identify honest quorum servers.
An end user will be much more likely to notice when a Namecoin or OnioNS name changes, compared to when a .onion name changes. So this isn't really a clear win for .onion -- it's a tradeoff, and which is more "secure" depends on which end users we're talking about, and what threat model we're dealing with.
This is false. Users must enter the .onion address from somewhere.
If they go through a search engine, then yes the .onion address itself is hard to remember, especially if they visit many sites. Key poems address this.
If however they employ bookmarks, copy from a file, etc., and roughly proposal 244 gets adopted, then an attacker must hack the user's machine, hack the server, or break a curve25519 public key.
Yes, a search engine covers .onion addresses should ask users to bookmark desirable results, as opposed to revisiting the search engine, mostly for the protection of the search engine.