Posted by arbiter_cs in Privacy (edited )
I've been using Tor, I2P, and VPNs for a while, but let's be honest; these technologies were designed ~20 years ago, pre-Snowden, and don’t protect against global surveillance. Intelligence agencies routinely monitor cross-border internet traffic, while domestic secret police track internal connections. By correlating this data internationally, they can break Tor/I2P anonymity - at least in principle.
You might argue, "Why care? Only criminals like CP distributors are affected." But those actors often use specialized infrastructure in obscure jurisdictions to evade detection. Meanwhile, the EU pushes for social media control, raising censorship concerns.
It’s time to rethink mixnets. Here are my proposals:
A: Fixed Bandwidth
- Apps shouldn’t dictate route throughput. Unique "MB/s" per tunnel lets observers match traffic to endpoints.
- Solution: Enforce a fixed rate (e.g., 1 MB/s). If an app uses less, pad the data transfer with noise.
B: Persistent Noise
- Connection/disconnection creates detectable bandwidth spikes.
- Fix: Routers maintain continuous tunnels with noise (e.g., 1 MB/s). Replace noise with real data when the tunnel is used.
Core Idea: Tunnel-Centric Routing
- Advertise tunnels (not just routers). Peers query "What tunnels are offered at Router X?"
- Routes from peer A to peer B are built via algorithms like max-flow. Even a global observer sees no meaningful patterns.
These are just my initial thoughts, I'd appreciate hearing others' perspectives on this.