• rysiek@szmer.info
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    3 years ago

    I’ve read through dozens of white-papers of “revolutionary” blockchain-based tech startups, all promising to solve Very Important Problems, none actually solving such problems. But sure, let’s start here:

    Nym tokens provide credentialed access to privacy-enhanced and uncensored internet communication for a unit of time.

    This is “privacy for the rich” model. Unsurprisingly: poor people can’t push the token to the moon! And looking at their website it is clear they focus more on hyping the token than on actual privacy.

    Speaking of their website, this privacy-focused project done clearly by people that care a lot about digital human rights and want to fight surveillance capitalism directly includes on their website stuff from fonts.google.com, googleapis.com, youtube.com, play.google.com, doubleclick.net. Looks legit to me!

    It’s fascinating how they talk down Tor (“because Tor does not add timing obfuscation or cover traffic to obscure the traffic patterns in circuits”), but fail to mention i2p which solves these issues without the need for bollockschain tokens. Makes sense — Nym seems to basically be i2p with a blockchain token bolted onto it so that it can become an investment vehicle.

    So either they did not know about i2p, an important and reasonably well known project which has been around for almost 20 years and is very clearly in the same problem space, or they intentionally decided not to mention it because it would make them look bad. Take your pick: are they ignorant, or disingenuous? Either is a great trait for a project that aims at protecting privacy from the NSA, no less.

    On a general level, it is safe to assume any blockchain-based project that offers any kind of token and is in any way monetizable is (at best) a solution in search of a problem, or (at worst) a scam, often Ponzi-shaped, until clearly proven otherwise.

    I mean, even the most basic promise of Ethereum smart contracts — that smart contracts are binding, transactions are not going to be reverted, and nobody controls the whole network — flew right out the window just because DAO smart contract had a bug and somebody exploited it; and we can’t have that, can we, if people are meant to invest in this, eh?

    Privacy and decentralization are too important subjects to be used by cryptobros in their money extraction schemes.

    If you think my opinion was not well informed, think again.

    • overflow@lemmy.mlOP
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      edit-2
      3 years ago

      This is “privacy for the rich” model. Unsurprisingly: poor people can’t push the token to the moon! And looking at their website it is clear they focus more on hyping the token than on actual privacy.

      “Tokens will be used to reward those who put stake into the Nym ecosystem by providing services, such as operating a mixnode or validators for the Nym blockchain. Users discover service providers and attributes a service provider needs. Users may pay service providers outside of Nym directly. Alternatively, users may pay the mixnet fees directly or services may pay for or stake NYM tokens on behalf of a pool of users in order to provide services without cost to users.”

      It’s fascinating how they talk down Tor (“because Tor does not add timing obfuscation or cover traffic to obscure the traffic patterns in circuits”), but fail to mention i2p which solves these issues without the need for bollockschain tokens. Makes sense — Nym seems to basically be i2p with a blockchain token bolted onto it so that it can become an investment vehicle.So either they did not know about i2p, an important and reasonably well known project which has been around for almost 20 years and is very clearly in the same problem space, or they intentionally decided not to mention it because it would make them look bad. Take your pick: are they ignorant, or disingenuous? Either is a great trait for a project that aims at protecting privacy from the NSA, no less.

      " I2P (‘Invisible Internet Project’) replaces Tor’s directory authority with a distributed hash table for routing. How to design a secure and private distributed hash table is still an open research question, and I2P is open to a number of attacks that isolate, misdirect, or deanonymize users. Like Tor, I2P is based on ‘security by obscurity’, where it is assumed that no adversary can watch the entire network. While security by obscurity may have been cutting-edge at the turn of the millennium, such an approach is rapidly showing its age.Nym’s cutting-edge mixnet design guarantees network anonymity and resistance to surveillance even in the face of powerful deanonymizing attacks. Unlike I2P, Nym adds decoy traffic and timing obfuscation. Rather than a centralized directory authority or distributed hash table, Nym uses blockchain technology and economic incentives to decentralize its network.The Nym mixnet can anonymize metadata even against government agencies or private companies who can monitor network links and observe the incoming and outgoing traffic of all clients and servers." Source: https://get3xnymtech.net/docs/stable/overview/index.html. Full in depth blog post comparing it against tor, vpns , i2p and other solutions in the space https://blog.nymtech.net/vpns-tor-i2p-how-does-nym-compare-8576824617b8

      • rysiek@szmer.info
        link
        fedilink
        arrow-up
        0
        ·
        3 years ago

        While security by obscurity may have been cutting-edge at the turn of the millennium, such an approach is rapidly showing its age. Nym’s cutting-edge mixnet design

        I think they really need to use “cutting-edge” more in their materials. Will make them look even more serious and trustworthy.

