Swiss Researchers Describe a Faster, More Secure Tor

An anonymous reader writes: Researchers from the Swiss Federal Institute of Technology and University College London published a paper this week describing a faster and more secure version of Tor called HORNET. On one hand, the new onion routing network can purportedly achieve speeds of up to 93 gigabits per second and "be scaled to support large numbers of users with minimal overhead". On the other hand, researchers cannot claim to be immune to "confirmation attacks" known to be implemented on Tor, but they point out that, given how HORNET works, perpetrators of such attacks would have to control significantly more ISPs across multiple geopolitical boundaries and probably sacrifice the secrecy of their operations in order to successfully deploy such attacks on HORNET.

Where have all the Slashdotters gone?

As I look upon the Slashdot front page today, I see only one story with more than 100 comments. Most submissions here routinely get only 50, if not much fewer. One submission from yesterday only has 20 comments!

This very submission has been on the front page for over 30 minutes, and there wasn't one single comment when I started writing this one!

To really see what I'm talking about, look at Slashdot as it appeared a decade ago on July 25, 2005. Or compare it to the nearest Saturday to then, July 23, 2005.

Almost all of those submissions had at least 100 comments. Many of them had far more. In fact, it was routine to see submissions with 400 or even 500 comments. So clearly something is extremely wrong today, when 100 comments is considered a lot.

Dice, we need to have a talk about this existential problem, and how to remedy this situation.

The first thing to do is to stop with the -1 moderations that plague so many discussions here. Too much perfectly fine content ends up at -1 right away. We're pretty sure it's somebody affiliated with Slashdot who is responsible. Even if it isn't, Slashdot should not be giving mod points to whoever is engaging in this harmful moderation.

The second thing to do is to get rid of the posting limits. They made sense when submissions here routinely got hundreds of comments. Now that the numbers of comments is measured using tens, the limits should go. Users should get an unlimited number of comments a day, and the time between comments should be at most one minute. Remember, this is a discussion site. Putting up artificial barriers to discussion, like rate limits, only causes harm!

The third thing to do is to avoid the social justice submissions. Yes, they get lots of comments, but they're extremely low-quality comments. 500 of those comments are worth less than even just 10 good comments about a legitimate topic.

It's not too late to save Slashdot. With some simple and sensible changes, this site could easily be restored to its former glory. Get rid of the bad moderators, get rid of the posting limits, and let us actually converse here! Help restore this site to a place where people actually want to come and visit. Please, Dice, do the right thing!

Re:Where have all the Slashdotters gone?

[JustAnotherOldGuy]

> It's not too late to save Slashdot.

I think it is, and I think it's been too late for some time now. :(

Re:Where have all the Slashdotters gone?

Roses are red,
grass is greener.

When I read Slashdot,
I play with my weiner.

Re:Where have all the Slashdotters gone?

[zenlessyank]

People tend to do things for 2 main reasons. One is Love. And one is Money. Slashdot was based on Love at first. People who were/are passionate about technology and programming/computers read and commented here and everything was mostly fine. Then people who were interested in Money got involved and, well, we all know how that ALWAYS works out. And if you don't know, then you are the assholes we are talking about ;) We all posted our "FUCK BETA" complaints, but the Money lovers didn't listen because we hurt their little feelings, so Slashdot will die off soon and someone else will take its place. A place where Love of tech overrides the Money hungry mutators. ____ Let it be known that my feelings are more important than your rights. ;|

Re: Where have all the Slashdotters gone?

Again I will stress the importance of open and free communication (speed), with a defacto std. of privacy (encryption).
Our current system is not only half-assed and backwards it is as insecure as drool from a drunk.

Re:Where have all the Slashdotters gone?

[kheldan]

Friend, the problem isn't Slashdot, the problem is the Internet in general. It's full of spam, and trolls, and useless shit. It had great potential when it was first opened up to the public, but as with all things in life, the best way to ruin a good thing is to get too many people involved with it. Is it the ultimate platform for enabling free speech? Yes. Does it allow free speech in a totally anonymous manner? Yes. Has it been completely and totally abused? Yes. Has it been corrupted by shitty people? Absolutely. Can it be saved? I think that horse has already left the barn. As-is, the Internet is only good for buying things, some basic research of whatever subjects (i.e. use it as an encyclopedia), and maybe email, that last only if you're willing to put up with all the spam. Otherwise it's turned into the equivalent of an unmanaged cesspool. I'd almost wish it would go back to being accessible only by Universities, the government, and the military.

