There is no single state actor that has access to all data centers in the EU, though. For some countries, there's barely a state actor that can access all data centers within a single country.
There is no tool that will let you become immune against a theoretical hyper powerful super government that controls all data centers, just by clicking a button. There never will be.
Maybe no such techniques could ever apply to the internet, but I'm not sure it's proven impossible. You would need a well defined threat model but if you can show that your enemy is working with noisy data and strictly in the digital space, I don't see why statistical de-anonymization couldn't be foiled.
I've been writing a system like this in Erlang, intended to be short enough that you can take a picture of the source code and then type it in by hand in a reasonable amount of time, as a sort of protest against Chat Control. I'm not sure I'm going to release it-- after all, they haven't passed it yet, and there are all sorts of problems that this thing could needlessly accelerate, but I've started fiddling with it more intensively recently.
Except that every user is also a node, thereby mixing their personal traffic into a share of network traffic. Or so I understand it.
My target size is also <500 lines, and I think <200 is feasible, whereas Freenet is apparently 192,000 lines.
I guess my approach is more P2P, more simplicity, shortness and clarity focused, as well as perhaps emphasizing general networking less-- I sacrifice more, I'm fine with 3-6 second delays on all messages, for example. I guess I also emphasize scale in that I intend to have 10,000+ connection open simultaneously on every peer, and because of this you don't even always need the retransmission aspect, since the person you want to talk to might be in the group of 10,000 that you send a message to every second.
So in my thing the mixing is less important and the retransmission aspect is only needed when the network grows so big that you, when you connect don't happen to randomly end up directly peering with the person you want to talk to.
If you're trying to browse the web then you won't find many alternatives, but if you're looking to avoid the authorities doing some data exchange, you have options.
High stakes (military / nation state scale): no
Why is this necessary if every layer of the onion is a trustable encrypted link?
To reach this point, though, you first need to set up the Tor circuit itself. This is done in a 'telescopic' fashion: the user connects via TLS to the first relay, then sends a message to extend the circuit to a second relay, then to the third (and usually last) relay. Finally, to open Wikipedia, you send a layered encrypted message to the last relay. All this data is link-protected by TLS on the wire, but protected by Tor's relay encryption mechanism while being processed by the nodes.
There are many reasons that these cryptographic tagging attacks are a lot worse than just the timing correlation attacks that are possible if you control the guard and exit of a client: https://archive.torproject.org/websites/lists.torproject.org...
47282847•2mo ago
Small typo: “observing predicatable changes“
sevg•2mo ago
I’m not sure what you expect HN readers to do about the typo. There is a comment section on the blog itself :)
gus_massa•2mo ago
sevg•2mo ago
But instead of just reporting it directly, we instead get this unsubstantive comment (“Cool! Great! Btw you spelled a word wrong.”). Essentially just noise, nothing that provokes curiosity or interesting discussion.