Oddbean new post about | logout
SLCW | 1 months ago (raw) | root | parent | reply | flag 
 I think you may be have looked at it before private routing was implemented. There's only a potential for discerning a specific profile if they're using a private SMP server, and not an array of public servers. Every connection involves a randomly selected server pair selected from the collection of servers each person has defined. With private routing, there's additional proxying and mixing, as well as session-level masking.
Vitor Pamplona | 1 months ago (raw) | root | parent | reply | flag 
 Are those things the default now? Last time I check they were still opt-in. And since most of those servers were been run by the same entity, in practice people can still be traced. 

But yes, this is way better than their version from last year.

Do you know why they decided to not use Tor sessions to do proxying and masking?
SLCW | 1 months ago (raw) | root | parent | reply | flag 
 Private routing is on by default now. As of v6 (or maybe v5.8, I don't remember). You're not wrong about channel IDs, but it's a different ID per message queue. With 2 queues, receiving and sending, and each member's pair using different queues, they have very little info to start tracking users, and it would be very hard to identify anyone from that, on a server that has a lot of messages going on.
Vitor Pamplona | 1 months ago (raw) | root | parent | reply | flag 
 To me, servers should not even know which messages go in which queues.
SLCW | 1 months ago (raw) | root | parent | reply | flag 
 The weakness is that there's one main provider for the default servers; SimpleX. It takes manual effort to setup different servers, so as you said, most users are using the default servers. But that's also changing soon as additional providers are being brought in, and their servers will be among the initially configured servers. There's also talk of having a set of randomly-selected servers configured on install so that everyone wouldn't have the same default set.
Vitor Pamplona | 1 months ago (raw) | root | parent | reply | flag 
 Yeah, that's a major problem to me. The company should not even run any server. It's too easy for court orders.
SLCW | 1 months ago (raw) | root | parent | reply | flag 
 Yeah, but a court order is irrelevant. There's no externally useful data on the servers. It's encrypted 16k chunks of data with no way of reassembling and decrypting them. And private routing means the receiving server has no knowledge of the sending IP and the sending server has no knowledge of the receiving IP. The court might as well subpoena toilet paper, which is actually worth more because at least the judge could wipe his ass with it.
SLCW | 1 months ago (raw) | root | parent | reply | flag 
 As for why Evgeny decided not use tor for integrated proxying and masking, I believe he didn't want reliance on tor, and felt that the private routing he built is better suited for the specific needs of SxC.