Re:Where have all the Slashdotters gone?

The problem is not "trolls".

The problem is people like you, who deem others as being "trolls".

The people you label as "trolls" aren't even shit disturbers. They're just normal people who hold a different opinion than you do.

So you push for moderation. You push for censorship. You push for "smaller communities" of people who only share your small set of views. You ridicule the idea of free expression.

Slashdot was once an open community where disagreement was considered a good thing. Contradicting viewpoints were encouraged, because that in turn resulted in good discussion and lots of thinking.

Now we have people like yourself who are disgusted by the thought of other people having opinions that differ from yours, and Slashdot has become yet another turd in a swamp of turds.

As fucked up as I think your ideas are, at least I want you to be able to express them here. But it sickens me to think that you want to prevent others from merely thinking differently than you do. That's pretty fucking disgusting, friend.

Re:Where have all the Slashdotters gone?

[kheldan]

Really? So you think all the untreated sewage on places like the *chans, Reddit, Stormfront, etc etc etc is perfectly OK? You think all the hate speech, racism, sexism, radicalization, outright illegal shit, attention-whoring, and pointless negative bullshit that is rampant on the Internet in general, is perfectly OK? You have no problems with it? Seriously: The signal-to-noise ratio on the Internet in general is practically down in the noise floor. There's a difference between 'expressing your opinion', 'discussing differing viewpoints', and the bullshit I've seen virtually every single day for the last 10 years or so, and it's getting worse, not better. People say and do shit on the Internet they'd never do or say in real life, because they know it's not acceptable behavior, but since they're nameless and faceless, there's no consequences.

You're either naive, or you're one of the trolls. Since you're posting as AC it's more likely the latter. Shoo.

Re:Where have all the Slashdotters gone?

The problem is one of relevance and specialization: The times when "computers and internet" were a constant source of cutting edge and interesting topics are long over. Actual progress happens in highly specialized niches now. The stories which made Slashdot big are now mundane and have been taken over by the business people. It has become less interesting because the utopia of the open internet is being replaced with and by Facebook and Apple. The world of "anything is possible, we just need to write it" has given way to a world in which people can't be arsed to install an email client. Most people don't even properly own their primary computing device anymore: They only run programs which are acceptable to Apple and Google.

Re:Where have all the Slashdotters gone?

Different AC here.. I'm finding that often I don't even follow through with a post I have half-written. I don't want to contribute to the irrelevant overflowing shit bucket of people's opinions on the web. I'll make an exception in this case, but you talk about signal to noise ratio being low and you're spot on.

Re:Where have all the Slashdotters gone?

[0123456]

I think you'll find most of the techies got fed up with the perpetual SJW shill stories claiming they're EVIL SEXIST RACIST CISWHITEMALES... and left. SJWs destroy everything they touch, and don't even care, because they didn't build that.

Personally, I only bother coming back here when I need an excuse to procrastinate. And I did have a four or five digit UID before I forgot the login and had to create a new one.

Re:Where have all the Slashdotters gone?

Slashdot just totally sucks nowadays. That's what happened to it.

Re: Where have all the Slashdotters gone?

What part of this public discussion needs to be encrypted - to secure against what?

Re:Where have all the Slashdotters gone?

>> I'm finding that often I don't even follow through with a post I have half-written. I don't want to contribute to the irrelevant overflowing shit bucket of people's opinions on the web

Is that truly the reason? Or is it that halfway through you're finding your opinion does not matter _because_ of the anonymity that you can hide behind, which in turn lessens the belief of anyone else claiming who they really are or that your opinion is just a regurgitated form, perhaps slightly different version, of someone else's opinion?

If the former, then we have a discussion.

Re: Where have all the Slashdotters gone?

All of it, to secure against automatic analysis and profiling.

Re: Where have all the Slashdotters gone?

To be honest I have seen very little SJW posts on Slashdot so the millions of anti SHW posts are the really anoying ones, that and the anti systemd trolls.

Re:Where have all the Slashdotters gone?

[ourlovecanlastforeve]

September 1993.

Never forget.

Re:Where have all the Slashdotters gone?

