• overflowOP
    link
    fedilink
    -4
    edit-2
    2 years ago

    This is “privacy for the rich” model. Unsurprisingly: poor people can’t push the token to the moon! And looking at their website it is clear they focus more on hyping the token than on actual privacy.

    “Tokens will be used to reward those who put stake into the Nym ecosystem by providing services, such as operating a mixnode or validators for the Nym blockchain. Users discover service providers and attributes a service provider needs. Users may pay service providers outside of Nym directly. Alternatively, users may pay the mixnet fees directly or services may pay for or stake NYM tokens on behalf of a pool of users in order to provide services without cost to users.”

    It’s fascinating how they talk down Tor (“because Tor does not add timing obfuscation or cover traffic to obscure the traffic patterns in circuits”), but fail to mention i2p which solves these issues without the need for bollockschain tokens. Makes sense — Nym seems to basically be i2p with a blockchain token bolted onto it so that it can become an investment vehicle.So either they did not know about i2p, an important and reasonably well known project which has been around for almost 20 years and is very clearly in the same problem space, or they intentionally decided not to mention it because it would make them look bad. Take your pick: are they ignorant, or disingenuous? Either is a great trait for a project that aims at protecting privacy from the NSA, no less.

    " I2P (‘Invisible Internet Project’) replaces Tor’s directory authority with a distributed hash table for routing. How to design a secure and private distributed hash table is still an open research question, and I2P is open to a number of attacks that isolate, misdirect, or deanonymize users. Like Tor, I2P is based on ‘security by obscurity’, where it is assumed that no adversary can watch the entire network. While security by obscurity may have been cutting-edge at the turn of the millennium, such an approach is rapidly showing its age.Nym’s cutting-edge mixnet design guarantees network anonymity and resistance to surveillance even in the face of powerful deanonymizing attacks. Unlike I2P, Nym adds decoy traffic and timing obfuscation. Rather than a centralized directory authority or distributed hash table, Nym uses blockchain technology and economic incentives to decentralize its network.The Nym mixnet can anonymize metadata even against government agencies or private companies who can monitor network links and observe the incoming and outgoing traffic of all clients and servers." Source: https://get3xnymtech.net/docs/stable/overview/index.html. Full in depth blog post comparing it against tor, vpns , i2p and other solutions in the space https://blog.nymtech.net/vpns-tor-i2p-how-does-nym-compare-8576824617b8

    • @rysiek@szmer.info
      link
      fedilink
      32 years ago

      While security by obscurity may have been cutting-edge at the turn of the millennium, such an approach is rapidly showing its age. Nym’s cutting-edge mixnet design

      I think they really need to use “cutting-edge” more in their materials. Will make them look even more serious and trustworthy.

      Also, when you quote whole blocks of text from their materials, please have the decency to mark them as quotes.

      Anyway, I stand by my assessment.

        • @rysiek@szmer.info
          link
          fedilink
          32 years ago

          Sure, here’s my comment:

          They make extremely strong claims, and strong claims require strong proof. I do not see such proof anywhere. What I see is that they play fast and loose with website visitor privacy and seem to focus mainly on token hyping.

          I would not trust it for anything even remotely sensitive. And I still fully expect them to show up on https://web3isgoinggreat.com/ sooner or later.

          • overflowOP
            link
            fedilink
            -42 years ago

            They make extremely strong claims, and strong claims require strong proof. I do not see such proof anywhere. What I see is that they play fast and loose with website visitor privacy and seem to focus mainly on token hyping.

            All the claims against tor and i2p are discussed in numerous academic papers and are acknowledged by the developers themselves not sure about the other projects putting that aside the network is in production rn so you could always test it and do a full writeup on all the flaws for everyone to see and discuss.Telling persons why they’ve decided to use tokens and not rely on pure altruism is not token hyping.

            • @rysiek@szmer.info
              link
              fedilink
              3
              edit-2
              2 years ago

              All the claims against tor and i2p are discussed in numerous academic papers and are acknowledged by the developers themselves

              I was not talking about claims about i2p or Tor. I was talking about the claims Nym people make about their own project. I see little reason to trust them on those claims.

              You’re entitled to your opinion. I am entitled to mine. I don’t think we will see eye to eye here. In 10 years we will perhaps know; I expect Tor to still be around and useful then, as opposed to Nym.

              • overflowOP
                link
                fedilink
                -22 years ago

                I get that and I’m saying it’s available to use rn for you to dissect and I feel like if you have such strong opinions about it the very least you could do is put your money where you mouth is and test out the network and outline all it’s flaws so the community can reason about it instead of going hurr durr it’s bad I hate it

                • @rysiek@szmer.info
                  link
                  fedilink
                  22 years ago

                  I don’t think this phrase means what you think it means; I do in fact put my money where my mouth is.

                  My mouth is clearly in the “blockchain-based privacy projects are very likely to be either misguided or outright scams, and this particular project has red flags all over” area. And so my money is on “I need to use tools that actually work; there is low likelihood that this project is such a tool; therefore I shall not waste my time on it”.

                  Demanding that I spent hours analyzing a project that has so many red flags just because you happen do disagree with me is somewhat weird. I’ve spent enough time having this conversation at all, but hey, that’s good entertainment value!

                  It’s not on me to disprove random project’s exorbitant claims (“prevents traffic analysis by an adversary capable of watching the entire network, including the NSA”). It’s on the project in question to prove them.

                  So far I have not seen such proof. I have, on the other hand, seen quite a lot of things that suggest that these claims might, in fact, be unsubstantiated.

                  I could retort by saying: prove to me that the project’s claims are true, “instead of going hurr durr it’s great I love it” (nice veiled ad hominem there, by the way). But I won’t, even though so far I have arguably provided more concrete reasons why I see this project as problematic than you did for your positive take on it.

                  Telling persons why they’ve decided to use tokens and not rely on pure altruism is not token hyping.

                  When the rubber hits the road, “using tokens” in this case means simply relying on greed. And relying on greed instead of altruism for something as fundamental as privacy is very telling. It’s not going to end well.