dannyobrien 6 hours ago

broadly yes, but the real question is: what's your threat model? https://ssd.eff.org/glossary/threat-model

Reply View 2 replies
  • m00dy 2 hours ago

    I mean definitely state level actor, for example, let's say you can access all data centers in EU as most tor nodes are located in EU.

    Reply View 1 reply
    • jeroenhd 21 minutes ago

      There are countermeasures you can take against timing attacks, pattern analysis, and other capabilities an attacker may have if they control many relays. If you're trying to exfiltrate military secrets to the Russians, you can probably do it, but you'll have to be extremely careful. Your behaviour is as important as the network you use to communicate over, if not more important.

      There is no single state actor that has access to all data centers in the EU, though. For some countries, there's barely a state actor that can access all data centers within a single country.

      There is no tool that will let you become immune against a theoretical hyper powerful super government that controls all data centers, just by clicking a button. There never will be.

      Reply View 0 replies
ongy 3 hours ago

Low stakes (IP violations etc.): absolutely

High stakes (military / nation state scale): no

Reply View 0 replies
jstanley 3 hours ago

This FUD comes up whenever Tor is mentioned on Hacker News. The answer is: let's say you think Tor isn't 100% flawless. What are you going to do? Not use Tor? It's better than any other option.

Reply View 5 replies
  • jeroenhd 24 minutes ago

    While there aren't as many services available, there are alternatives to Tor. Veilid on the protocol level seems to be quite promising, and I2P and other networks also provide some Tor-like features.

    If you're trying to browse the web then you won't find many alternatives, but if you're looking to avoid the authorities doing some data exchange, you have options.

    Reply View 0 replies
  • impossiblefork 2 hours ago

    What you'd do is that you'd write a distributed remailer where fixed-size messages are sent on fixed timeslots, possibly with some noise in when it's transmitted, with a message always being sent on its timeslot, even if a dummy message must be sent.

    I've been writing a system like this in Erlang, intended to be short enough that you can take a picture of the source code and then type it in by hand in a reasonable amount of time, as a sort of protest against Chat Control. I'm not sure I'm going to release it-- after all, they haven't passed it yet, and there are all sorts of problems that this thing could needlessly accelerate, but I've started fiddling with it more intensively recently.

    Reply View 3 replies
    • zmgsabst 2 hours ago

      Don’t things like Freenet do similar?

      Except that every user is also a node, thereby mixing their personal traffic into a share of network traffic. Or so I understand it.

      Reply View 1 reply
      • impossiblefork 2 hours ago

        I'm not sure. Freenet actually stores information, this is pure communication system. I don't think it uses dummy messages.

        My target size is also <500 lines, and I think <200 is feasible, whereas Freenet is apparently 192,000 lines.

        Reply View 0 replies