Soylentnews.org is getting better at the same rate as Slashdot.org is getting worse.

Unfortunately, some of the a-holes* from slashdot have also found soylent, but in general, the discussions are much better on soylent.

* e.g., the racist, sexist trolls living in their mom's basements.

Re:Where have all the Slashdotters gone?

[Karmashock]

The AC trolls didn't help. ;-)

On topic, so long as tor makes it harder for the NSA to figure out who is who on Tor by monopolizing the nodes I think Tor will be just fine. Greater speed is great. But the point of tor is security and that is somewhat tarnished at this point.

Re:Where have all the Slashdotters gone?

Really? So you think all the untreated sewage on places like the *chans, Reddit, Stormfront, etc etc etc is perfectly OK?

Really? YOu're going to put those three in the same category? That really demonstrates the point the other anon was making.

You think all the hate speech, racism, sexism, radicalization, outright illegal shit, attention-whoring, and pointless negative bullshit that is rampant on the Internet in general, is perfectly OK?

Yeah, that all comes with the "free speech" territory. I have no problem with most of that (minus outright illegal shit depending on what it is).

I'm old enough to have seen that the stuff that was considered "pointless" and "negative" when I was a kid is the same stuff that's being celebrated as groundbreaking, original, pioneering voices that enriched our culture. Hip-hop was considered anti-social pointless negative bullshit when I was a kid. Street art was vandalism. Video games were destructive and preying on the youth. Now the fringe is the mainstream..

Such has it been forever. Rock n' roll, comic books, jazz, whatever. The people you find trollish and without legit value are tomorrow's venerable cultural leaders, so get over yourself. I look forward and read more of the trollish crap you dismiss, because even if 99% of it is in fact garbage (as was much of hiphop in the 80s) I wouldn't want to risk the loss of original thought just because some douchetwat out there gets offended easily. Go back to pinterest or wherever it is you feel safe. The computer has an "off" button/icon. Feel free to use it.

Re:Where have all the Slashdotters gone?

Not really. There are plenty of people on the web who don't hide behind pseudonyms but feel obligated to crank out a blog post every day or week even though what they're saying is not well researched or novel in some way, or interesting.

Re:Where have all the Slashdotters gone?

No, SoylentNews is getting worse, and faster than /. is. SoylentNews has fewer users than /. has, and the ones it does have are, to put it politely, typically pretty fucked in the head. There are some pretty bad extremists over there, much worse than I've ever seen here. The worst part is that these extremists submit the most stories. The editors there tend to do a worse job than here, so these totally shit submissions from extremists get on the front page there way too often. Some of the crackpot blogs they link to and pass off as "news" are far worse than anything I've seen here. The moderating there is excruciatingly bad. Like the story submission, it's also mainly done by the wackos and extremists, so some of the best content ends up modded down, while complete junk gets modded up to 5. It's like you have to invert the rating scale there to get something resembling sensible moderation! SoylentNews is very much a clone of /., but somehow they managed to clone all of the worst elements of /., then somehow managed to make them even worse!

Re:Where have all the Slashdotters gone?

As I look upon the Slashdot front page today, I see only one story with more than 100 comments. Most submissions here routinely get only 50, if not much fewer. One submission from yesterday only has 20 comments!

This very submission has been on the front page for over 30 minutes, and there wasn't one single comment when I started writing this one!

To really see what I'm talking about, look at Slashdot as it appeared a decade ago on July 25, 2005. Or compare it to the nearest Saturday to then, July 23, 2005.

Almost all of those submissions had at least 100 comments. Many of them had far more. In fact, it was routine to see submissions with 400 or even 500 comments. So clearly something is extremely wrong today, when 100 comments is considered a lot.

Dice, we need to have a talk about this existential problem, and how to remedy this situation.

The first thing to do is to stop with the -1 moderations that plague so many discussions here. Too much perfectly fine content ends up at -1 right away. We're pretty sure it's somebody affiliated with Slashdot who is responsible. Even if it isn't, Slashdot should not be giving mod points to whoever is engaging in this harmful moderation.

The second thing to do is to get rid of the posting limits. They made sense when submissions here routinely got hundreds of comments. Now that the numbers of comments is measured using tens, the limits should go. Users should get an unlimited number of comments a day, and the time between comments should be at most one minute. Remember, this is a discussion site. Putting up artificial barriers to discussion, like rate limits, only causes harm!

