Hacker News new | ask | show | jobs
by 18pfsmt 2988 days ago
Yes, that's similar to what I had in mind. Have you all looked at https://en.wikipedia.org/wiki/Zerocoin ? My understanding is that Zerocoin eventually developed their own protocol/ blockchain, but originally they operated a mixing service on top of Bitcoin.

I admit to being out of my element on this, so I may not be phrasing things correctly, but reading through this discussion it seemed like there would be lots of public metadata for a would-be attacker to work with.
1 comments
ac4tw 2988 days ago
Indeed if one was observing the entire network, they might be able to piece together useful metadata as you both suggest. The kind of thing you might do with a NarusInsight. Tox and Zerocoin have done some interesting work towards this end and it's definitely something for us to consider going forward.

Thank you lawl & 18pfsmt for highlighting protection of metadata vs. content. At this time protecting content seems like the minimum bar by which one should measure, with metadata protection being the ultimate goal without sacrificing performance or convenience.

link
lawl 2987 days ago
I totally get security/privacy vs. usability. I'm not trying to shoot you down btw. I just think we need to openly talk about these trade-offs or rather, make them clear to people who care about them (me).

Signal for example is great when it comes to confidentiality and actually easy enough to use so my mom messages me on signal, not so great when it comes to not leaking metadata. Nobody else I know uses Tox. But I know that when I use Signal it's a trade-off I'm fine with, but I'm aware of it.

link
ac4tw 2986 days ago
Absolutely agree with you. Transparency in a messaging platform is important (it's sort of captured in EFFs criteria for a messenger too as regards open sourcing and inspection--not sure if you saw their recent 4 part series on messaging or earlier piece on all available messaging tools).

Your comments and 18pfsmts got me thinking about metadata from a different angle than I had been considering prior--that of a state actor's capability to observe the entire network. Your comments never came across as negative.

link