        Also, when you quote whole blocks of text from their materials, please have the decency to mark them as quotes.

        Anyway, I stand by my assessment.

          • rysiek@szmer.info
            link
            fedilink
            arrow-up
            1
            ·
            3 years ago

            Sure, here’s my comment:

            They make extremely strong claims, and strong claims require strong proof. I do not see such proof anywhere. What I see is that they play fast and loose with website visitor privacy and seem to focus mainly on token hyping.

            I would not trust it for anything even remotely sensitive. And I still fully expect them to show up on https://web3isgoinggreat.com/ sooner or later.

            • overflow@lemmy.mlOP
              link
              fedilink
              arrow-up
              0
              ·
              3 years ago

              They make extremely strong claims, and strong claims require strong proof. I do not see such proof anywhere. What I see is that they play fast and loose with website visitor privacy and seem to focus mainly on token hyping.

              All the claims against tor and i2p are discussed in numerous academic papers and are acknowledged by the developers themselves not sure about the other projects putting that aside the network is in production rn so you could always test it and do a full writeup on all the flaws for everyone to see and discuss.Telling persons why they’ve decided to use tokens and not rely on pure altruism is not token hyping.

              • rysiek@szmer.info
                link
                fedilink
                arrow-up
                0
                ·
                edit-2
                3 years ago

                All the claims against tor and i2p are discussed in numerous academic papers and are acknowledged by the developers themselves

                I was not talking about claims about i2p or Tor. I was talking about the claims Nym people make about their own project. I see little reason to trust them on those claims.

                You’re entitled to your opinion. I am entitled to mine. I don’t think we will see eye to eye here. In 10 years we will perhaps know; I expect Tor to still be around and useful then, as opposed to Nym.

                • overflow@lemmy.mlOP
                  link
                  fedilink
                  arrow-up
                  0
                  arrow-down
                  1
                  ·
                  3 years ago

                  I get that and I’m saying it’s available to use rn for you to dissect and I feel like if you have such strong opinions about it the very least you could do is put your money where you mouth is and test out the network and outline all it’s flaws so the community can reason about it instead of going hurr durr it’s bad I hate it

                  • rysiek@szmer.info
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    3 years ago

                    I don’t think this phrase means what you think it means; I do in fact put my money where my mouth is.

                    My mouth is clearly in the “blockchain-based privacy projects are very likely to be either misguided or outright scams, and this particular project has red flags all over” area. And so my money is on “I need to use tools that actually work; there is low likelihood that this project is such a tool; therefore I shall not waste my time on it”.

                    Demanding that I spent hours analyzing a project that has so many red flags just because you happen do disagree with me is somewhat weird. I’ve spent enough time having this conversation at all, but hey, that’s good entertainment value!

                    It’s not on me to disprove random project’s exorbitant claims (“prevents traffic analysis by an adversary capable of watching the entire network, including the NSA”). It’s on the project in question to prove them.

                    So far I have not seen such proof. I have, on the other hand, seen quite a lot of things that suggest that these claims might, in fact, be unsubstantiated.

                    I could retort by saying: prove to me that the project’s claims are true, “instead of going hurr durr it’s great I love it” (nice veiled ad hominem there, by the way). But I won’t, even though so far I have arguably provided more concrete reasons why I see this project as problematic than you did for your positive take on it.

                    Telling persons why they’ve decided to use tokens and not rely on pure altruism is not token hyping.

                    When the rubber hits the road, “using tokens” in this case means simply relying on greed. And relying on greed instead of altruism for something as fundamental as privacy is very telling. It’s not going to end well.