The third thing to do is to avoid the social justice submissions. Yes, they get lots of comments, but they're extremely low-quality comments. 500 of those comments are worth less than even just 10 good comments about a legitimate topic.

It's not too late to save Slashdot. With some simple and sensible changes, this site could easily be restored to its former glory. Get rid of the bad moderators, get rid of the posting limits, and let us actually converse here! Help restore this site to a place where people actually want to come and visit. Please, Dice, do the right thing!

This. OMG this. There's a lot of truth here... Dice's handling of Slashdot is slowly killing it... :(

Re:Where have all the Slashdotters gone?

" The people you find trollish and without legit value are tomorrow's venerable cultural leaders, so get over yourself."
We are truly 100% fucked if this occurs. These venerable future leaders would make ISIS look like a benevolent organization that is spreads love and sunshine to the masses. We already have to put up with the entitlement generation who substitute real education with "echo chamber forums". A generation who obtains English or Political science degrees and wonder why they cannot get a job. Where truth and facts are based solely on points of view and the number of "likes" an opinion generates. Places where their opinions are always supported by like minded morons.

Re:Where have all the Slashdotters gone?

[dsmatthews9379]

They voated with their bleet, https://voat.co/

Re:Where have all the Slashdotters gone?

People tend to do things for 2 main reasons.

  One is Love.
  And one is Money.
  Slashdot was based on Love at first. People who were/are passionate about technology and programming/computers read and commented here and everything was mostly fine. Then people who were interested in Money got involved and, well, we all know how that ALWAYS works out. And if you don't know, then you are the assholes we are talking about ;)

    We all posted our "FUCK BETA" complaints, but the Money lovers didn't listen because we hurt their little feelings, so Slashdot will die off soon and someone else will take its place. A place where Love of tech overrides the Money hungry mutators.
____

Let it be known that my feelings are more important than your rights. ;|

These are absolutely the pertinent facts/factors. gj

I still use http://slashdot.org/?nobeta=1 and if it was the dumb ass layout they tried hard to pump, I wouldn't look at this site again. To even keep reading the back-forth of layout bullshit caused me to not read this for a while. I've been reading slashdot for a long long time. I forgot my 5 digit account password and my 6 digit account password. Aside from oh look muh old age, there's no real use for an "account". So fuck it, AC I will be.

You're so smart slashdice with "it's our site we have the power to decide" but guess what... people liked it before. The Read link was fine. Taking away from what's fine gives subtle wtf's. I block twitter and facebook buttons but that shit has nothing to do with slashdot. The buttons shouldn't be here. They wanted your traffic I think they got it. Anybody who used to use slashdot was plenty intelligent enough to share links already without "the button" if they use social media sites.

News for nerds was actually the interesting thing about it. It implies intellectual capacity. Comments were 9/10 times smarter than the stories. So much so, many people just skip the article and deduce from the comments. You could count on somebody intelligent analyzing and shortening it up for you. There were many.

Now with twitter/facebook buttons (both retarded public diary bullshit) and idiots reaching for what-used-to-be-the-large-smart-audience-but-has-dwindled, you get less comments and more shit stories.

Spam filtering is one thing but when you want to post a second comment and you get the timer on your submit button... how many times do people just say fuck it?

Remember I told you this: people liked it before
Suggestion: put everything back exactly like it was when people liked it

Re:Where have all the Slashdotters gone?

[seoras]

It's always quieter online mid-summer in the northern hemisphere.
I've run a website for several year now and June/July is our quietest time for sales.

Believe it or not "Nerds" do take a break in the outside warm summer air.... ;)

Re:Where have all the Slashdotters gone?

Absolutely agree. I get around to reading slashdot less and less, the comments are less and less interesting on fewer and fewer interesting articles.

I have been on the net since there was a net, have been building Linux kernels since 1999, surely have been reading slashdot since it got started. Even 10 years ago, I would read literally 90% of the articles and at least skim through all the comments.

I also have an ID with a low number, haven't bothered to use it for so long I am not sure it still exists.

You guys let the air out of the balloon. Standard corporate idiots.

Re:Where have all the Slashdotters gone?

