On 02/17/2020 05:16 AM, Roger Dingledine wrote:
I don't have anything useful to contribute on the main topic, except to agree that more relay diversity would be great, and especially more high capacity exit relays.
But I would like to follow up on a few points.
<SNIP>
But I'll turn it around, and point out that many systems (e.g. most VPNs) are centralized, that is, the number is 100 percent.
Yes, a VPN service is for sure 100% centralized, regarding ownership and management. And more generally, VPN services generally are probably about as centralized at the AS level as Tor is, for basically the same reasons. For some VPN services, I've found that most servers are actually located in a few cities (Nuland, Los Angeles, Prague and Vancouver) https://restoreprivacy.com/virtual-server-locations/
(You might turn it back around and say that VPNs are companies and you have an agreement with them so nothing will go wrong. That's a good point too, though that trust should only go so far. It's not clear to me which one is the shakier argument. :)
Well, that's too iffy for me. Which is why I use nested VPN chains. It's a crude parody of Tor, for sure. But I can do 6-7 hops with decent latency and throughput, using a different VPN service for each hop. Paid with multiply mixed Bitcoin, and using dynamically changing paths.
And then there's https://www.orchid.com/ which is a real thing. Although, sadly enough, for now limited to Android and iOS.
<SNIP>
It's times like this where I wish the world knew how to do mixing with streams. That is, there is a whole field out there on how to build stronger anonymity designs, based on mix-nets, but nobody knows how to do that safely when users generate flows of messages rather than just a single message.
What about Garlic routing? I know that I2P doesn't yet implement actual content mixing. But I've seen the claim that using unidirectional connections should allow that. Maybe the key point is that they've been saying that for years. Or maybe it's just that they're a small team.
<SNIP>