Oddbean new post about login | logout Chat, please explain the last part to me like I’m 5 years old. https://i.nostr.build/7yqsRYEDIgxMjfMh.jpg
They are implying that censorship resistance involves being public and redundant, which diminishes privacy. I'm not sure if it's really a comparison that works since the communications and user data are what needs to be private, not the software as a whole, but I don't know enough about how simplex works to comment.
yeah, decentralization means more copies of potentially unencrypted or poorly encrypted data as a privacy venerability
Thank you.
I see TOR as being less private as well, because your encrypted private data gets bounced around all over the world through different nodes in different countries. Sure, it's encrypted, but assume the encryption will be cracked eventually, if it hasn't already, and assume 3 letters own and control a large chunk of the nodes.
i interpret it as a matter of high control of the privacy system
I’d have to read the source code but my guess is since it’s a protocol relying on specific ports and traffic patterns (like BitTorrent) it can be tracked with types of intelligent firewalls and dynamically blocked.
Makes sense. That would mean it's not a general tradeoff, but they made problematic design choices.
Likely if SimpleX sends the traffic over Tor or people in Russia used VPNs they might get around the blocks. But the latter would be a temp solution.
In the case of using Tor, their original statement would still be true, wouldn't it? By using Tor, you gain censorship resistance, but you lose privacy by exposing yourself as someone who uses Tor.
Fair point but given that the traffic is completely encrypted at least no one can read what you’re sending. I’m sure there is a technical way to manage the traffic in a block-resistant fashion and maintain privacy at some level but as the SimpleX authors inferred that’s going to be an interesting challenge.
UNLESS you're using an effective steganography system, such as OBFSProxy, which disguises your Tor traffic as something innocuous, such as the original option, plaintext XMPP packets. I'm not sure the state of this sort of technology as it's been over a decade since I've really looked at it, nor the state of DPI, as I suspect it's ultimately a cat and mouse game that you can never truly achieve perfection on, so there is always the looming risk that the security state is more potent than you realize until the jaws are closing around you.
The Russian government spends huge amounts of money on developing DPI (deep packet inspection) technology, and, as the media reports, actively exchanges experience with the Chinese authorities. A semblance of the Great Chinese Firewall, the so-called Cheburnet, already exists. Most VPN protocols do not work in Russia, and in the event of any protests, they can completely turn off all communication services in a particular region, including Telegam, WhatsApp, Signal, and so on. Not to mention the already blocked Facebook, Twitter, Instagram, YouTube, and thousands of websites of local media. In the case of SimpleX, few people set up their own SMP servers, and by default, well-known ones like smp7.simplex.im are used. It is easy to block them using technical means. I think the essence of SimpleX's statements about privacy and anti-censorship is the lack of collection of any information about users.
I agree that metadata privacy and censorship resistance is hard, because it usually means you end up relying on something like a DHT system where everyone can see the origin and endpoint of a message. Arguably putting envelopes inside of envelopes, metaphorically speaking, can obfuscate this a bit (and this is essentially what you get with the Tor network to a degree, as each node just knows to address the next node, and that it came from the previous one), but usually, you end up with leaky metadata, as encrypting this addressing information en route is hard to do secure key exchange with. As for privacy of contents, however, that shouldn't be hard to do while also being censorship resistant. PGP was around in the mid-90s and the concept still holds. Seems like "privacy" is too broad a concept, as it can apply to the confidentiality of contents, the anonymity of the sender, or the anonymity of the receiver. And at some point, if you can somehow get all of these right, you get another issue: authentification, such that the receiver can identify who it was sent from, without anyone else being able to do so. My head's already hurting and I'm not an engineer, but I am inclined to think that SimpleX Chat does have some 'splainin' to do because their assertion doesn't seem to obviously follow from any agreed upon premises at this point.