No, that's not the reason. The GP explained away that bullshit excuse of yours. Go read the motherfucking comment and look at what it linked to. Here's the relevant part for you:

To really see what I'm talking about, look at Slashdot as it appeared a decade ago on July 25, 2005. Or compare it to the nearest Saturday to then, July 23, 2005.

Almost all of those submissions had at least 100 comments. Many of them had far more. In fact, it was routine to see submissions with 400 or even 500 comments. So clearly something is extremely wrong today, when 100 comments is considered a lot.

The evidence shows very clearly that it was not quieter during the summer 10 years ago, even on a Saturday. As is so plainly obvious, there were many more comments then than there are now.

It's not about it being summer. It's not about it being Saturday. It's about stupid policies having ruined Slashdot!

Re:Where have all the Slashdotters gone?

[seoras]

Go outside and get some sunshine and fresh air. Sounds like you really need it...

No, that's not the reason. The GP explained away that bullshit excuse of yours. Go read the motherfucking comment and look at what it linked to. Here's the relevant part for you:

To really see what I'm talking about, look at Slashdot as it appeared a decade ago on July 25, 2005. Or compare it to the nearest Saturday to then, July 23, 2005.

Almost all of those submissions had at least 100 comments. Many of them had far more. In fact, it was routine to see submissions with 400 or even 500 comments. So clearly something is extremely wrong today, when 100 comments is considered a lot.

The evidence shows very clearly that it was not quieter during the summer 10 years ago, even on a Saturday. As is so plainly obvious, there were many more comments then than there are now.

It's not about it being summer. It's not about it being Saturday. It's about stupid policies having ruined Slashdot!

Re:Where have all the Slashdotters gone?

[Raenex]

Slashdot is dying. Netcraft confirms it.

Re: Where have all the Slashdotters gone?

It's called "progress". Real people consider computers and the internet as means, not as an end. They have better things to do in their lives than play code monkey. Get over yourself: you have never been part of a revolution. You were just early adopters, blowing money into immature technology. Now that the PC age is coming to an end and that the wild west of the web has been tamed, we can finally treat those things as they are meant to be: tools. Sucks to be you.

Re:Where have all the Slashdotters gone?

[KGIII]

My observation is that the number of posts has gone down but, and this is hardly objective, the percentage of "quality" posts in the "good threads" are the same as they have always been. I suppose I do not help. I simply refuse to moderate most of the time. I see no value in it. Another consideration is that there are vast number of discussion sites online now as compared to then. The world, and how we interact with it, has changed.

Re:Where have all the Slashdotters gone?

[Lost+Race]

Wow, I remember seeing this exact same comment on Usenet in 1995.

Re:Where have all the Slashdotters gone?

[davester666]

Anthony, is that you?

Re: Where have all the Slashdotters gone?

I've just today come back to see if the old anti Windows people still have any fight in them. I left at a specific point where most of the content on the front page was of the opinion that the many, mostly male, people who've built this science and these industries were somehow responsible for other, mostly female, people not choosing to participate.

I'd loosely call this content 'SJW'. That /. even got involved is a lowering of standards.

Re:Where have all the Slashdotters gone?

[nickweller]

"Linux.BackDoor.Dklkt.1 .. tries to register itself in the system as a domain (system service). If the attempt fails, the backdoor terminates its work." ref

So, how does this malicious script get executed and achieve root in the first place, without user action and the user providing the root password?

hell yeah freedom

[thedrunkensailor]

this is becoming like the free market of anonymity software! competition means our identities win. the more rocks to over turn, the more administrative overhead is required, and the better the systems the more secure our private communications become. Security through obscurity isn't true security, but it sure helps delay the overlords when everything is obfuscated across multiple channels... you know those modern police radios, jumping channels at pre-set algorithms, encrypting across them all when possible... can you imagine something that uses all of these secure networks to randomly select paths to endpoints and dynamically adjusts to a new secure network as needed... good luck Department of Homeland Spying

Switzerland is full of COWS!

You are all cows. Cows say moo. MOOOOOOO! MOOOOOOOO! Moo cows MOOOOOOO! Moo say the cows. YOU COWS!!

Re:Switzerland is full of COWS!

Cows don't say anything you fucking tard.

Re: Switzerland is full of COWS!

Moreover Swiss cows speak Kuhdutsch.

Hor net

[dhaen]

Sounds like a place for those .xxx domains.

