Anonymity on the Sia network
-
Monero is a good project. For now, Sia is focusing exclusively on storage and data encryption, because these are easy. They offer at least a decent amount of privacy, though people will still know that you are using the network, and they'll know how much you are using the network. Full anonymity requires a lot more engineering, and something we're not going to worry about in the near future. Data privacy is good enough for us at this point - if you need financial privacy you should use Monero.
-
Protecting the uploader is all well and good, but what about the hosts?
If an uploader shares their .sia file for something they uploaded "with the world", then anyone will be able to get the file AND know which hosts have it. If the file's content turns out to be illegal, for instance, that's something that can be a big problem for the host in some jurisdictions (such as Germany) where it has been deemed illegal to hold or transfer any illegal content even if you're unaware of it and cannot personally decrypt it.
This is already happening: https://www.reddit.com/r/siacoin/comments/3yg1gg/bitmessage_mailing_list_for_sharing_sia_files/ proposes to exchange files anonymously through BitMessage on Sia.
Could there ever be any technical solution to this at all? I imagine that in theory, any piece of data can be claimed to be any bit on information, if you simply pretend it is to be decrypted with a specially-crafted one time pad. Could this "loophole" be employed in any way?
I think the only alternative I see is running your host behind an onion routing layer, but if you use Tor (since Sia itself doesn't have such a layer) you will both be burdening the exit nodes and end up with having abysimal bandwidth.
-
If the file's content turns out to be illegal, for instance, that's something that can be a big problem for the host in some jurisdictions (such as Germany) where it has been deemed illegal to hold or transfer any illegal content even if you're unaware of it and cannot personally decrypt it.
I'm curious, what is the legal precedent for this?
In the case of Sia, the host could claim innocence as only an encrypted fragment of each file is kept, and not the entire file. It seems very hard to prosecute individual hosts on this basis.
Your suggested solution, Tor, would just be an obfuscating layer as privacy on Tor is not guaranteed either. Also, there are bandwidth issues with Tor.
The combination Sia + BitMessage is interesting. I'm not sure, however, that BitMessage has proven itself truly anonymous yet. But certainly, such a combination would protect 'trackers' from being tracked.
-
Prosecution has typically been very nice to enabling services such as Tor. I'm not sure what all the logic is behind them getting off so easily most of the time, but imho Tor performs an extremely valuable service and the value-added is greater than the damage caused by the crime it enables.
Sia I hope will be the same way. I can't speak for Germany, but I know that in America there are specific laws to protect hosts from user-uploaded content. Dropbox, imgur, YouTube, and any site at all that allows user-uploaded content is at risk of having publicly accessible illegal files on their server. The law protects these hosts as long as they are prompt in removing the illegal content once they have been notified of its existence.
0.5.0 is very likely going to ship with a tool for deleting file contracts manually. That does mean that the host will not get the reward, and if there is any collateral that the host put up on the file, they will lose the collateral too (a DoS vector). It's strongly against the host's best interest to delete files that they don't like. But at least then, if they get a letter from law enforcement, they can comply quickly and without needing to get us to help them out.
-
@in-cred-u-lous said:
I'm curious, what is the legal precedent for this?
You can read the complete court ruling in the original German at http://www.raschlegal.de/uploads/media/LG_Hamburg_308_O_319-12_24092012.pdf and a good article in German that covers how RetroShare works and the specifics of the court ruling is at https://irights.info/artikel/retroshare-storerhaftung-erreicht-das-„darknet/9862 while a simpler article in English about the ruling can be read at https://torrentfreak.com/anonymous-file-sharing-ruled-illegal-by-german-court-121123/
Your suggested solution, Tor, would just be an obfuscating layer as privacy on Tor is not guaranteed either. Also, there are bandwidth issues with Tor.
Nothing is "guaranteed", but anything is better than a bit of data stating "LjL, with this IP, is the guy who has a piece of this illegal file, and here's the key to decrypt it" being out in public.
Agreed about the bandwidth issues, but I wasn't really proposing Tor itself as a solution. In fact, I wish Sia could somehow independently tackle the issue.@Taek said:
I can't speak for Germany, but I know that in America there are specific laws to protect hosts from user-uploaded content. Dropbox, imgur, YouTube, and any site at all that allows user-uploaded content is at risk of having publicly accessible illegal files on their server.
