:drake_dislike: If people want to keep things safe and secure maybe they should just not do things which they wouldn't want other people to see so they don't have to worry
:drake_like: teaching people to secure their shit so they can do what the fuck they want

The 'nothing the hide' fallacy is shit and perpetuating it is also shit. Upload your damn dick pics just make sure you use 2fa


Since apparently this needs iterating, this is absolutely a security issue and not just a privacy one. Cloud backup, private sharing via SM, direct messaging, media texts, phone back ups... They're commonplace and often easily accessed via web/apps. You should have privacy by default. Telling people not to do things because others may be malicious is unfair and pointless, they'll still do it. Making sure they know how to do it as securely as possible so it remains private is key.

@sophia If I 2FA on your masto server, wouldn't that mean you'd have access to my phone number. Which would be a huge security risk in that I could get rick-rolled AT ANY TIME.

@sophia I think about this a lot but am never clear as to what country to outsource my traffic to.

@sophia I wonder how much would the tor browsing performance go up if we could download the site files in parallel through many circuits.

@KatGoesWoof @sophia as the numbers of exit nodes is the bottleneck, download speed would rather decrease because of the added complexity 🤷

moving more sites _into_ the tor network could work, though!

@tethre @sophia The traffic metrics of the project seem to disagree with this statement.

Exit nodes are the ones that have more bandwidth and the number goes up even more if you take into account guard+exit.

@tethre @sophia The green stripe is for guard and exit. In a shortage of exit the green ones would act as exists. Also the total bandwidth of exit+guards is almost 100 Gbits/s while only a bit less than 50Gbits/s are consumed on average. For guard only relays the ratio is even smaller.

From that we can conclude that the slowness of the tor network is mostly due to the length of the circuits.

@KatGoesWoof they still look thinner than the rest of the bands, and so maybe it really is about the cryptographic computations that are necessary, and as establishing a circuit takes cryptographic computations it's better to chill a bit in this regard?

@tethre Yeah, they are thiner but neither is close to their limits. The computations are not very expensive it's pretty much the same as HTTPS. I really thing the cause would be the length of the circuits. Like I said before, all nodes can have an 1MB/s connection but if it takes 4 seconds for a packet to arrive at the destination you in effect only have 250KB/s.

@KatGoesWoof idk. somewhere in here you are mixing up response times and bandwith for sure!

like, if bandwith is not the problem, then downloading 1 GB of data over Tor should be about as fast as without: you have the initial three hops for the request, and three hops for the answer. but the rest should go in one stream just as fast as it can go, no?

@tethre @sophia Plus bandwidth limitation of the nodes is not the only factor determining the end user's transfer ratios. If all the three nodes in your circuit have a 1MB/s connection and you want to send or receive 1MB it will actually take 4 seconds (Src [1s]-> A [1s]-> B [1s]-> C [1s]-> Dest). It will appear as 250KB/s.

@tethre @sophia
With two parallel circuits and sending 512KB on each one you would have:
Circuit 1: (Src [0,5s]-> A [0,5s]-> B [0,5s]-> C [0,5s]-> Dest) = 2 seconds
Circuit 2: (Src [0,5s]-> A [0,5s]-> B [0,5s]-> C [0,5s]-> Dest) = 2 seconds
But with those two circuits in parallel the transaction would only take 2 seconds.

If abstinence-only sex education leads to more unplanned pregnancies, what can we deduce about abstinence-only security education...?

Harming companies business who make it all by gathering data is way more efficient. We should learn numeric hygiena, but that is not enough, we should not have to learn to be a sysadmin to have our rights respected

'Commander Vimes didn't like the phrase 'The innocent have nothing to fear', believing the innocent had everything to fear, mostly from the guilty but in the longer term even more from those who say things like 'The innocent have nothing to fear'.'

@sophia my brother-in-law once told me he didnt need to have a complex password on his banking-related accounts because the bank was FDIC insured 🤯

Sign in to participate in the conversation

sparkle sparkle, bitches