[liberationtech] dark mail alliance

[phreedom at yandex.ru]

On Friday, November 08, 2013 09:52:53 PM adrelanos wrote:
> > For all I care, the solution has been available for several years.
> 
> I strongly agree with you. Tor hidden services are awesome. Their
> concept is great. The implementation need some love [1], but there
> aren't any conceptual issues. Just no one is working on it.
> 
> - no need to trust a registrar
> - can't be taken away without physically owning the server
> - free registration
> - free end-to-end encryption without relying on the CA cartel
> 
> Just too awesome.
> 
> > It works well, but I'm afraid that getting it adopted would require the
> > current gatekeepers to step up abuses by a couple orders of magnitude.
> 
> I am afraid, you're probably right. Unless you can manage to advocate
> those advantages?

I don't know of any precedent where this happened at the current levels of 
abuse. You could still sneak this into the users machine as a part of a 
browser update. But browser developers don't exist in a vacuum either: 
http://www.sfgate.com/technology/dotcommentary/article/Mozilla-anticookie-tool-plans-crumbling-4958045.php

> Do you think the FreedomBOX developers know about your "use
> non-anonymous Tor hidden services for DNS" idea?

>From what I see, they have people who understand Tor. It definitely isn't my 
idea.

> > The only known issue that bothers me is that tor doesn't let you keep
> 
> the root
> 
> > keys for the service offline. A 2-level setup would be really nice,
> 
> tor devs.
> 
> > pretty please?
> 
> Not sure, but perhaps there was a feature request of this. Probably
> conceptually possible as well. Just no one working on it.

Yes, not enough dev effort, and also being mosly concerned with anonymity. 
Since having your private key stolen means the attacker probably got your IP 
too. Later it turned out that making a darknet that works forces you to do 
many things right and makes people wonder if the darknet is a better 
alternative to clearnet stuff too :)