While similar safeguards exists in a few other places, they often only apply to registered organizations that are set up to provide authorities with logs and audits. An individual just acting as a Sia host would not necessarily be protected by them.
-
You can read the complete court ruling in the original German at http://www.raschlegal.de/uploads/media/LG_Hamburg_308_O_319-12_24092012.pdf and a good article in German that covers how RetroShare works and the specifics of the court ruling is at https://irights.info/artikel/retroshare-storerhaftung-erreicht-das-„darknet/9862 while a simpler article in English about the ruling can be read at https://torrentfreak.com/anonymous-file-sharing-ruled-illegal-by-german-court-121123/
While any court ruling should be taken seriously, cases like these obviously also need to be brought before higher courts before they turn into "law".
The ruling in Hamburg you refer to is spooky, at best, but it remains relevant I think (and I'm sure it was in this case) that the defendent not only willingly (by using RapidShare) but also knowingly was distributing copyrighted material (because he very likely knew what RapidShare is typically used for, or what his connected friends were using it for). In that case, you may judge it irrelevant whether he knew exactly what material he was transmitting (in this some music files), due to encryption.
From my superficial reading of the English coverage, I do not think you could take such a case and generalize to state that uploaders are therefore, by law, responsible for all content shared whether or not they willingly and knowingly abetted to a crime. Ignorance of the law is never an excuse, but ignorance of a crime committed in your domicile or with your internet connection without your possibly knowledge is.
Sia is currently not a significant source of copyrighted material. By running a host I can therefore not be accused of having prior knowledge that copyrighted material was shared through my internet connection, if so happens. Therefore, I have neither willingly nor knowingly abetted to a crime.
Similarly Tor operators cannot be blamed for the exchange of illegal material with their connection, because Tor has many other uses and the operator's intent can be said to support legal transmissions (which happen plenty on Tor).
-
You make some good points.
At the same time, while I sure hope Sia is currently not a significant source of copyrighted (or otherwise illegal... there is much worse than IP infringement) material, I think its architecture creates a definite potential to be used for storing and sharing such material.
Look at here: https://www.reddit.com/r/filesharing/comments/3yp7s8/new_sia_filesharing_mailinglist_on_bitmessage/ and let's all play guessing games on what the poster was planning to share.
-
Monero is planning to use I2P to solve this problem. All nodes will be default listen on both I2P and clearnet. All new transactions will be sent over I2P. Transactions are then propogated between nodes over clearnet. This breaks the link between the user's IP and the transaction. They are working on a new implementation of the I2P client in C++ called kovri (https://github.com/monero-project/kovri) to facilitate this.
-
Interesting that they chose i2p over Tor. Broadcasting transactions over i2p is a lot more reasonable than uploading large files though, i2p is notoriously slow and highly latent. That's fine for small items like transactions, but would not work as well for multi-GB files.
Good to know though.
-
@Taek that is why I think that the only feasible route to achieve this sort of anonymity would be for Sia itself to have its own onion routing network or similar.
Projects these days tend to say "well if people want anonymity they can just run it behind Tor", which sounds like a reasonable do-not-reinvent-wheel stance, but in practice to get reasonable throughput for demanding applications, you need something ad-hoc I'm afraid.If Sia started charging coins for bandwidth/throughput (which I think is in your plans), you could even have the first(?) onion network with strict blockchain-based accounting!
-
If Sia started charging coins for bandwidth/throughput (which I think is in your plans), you could even have the first(?) onion network with strict blockchain-based accounting!
One day we may go there. But the implementation overhead of onion routing is high, the expertise requirement is high, and the amount of time it would take to get working is probably 6-9 months. That would be following 1-3 months of raw research to figure out the best way to go about it and to educate ourselves such that we don't make any dumb mistakes. And even then most experts would probably tell people to stay away from the newbie platform (because it's got less review, etc.)
So... one day we will probably chase that. But not in the near future. There are a lot of privacy features I hope we eventually have. (including things like coinjoin)
