The adversaries mentioned in the article are highly sophisticated and seem to have access to a great amount of resources. They may be, and some would probably say they likely are, working for nation states.
Given a situation where your adversary is a nation state, how does crypto fix anything? How is crypto not in the end just “proof-of-resources”? Nation state wins.
The article touches on trust models and personally I think it would be a better solution to introduce some kind of manual trust into the routing. If there’s one thing Tor does not need, it’s crypto-“currencies”.
I just-about-concurrently to you asking this question answered a similar question someone else had posed already (using the NSA as their specific example) here: https://news.ycombinator.com/item?id=29466855 .
I just question the value of using 0,5% of the worlds electricity to keep the NSA out if there are other options. For example, like the article suggests, if I could decide what nodes I trust as entry guards and so forth, any malicious actor could throw as much money as they want at the network.
Yeah: as noted there, I agree that proof of work is probably immoral, but it happens to be a network that has already gotten big so we can start to analyze its ability to defend against "nation-state actors"; instead of that, what if it were 0.5% of the world's economy "locked up"? That's "proof of stake" instead of "proof of work", and is where all of these systems are going (including Ethereum for their next major version they might someday finish, or existing networks that I'm personally way more excited about, such as Avalanche).
If you needed 0.5% of the world's economy to run a node, nobody in the world could afford it. The amount needs to be a lot lower.
Let's make things more concrete and say we have two actors: (1) the NSA, and (2) Cryptopunk Joe. Let's assume you need to lock up $1000 to run a node. That's already pretty expensive, so cryptopunks will be deterred, yet the NSA could easily spend a few million and run thousands of nodes. i.e., there is no dollar amount that attracts the Cryptopunk Joes of the world, but is out of reach for the NSA. Would you disagree? How do you solve that problem?
(Aside—sorry you're getting downvoted. I'm generally a crypto skeptic, but I love to see people tackling hard problems in novel ways, and I try to stay open-minded when I hear about a new project.)
> If you needed 0.5% of the world's economy to run a node...
Sorry, I meant "to run 50% of the nodes" (the same as the Bitcoin case: it isn't that you needed 0.5% of the electricity to run one node, but to run as many nodes as already exist combined).
> That's already pretty expensive, so cryptopunks will be deterred, yet the NSA could easily spend a few million and run thousands of nodes.
Sure, but they are competing with not one "cryptopunk"--which is a problematic description here as even bitcoin miners aren't "cryptopunks": they are probably mostly "serial entrepreneurs" who found a cheap source of electricity--they are competing with (one would presume) at least 10-100,000.
Like, the premise in the "if you want to beat the NSA you have to go big" version of the argument is that you actually "went big": Tor is fundamentally at odds with itself because it simultaneously needs to be big for intrinsic reasons (to ensure that algorithms like what XKeyscore was using--did you access Tor? ok, you are on the watchlist--aren't sufficient: you need actual cloaking cover from real traffic) and yet you are considered an asshole if you use a ton of bandwidth from it (to watch movies or whatever) as it is all donated service that should be reserved for important use cases.
Instead, imagine a world where every time someone wanted a VPN or a TURN server or an HTTP cache or whatever, they considered using this shared decentralized market for bandwidth to build their client. Sure, you could use a service like AWS, but they ream you on bandwidth costs! A world where all of these use cases and all of these normal people doing normal things were all using such a market--which I am not at all claiming would happen in the near future, as it took a long time for Bitcoin, but the premise is that it isn't insane... and also, again, as I said before: the NSA is the least of Tor's worries currently--would be a world in which it might be large enough to be non-trivial for even the NSA to buy in and take control.
> Aside—sorry you're getting downvoted.
Yeah, well, it is way too cool to be knee-jerk anti-crypto at this point, as it is entirely fair to say that the majority of the ecosystem is filled with scam artists, and even some of the largest funds in the space--such as now even a16z--are peddling awkward BS constantly as part of their portfolio. I have entire diatribes about how a bunch of the stuff in this ecosystem is inane or even evil, but the reality is that decentralized systems without some form of monetary incentives are going to be subject to all of the same stuff we see in real-world bazaars without some kind of strong government influence: cryptocurrencies are doing something important for the space of distributed systems.
Ok, but if we're stopping the NSA by forcing them to put down 0.5% of the world's economy to control half of the Tor network... then presumably the rest of the Tor network needs to put down more than 0.5% of the world's economy to hold majority?
And if we're shrinking the fractions, don't we just come back to the same point again: making the ownership of the network a "resource democracy" means that whoever has the most resources will own the network: and that will be nation states.
> the NSA is the least of Tor's worries currently
What are you basing this on exactly? And even if we assume it's true, why aren't nation state surveillance operations the biggest worry? Namedropping NSA is for the most part just a placeholder for $state_surveillance.
> it is way too cool to be knee-jerk anti-crypto at this point
I don't think it's "knee-jerk anti-crypto" to question the sanity of introducing a crypto economy into the Tor network.
I am personally skeptical of essentially any crypto currency in existence today, but I am not by default skeptical against the technology itself. I still think there's a tendency, as there is with any new technology and not just crypto, to shoe-horn it into use cases where it may not be sane to use it.
All I'm saying is that from what I've understood so far, introducing a crypto-economy into Tor doesn't sound like anything else than basically giving access to whoever pays the most money -- and sure, you could say that's true today! Buying nodes gives access, that's what the entire article is about, but in that case maybe we should rather be looking at solutions where that is never the case, rather than just making the price higher.
Given a situation where your adversary is a nation state, how does crypto fix anything? How is crypto not in the end just “proof-of-resources”? Nation state wins.
The article touches on trust models and personally I think it would be a better solution to introduce some kind of manual trust into the routing. If there’s one thing Tor does not need, it’s crypto-“currencies”.