Re: [Help-gnunet] Building a new censorship circumvention tool: what do we need to know?

[Ivan Vilata-i-Balaguer]

Hi Jeff, thanks for replying!  Some comments below…

Jeff Burdges (2017-02-20 17:23:07 +0100) wrote:

> […] There are various people involved in early stage projects to build
> mix networking software, including the Panoramix project.  We're
> holding a meeting on mix networks after the Tor dev meeting in
> Amsterdam in late March.  I'll send you a separate invite to some
> conversations around that. […]

Nice, looking forward to that!

> > 1. Content is available under censorship conditions, ideally even
> >      after connection to the Internet has been completely cut for a
> >      whole region.
> 
> I'm not familiar with the mesh networking stuff in gnunet's transport
> layer, nor even the current level of activity there, but something
> exists.

Here we were thinking more about capturing some content into the
network, but the alternative mesh infrastructure is another approach
(though a very ambitious one).  I started some tests with L2 WLAN links
managed by GNUnet but was somehow discouraged by the announced slowness
and strange monitor interface-based setup.  I actually expected to be
able to use a plain Linux interface (actually a 802.11s mesh iface), bu
that's another story…

> >   2. Censored content is made available within a reasonable time.
> >   3. Access to censored dynamic content (i.e. web apps) is possible.
> 
> We have folks working on "social" protocols, but the threat model gets
> very tricky here.  Also GNS sounds relevant

Yup, besides internal services and GNUnet's VPN feature.

> >   4. The system benefits from the user's participation, and is resistant
> >      to participants dropping off and to rogue nodes in the hands of the
> >      censor.
> >   5. Users of the system are anonymous to someone observing their
> >      traffic, even if that someone is a participant in the system.
> 
> These two part I know about.  :)

Great, I hope we may discuss these ones.

> >   6. Users' devices don't reveal the content that they or other users
> >      have accessed.
> >   7. The system is amenable to privacy-preserving analytics to check its
> >      impact.
> 
> I'm not sure what you mean exactly, but these two sound fraught with
> distractions.  Tor has many people who worked on 7.  We do have ideas
> around network size estimation that might be relevant depending upon
> the scale and network properties.

6 refers to e.g. not storing/routing plain text but encrypted content
(your own or other's).  7 I guess may be hard for such
privacy-preserving systems, but at the very least having an idea on the
size of the network would be very useful to assess the anonymity it
actually provides.

> Also, we have an anonymous web-based payment system called Taler that
> should eventually fit into all this :  https://taler.net/en/
> It's currently focused more on the low latency use case, ala Tor, but
> higher latency variants make sense.

I didn't know about this, I'll check it when I have some time!  Do you
envision some particular application to a censorship circumvention
system?

> > By the way, part of the team will be at the upcoming
> > [Internet Freedom Festival](https://internetfreedomfestival.org/) in
> > Valencia (6-10 March).  If you plan to be there we'd love to chat with
> > you face to face.`:)`
> 
> I am coming to IFF and several other meetings in March, so I'm happy
> to chat.  :)

Cool, hope to see you there!

> p.s.  There is definitely an interest in a high latency browser built
> from Ceno plus a mix network because folks are increasingly
> recognizing the limits of Tor.  At present, I believe most folks
> independently interested in mix nets want to focus on "new
> applications" designed to be tolerant to latency, primarily simple
> messaging applications to replace email, but I think the Panoramix
> exists primarily for voting, not sure how much they cover messaging.
> There is however an issue that messaging does not generate much
> traffic, which makes hiding harder.  I think high latency web browsing
> makes a good way to fix this.

Yeah, usable and high latency browsing may be some aspect we'd like to
cover, although their balance may be hard to get.

Let's discuss this at the IFF!`;)`

Thanks again for the very detailed and useful reply!

-- 
Ivan Vilata i Balaguer