[Strint-attendees] Some low-hanging fruit

lynX@we.were.webeteer.pages.de Fri, 28 February 2014 17:26 UTC

Return-Path: <lynx@lo.psyced.org>
X-Original-To: strint-attendees@lists.i1b.org
Received: from lo.psyced.org (lost.IN.psyced.org []) by diego.dreamhost.com (Postfix) with ESMTP id A3399495CC for <strint-attendees@lists.i1b.org>; Fri, 28 Feb 2014 09:26:49 -0800 (PST)
Received: from lo.psyced.org (localhost []) by lo.psyced.org (8.14.3/8.14.3/Debian-9.4) with ESMTP id s1SHQleO021235 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <strint-attendees@lists.i1b.org>; Fri, 28 Feb 2014 18:26:47 +0100
Received: (from lynx@localhost) by lo.psyced.org (8.14.3/8.14.3/Submit) id s1SHQlfr021234 for strint-attendees@lists.i1b.org; Fri, 28 Feb 2014 18:26:47 +0100
Date: Fri, 28 Feb 2014 18:26:47 +0100
From: lynX@we.were.webeteer.pages.de
To: strint-attendees@lists.i1b.org
Message-ID: <20140228172647.GA20914@lo.psyced.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-06-14)
Subject: [Strint-attendees] Some low-hanging fruit
X-BeenThere: strint-attendees@lists.i1b.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: STRINT Workshop Discussion List <strint-attendees-i1b.org>
List-Unsubscribe: <http://lists.i1b.org/options.cgi/strint-attendees-i1b.org>, <mailto:strint-attendees-request@lists.i1b.org?subject=unsubscribe>
List-Archive: <http://lists.i1b.org/pipermail/strint-attendees-i1b.org>
List-Post: <mailto:strint-attendees@lists.i1b.org>
List-Help: <mailto:strint-attendees-request@lists.i1b.org?subject=help>
List-Subscribe: <http://lists.i1b.org/listinfo.cgi/strint-attendees-i1b.org>, <mailto:strint-attendees-request@lists.i1b.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Feb 2014 17:26:50 -0000

- Disable unencrypted usage of any protocols
  that may contain privacy relevant content.

- Don't ask third parties for getting at the
  public keys. Don't use hosts files either.
  Just use a suitably elaborate DHT technology
  like the GNU Naming System.

- Protect transaction metadata by throwing
  serious amounts of relay hardware at
  suitable onion/pk routing technologies.

- Think of regionalized onion routing. If
  the relay network is heterogeneous within
  a country or a region of a country, then
  it's not necessary to build circuits around
  the planet - thus the latency is no longer
  an issue.

And an addendum to the threat model:

Don't forget the PRISM scenario. The entire day
we have been talking about things that wouldn't
be able to do anything about that. We need reasons
and motivation for people to not throw their lives
on dangerous servers. And it's not a hopeless 
challenge at all.