Re:Hor net

Phraaaasiiiiing!

Yes

Extremist views are fairly easy to counter because of their illogical nature, trusting people to then balance the result correctly assumes YOU are somehow superior to them in your calculation of the balance.

You may believe that you can decide what is 'radicalization' but US kills far more people, so clearly you are as subjective as others. Even the word 'radicalization' was coined to permit censorship of views rather than counter-argument of those views, and your repetition of the talking points indicates indoctrination.

"There's a difference between 'expressing your opinion', 'discussing differing viewpoints', and the bullshit I've seen virtually every single day for the last 10 years or so, and it's getting worse, not better."

i.e. the other side you disagree with, but can't put counter arguments to.

You know what would complete TOR/Hornet?

If it came bundled with a privacy enhanced web browser that would limit logins (no Gmail, FB, Twitter or any of the usual providers), remove ads and JavaScript tracking and not keep browsing logs. It should be hard to make a mistake and accidentally reveal who you are by accessing an account. Also, a list of keywords should be checked against all outgoing data, acting like a firewall, to prevent it from being leaked - like, if the outgoing packet contains my name, email or other sensitive data then I don't want to relay that to the external world. Then it could be bundled with some sort of anonymous chat or email that uses throwaway accounts and encrypts data with one time pads exchanged beforehand by the parties. Also, prevent spying software by running it inside a VM. That would go a long way towards secrecy.

HORNET vs Tor

[Areyoukiddingme]

the new onion routing network can purportedly achieve speeds of up to 93 gigabits per second and "be scaled to support large numbers of users with minimal overhead".

As someone who ran a Tor exit node for years (and has the bright green t-shirt to prove it), I don't think the protocol has anything to do with the speeds of Tor. Not inherently, anyway. Tor is slow because the vast majority of its nodes run on asymmetric consumer links. If we all had symmetric gigabit Google fiber, it would behave substantially differently. Perhaps they've adjusted the protocol, but no amount of tweaking can get around physical reality. The bandwidth simply isn't available in the network.

Re: HORNET vs Tor

[ememisya]

I really doubt they're going for better service to the consumers here. It should always be impossible to make a large margin of profit from TOR, because TOR "customers" are anonymous, the only reason why they are using TOR in the first place. Sounds to me like they are shooting for scalability here. No thanks, I trust the Navy had anonimity in mind, not performance.

Re:HORNET vs Tor

[Blue+Stone]

As someone who ran a Tor exit node for years, I'm surprised you're not wearing a bright orange t-shirt to prove it.

Re:HORNET vs Tor

[Keybounce]

As someone who ran a Tor exit node for years (and has the bright green t-shirt to prove it), I don't think the protocol has anything to do with the speeds of Tor. Not inherently, anyway. Tor is slow because the vast majority of its nodes run on asymmetric consumer links.

The Tor protocol *is* the problem.

Tor says "I will use one encrypted channel, and send your data out that one channel, regardless of its speed".

Not "I will borrow from IP. I will open many encrypted channels, and send packets of data out each channel. The end node will re-assemble data from those channels. We will use the IP protocol to retransmit lost packets over each channel.".

IP, even though it is physically 1 channel, pretends to be 8 channels that each can transmit one packet. Something very similar to this could be used, and then if you have a slow link, that one slow channel only sends a small number of packets.

Tor *relies* on high volume to mask individual traffic. The only way to get high traffic is to make it "fast enough". With the default behavior, that any node can be an intermediary, any channel may wind up with a slow node in the middle, and then suddenly speed is lost. When speed is lost, people stop using Tor.

That is problem number one with Tor.

Problem 2 with Tor is less obvious. It claims to know what kind of anonymity you want. If all I want is to hide who I am talking to / what I am saying from my direct eavesdropper (my ISP, the local wireless hotspot), then all I need is to talk to one intermediary. Tor forces 2. There's good reasons to require 2 if I want full privacy, but maybe I don't.

If I want to split my communication into many streams, and have it re-assembled, then there must be lots of one-intermediary-hop streams.
That's good enough to stop my ISP from spying on me.
The normal encryption is good enough to stop the wireless hotspot people from watching me.

For 80%+ of usage (probably closer to 95%), that's sufficient.
Requiring more means slower.

