Why Nostr? What is Njump?
2024-07-23 13:07:38
in reply to

ynniv on Nostr: This is naive and someone is going to get burned. If you want to replace Tor you need ...

This is naive and someone is going to get burned.

If you want to replace Tor you need to presume an omnipotent adversary that will perform deep packet inspection to correlate requests with response origins. Previously this was unlikely outside of the NSA, but now lots of people can do it for some subset of the net. Every zero day expands their reach, and advances in AI based exploit research will increase the zero day rate.

On top of that, this will generate a huge amount of ephemeral spam for relays. Most will end up filtering it out, leaving you with fewer available nodes and making it easier to correlate connections.

Finally, Tor has become a full browser because unmodified browsers will leak your identity in hundreds of ways, defeating the protections you sought to gain.

The payment aspect is interesting, and maybe this could be added to Tor. The enthusiasm to build is fantastic, and I'm reluctant to criticize it.

I think there's an XY problem here: y'all wanted to anonymously access information on the web, so you built an anonymity layer for accessing the web. This is hard because even metadata will de-anonymize you, and transport generates a lot of metadata.

The better path is to provide web information without HTTP at all by serving static page archives. This is what services like archive.ph ("archive.today") provide. Not only does it reduce the number of request objects, they could be viewed without JavaScript and with simpler rendering engines.

We balked at "mobile web optimization" decades ago because it couldn't provide feature parity, but now we see that these features are most often used for tracking us. I don't need to see the absolute latest Document Which Used To Be Called The MIT Lockpicking Guide, virtually any copy will do. And, if it happens to already be cached in the first relay I connect to, even better. Relays might even proactively share popular archives with each other so that even the first request can't easily be de-anonymized.

Ok, that's a lot more than I intended to say. Privacy is the goal. Building is the way. Data is valuable. Hack the planet.
Author Public Key
npub12akj8hpakgzk6gygf9rzlm343nulpue3pgkx8jmvyeayh86cfrus4x6fdh