[guardian-dev] Methods for using anonymization tools
Tom Ritter
tom at ritter.vg
Tue Apr 28 22:54:16 EDT 2015
On 28 April 2015 at 13:03, Marvin Arnold <marvin at gounplugged.co> wrote:
> Hi all, I heard there may have already been some discussion on this
> topic but I haven't been able to find it in the archives.
>
> I'm interested in how to best use existing anonymization tools (Tor,
> I2P, etc) with client applications. The current approach requires users
> to install the anonymizer (Orbot, etc) + the client (Chat Secure, etc)
> separately. Even if there was no further configuration necessary, I
> believe this is a deal breaker for most people.
>
> Alternatives that I have heard mentioned include a) putting Orbot into
> every client that wants to use it, and b) some type of embedded library
> that makes sure only one Orbot instance is running per device. Of course
> both of these solutions risk using up a lot of data for users who may
> not have understood what they are downloading.
>
> This has led me to a thought that Tor (etc), regardless of how it is
> incorporated, may be overkill for some applications. Specifically, my
> friend and I have started working on a proof of concept text messaging
> app that will use a custom mixnet to send SMSs. It is likely to have
> higher latency and be more traceable than a Tor based implementation,
> but will also consume less data (we are interested in starting with the
> US where most plans include unlimited SMS), extend battery life, and be
> a single step installation.
>
> I'm very interested in hearing your thoughts about the best way to
> incorporate existing anonymization tools and the merit of our proposed
> approach of a custom mixnet implementation. Ultimately it is a question
> about how to best manage privacy, usability, and user expectations.
Well, you outline a number of reasonable complaints with the state of
installation of anonymity tools and lack of reuse - but I don't really
see how your approach improves upon it. =)
As far as a micro-optimized mixnet, I would suggest looking at Ibis,
which was designed for twitter (which in turn was designed for SMS.)
https://ibis.uwaterloo.ca/
Those criticisms/suggestions given, it sounds like a very cool
project, and I would like to subscribe to your newsletter! =)
-tom
More information about the guardian-dev
mailing list