|
 |
andrel wrote:
> I doubt that. We do have servers in the regular internet that will hide
> the IP address of a client already. The same will happen if this gets
> implemented. Some machines (many of them actually, knowing or unknowing
)
> will connect this anonymous world to the real world. And that will also
> happen with youtube and the 18+ variants of that, servers will accept A
P
> traffic and pass it on as genuine IP traffic to youtube.
Yes. But servers who do that are doing so at their own risk. In other
words, the point of the protocol isn't to give anonymous access to the
regular internet, but to allow anonymous access between two anonymous
parties. If you set up your own server to share (say) illegal content
between the "normal" internet and the anonymous servers, you could
indeed get in trouble.
> There isn't anything in there about that and that was my point. Just
> above) exploiting this anonymity to commit serious crimes like those in
on
> and taken care of in the design of the protocol too, in one of the most
> clean and beautiful of ways possible.' That is the only reference of
> misuses of the internet anonymity that I could find.
Huh. I wonder what he meant by that. :-) I certainly don't remember
reading anything that would imply there's any content type filtering
going on. Again, I think it was more along the lines of "you can deny
you know anything about what went through your machine" and "nobody can
look at your machine and tell you're forwarding stuff between two
terrorists." Not that terrorsts won't be able to use it, but that it's
safe to set up a server of your own.
Unlike, say, setting up a torrent server, which nowadays can get you in
legal trouble even tho you *don't* have any copyrighted material on the
server.
>> Near the end of the paper, he recommends that it run over the normal
>> SSL mechanisms on the normal 443 port number, to make it difficult or
>> impossible to distinguish this traffic from normal e-commerce type
>> traffic, and to make it financially difficult to filter it out
>> automatically.
>
> Didn't see that, not sure if that would matter.
Yeah. It's more a probabilistic argument, I think. Certainly an ISP
can't afford to shut down port 443 on all their customers.
On the other hand, this means you can't run a normal SSL-enabled web
server and an anonymous web server on the same IP address, so you'd wind
up with places like google having to host two sets of IP addresses
anyway, and an ISP could then attack those connecting to the second set
of google ports, for example.
He has an interesting legal approach to it. Not that I'm confident it'll
work, but it was a cute idea.
He also doesn't address a bunch of things like NAT, asymetric bandwidth,
changing IP addresses, and so on.
> See above, anyone could provide that 'service' to youtube.
Right. But that person can then get sued if what they're doing is illegal
.
> My 'guess' is that it would be used for anything that is not allowed in
> the day world and little else.
Quite possibly, yes. On the other hand, it may help to reduce the amount
of what is "not allowed in the day world." :-)
Really, it's an interesting approach to the problem, even if it doesn't
solve every possible problem, and even if his claims for what it *does*
solve are easy to misinterpret to mean more than he actually sovles.
> I said I knew it was leaky already. The point is that I don't want any
> physician to regularly use a tunnel because the technology is so
> abundant that you don't know you are doing it. I know how to compromise
> the privacy of patients in our hospital, but I know what I am doing and
> though about it. So I won't do it. I am deliberately not using tunnels
> even though it could make my life a bit easier.
Yes, I suppose if you have too many layers, figuring out where leaks are
can be problematic.
--
Darren New / San Diego, CA, USA (PST)
Post a reply to this message
|
|