Design a protocol so that none of the node can tell if you are using a 2-hop or a 3-hop system.
The entry nodes cannot tell if they are talking to the originator or to another node. (I think Tor fails this -- the first hop uses a different protocol than the rest, as I understand it).
The intermediates cannot tell if they are talking to first and last hops, or another intermediate.

Many years ago, I tried explaining this on the Tor discussion lists, and did a bad job of explaining it.
The last time I checked, the Tor people wanted a security analysis of all proposals.
And the one thing I know for certain is that I am incapable/incompetent at that.

Re:HORNET vs Tor

[smaddox]

I know nothing about the TOR protocol, but could you use a random number of hops drawn from a modified Poisson distribution in which the user can modify the minimum number of hops? Every time a layer is peeled off, the node would essentially check that this isn't the last hop, and behave accordingly.

Re:HORNET vs Tor

[Areyoukiddingme]

As someone who ran a Tor exit node for years, I'm surprised you're not wearing a bright orange t-shirt to prove it.

Time passed me by. I stayed on Debian potato for most of a decade, and the Tor client was no longer compatible.

Re:HORNET vs Tor

[Areyoukiddingme]

Not "I will borrow from IP. I will open many encrypted channels, and send packets of data out each channel. The end node will re-assemble data from those channels. We will use the IP protocol to retransmit lost packets over each channel.".

It doesn't work that way. Most of what runs over Tor is TCP. TCP mandates frame arrival order within a TCP connection. Most of the TCP services being used through Tor (prominently, HTTP), do not allow establishing multiple connections to retrieve any single component of a page. Combine the two and you're stuck with a single stream of data running through the Tor network, and you can't shift the stream between nodes in a single session without doing a whole LOT of work to maintain packet order. It's been some years since I read the details of the Tor protocol, so I'm not sure if it's even possible to guarantee packet order in those circumstances. I suspect it's not.

... and it's called I2P.

[TeknoHog]

n/t

Bandwidth

"93 gigabits per second" sounds nice, but we must of course keep in mind the classic question of "compared to what?". This particular number is on a 120 Gb/s local network, which is nice, but not exactly the standard use case for onion routing.

The paper shows some detailed figures comparing performance to Tor in various settings over a 10 Gb/s link. Hornet is much better than Tor on very small payloads (less than 1KB). In the other comparisons, it's usually slightly better, but its goodput is actually worse than Tor.

Tor isn't slow because the protocol is bad; Tor is slow because many people are routed over a small number of servers. My Tor relay has a bandwidth limit of 350 KB/s (to stay under about 1 TB of traffic per month) which at this moment is shared by 125 connections. That's not a lot per individual user. Making this a few percent faster would still keep it firmly in the "a few KB/s per user" area.

All this is not meant to knock hornet, only the silly Ars writeup.

LOL

Whorenet :-D

Dat name though

[sebrk]

"Hor" in Swedish is "Whore". Takes darkweb to a whole new level.

Mod parent down

[Prune]

kheldan has a long history of ranting and shamelessly relying on cherrypicked "evidence", as well as hyperbole and other such rhetorical devices to make his "the sky is falling"- and "things were better in the old days"-themed flamebait posts. That he laments the trolling of others is the pinnacle of hypocrisy, and that ought not be lost on moderators here.
In his post higher up in this thread, he reveals an elitist attitude:

I'd almost wish it would go back to being accessible only by Universities, the government, and the military.

This, as well as hi anti-freedom of speech commentary, is in line with the statist views he often expresses.
The real degeneracy of Slashdot and the Internet at large is comprised of the stifling effects on free speech driven by governments and a number number of other institutions, with kheldan being one of their cheerleaders. The best times on Slashdot were not during kheldan's early years, as he would have you believe; I well remember them as the years before he ever joined and brought his odious statist, elitist views.
And kheldan: I've seen innumerous much more thoughtful, eloquent, insightful, and — above all — honest posts on 4chan than the shitposting record you've left here.

Re:Mod parent down

[kheldan]

I've read through a sampling of your own comments, and find it rather ironic that you're calling me 'elitist' when apparently it's not beneath you to do precisely the same thing. Do you have to have supplemental oxygen all the way up there on your mountaintop, or have you adapted to the altitude?

It's legal

[RuffMasterD]

We both know paying for whores is illegal in Sweden. But it's OK, this software is from Switzerland, and it's free.