Lokinet is a onion-router (like tor, i2p) implementation of the LLARP protocol which tries to be a modern re-implementation of i2p. Session is a private messenger (like Signal) built using lokinet to hide metadata. If I understand correctly they have a cryptocurrency called oxen, which is earned or mined by providing servers to the loki network and oxen blockchain.

Imo they have these arguments on their side:

  • i2p is really slow and if re-implementing yields the results they claim it would be awesome
  • building a private messenger on top of onion-routing seems like a very good idea, since metadata is the new surveillance while it doesn’t generate massive amounts of traffic per user

What I worry about:

  • I don’t like cryptocurrencies in general, they haven’t yet proven that they can be used as anything but be used to speculate.
  • if people who are supposed to be the backbone of the onion-routing service are paid to do this I worry that in some (maybe new and still unknown) way this will weaken the network in comparison to a network run by volunteers and users (like tor and i2p). Maybe this will favor larger servers so all of the onion-routing is done in “the cloud” and none from home which in result is easier to surveil.
  • a talk at the yearly chaos computer congress about the alt-rights online behavior titled “Let’s play Infokrieg” (the talk is in German, but I linked the version with english live translation) talks about lokinet and how the developer advertised it on 8chan. This is all the connection they mention though and it’s pretty thin Imo.
  • in general I believe that cryptocurrencies don’t draw a very good crowd, also
  • I haven’t seen any reputable source advertise any of this. Not Lokinet, not session messenger, of course not their crypto coin…

Conclusion:

All of this isn’t a big problem, if they stay a small project. But them having the fastest onion-router, elon musk maybe tweeting about them and people flocking to them to “invest” might have the project gain momentum and them being the new tor or even bigger, applications built on top of it being a threat to signal etc.

I think some of their tech is very cool, a fast and modern onion-router could be very important for future secure web applications, but it’s troublesome

  • it’s in the hands of people nobody knows
  • motivated by financial gain
  • coupled with cryptocurrency

What are your thoughts on this? I am really interested to hear, how we should tackle this in your opinion.

Ephera
3
edit-2
8d

a talk at the yearly chaos computer congress about the alt-rights online behavior titled “Let’s play Infokrieg” (the talk is in German, but I linked the version with english live translation) talks about lokinet and how the developer advertised it on 8chan. This is all the connection they mention though and it’s pretty thin Imo.

This is easy to miss in the talk, but he also hints at the fact that the protocol is called “LLARP”, which is probably a reference to “LARP” – “Live-Action Role-Playing”.

Which may also be something entirely innocuous, like people role-playing life in the Middle Ages, but especially on 8chan may also refer to role-playing as Nazis, or role-playing a first-person shooter with an actual gun in an actual mosque. (The Christchurch terrorist made his announcement on 8chan and was very much celebrated there for his high kill score.)

Under the Lokinet initiator’s announcement on 8chan, someone pointed out that “LLARP” is a funny name for that, to which the Lokinet initiator replied that they considered calling the server implementation “WIZARD”, which is itself a self-referential term for sad virgin men in the *chan-context, but also just shows that the “LLARP” acronym wasn’t accidental.

None of this is concrete evidence, but certainly too close for comfort to the usual alt-right dog-whistling bullshit (dropping words in innocuous contexts that only others in the community will recognize).

I agree that this is pretty thin evidence. It’s worrying though, also what kind of governance do they have? There is a loki CTO, etc. Maybe one day they’ll sell to facebook once enough users are caught in their API and apps?

Maybe what’s worrying me most is how certain people rush towards everything with cryptocurrency in it.

Like it’s a pretty bad situation if all service nodes in this network earn money doing it and that’s their incentive instead of them being volunteers. Why wouldn’t someone just offer them a modified service node software which isn’t distinguishable from the outside, but you earn more money while collecting and give away the tunnels that this server builds? This would cost the attacker some money, but they could figure out who sends what in this network if a large number of service nodes do this.

A network run by enthusiast, non-profits and other groups is way stronger in this regard.

this is the guide on how to set up a service node for oxen, which was formerly called lokinet - aka this is the server run by people that does all of this:

  • Receive, store, and forward encrypted Session messages
  • Route Lokinet internet traffic
  • Monitor other service nodes and vote on their performance
  • Are called into quorums which give them authority over Blink transactions
  • Produce new blocks for the network via Pulse PoS
  • (added by me:) earn crypto

it can’t be run from home, like tor or i2p relay servers.

This means that all the traffic in this onion routing network will just go through a couple of datacenters instead of “all around the world”. I just believe that it’s easier for the FBI etc. to get access to datacenter machines instead of computers run at home. The upside of this of course is, that their onion routing can reach much faster speeds.

Also, as of now, their blockchain already uses 15gb of hdd space on each of the service nodes.

Like I said, the tech is kinda sweet, time will tell if it is a good concept and if it is governed properly.

@ajz
49d

I appreciate your writings here, interesting, thanks.

but it’s troublesome it’s in the hands of people nobody knows

That is a thing in general on the Internet and with open source software and then again “what if you do know them ?” Take for example Signal, you can get an idea who is behind it but can you trust them ? Difficult topic in general.

@Echedenyan
4
edit-2
9d

I am going to reply to just one of the points, so sorry for it.

I don’t know why a lot of these projects don’t have home self-hosting with dynamic IP and through NAT in mind for the services.

In the end, direct participation and support is just impossible for some.

I agree with 2 points of your conclusion though:

  • motivated by financial gain
  • coupled with cryptocurrency

I don’t know why a lot of these projects don’t have home self-hosting with dynamic IP and through NAT in mind for the services.

I am pretty sure that both TOR and i2p allow relay servers with dynamic IP.

@Echedenyan
29d

Yes, TOR accepted my node in the directory when I configured it and openned the needed ports. Means that at least allow Dynamic IP.

has anyone used session?

Yeah of course I have tried their desktop client some time ago. It’s okay, a lot like signals.

@Axaoe
29d

Maybe someone else can chime in that knows, but Session states the following in their FAQ which reads to me as if the crypto portion of the network isn’t yet merged with the messenger at all levels (yet). I would be curious to hear from someone else with more knowledge, as I liked the idea behind the messenger otherwise.

If the two (their coin and the messenger) are able to run together but still stay “unlinked” in regards to message content and I don’t have to hear about earning Oxen by using the service I am more inclined to consider it an option.

The Session team is hard at work fixing bugs and shoring up core messaging functionality, but once the app is working reliably, we’ll be moving on to Lokinet integration to bring voice calling functionality to Session. We’ll keep the community updated on our progress, so be sure to follow our Twitter to stay up to date!

No, your messages are not stored on a blockchain. Messages are stored by swarms, and are deleted after a fixed amount of time (called the “time-to-live”, or TTL). All of your messages are encrypted, and can only be decrypted using the private key which is stored locally on your device.

If the two (their coin and the messenger) are able to run together but still stay “unlinked” in regards to message content and I don’t have to hear about earning Oxen by using the service I am more inclined to consider it an option.

yeah I agree, but imagine if signals traffic was sent through an onion-routing network which wasn’t run by volunteers but by people trying to earn a cryptocurrency. I might be wrong with my suspicion, but I just prefer such networks to be developed by non-profits and run by volunteers.

@Axaoe
38d

That makes sense, I’d rather not have the currency impeed the messenger (regulations, climate impact, etc) if given the choice.

@Raziel
-19d

You seems to have a prejudice with crypto, with profit incentives and in general, people that don’t think like you…

Cryptocurrencies are at this moment being implemented in way to many use cases to name here, for things like preventing your hard earned money to slowly dissapear via inflation and for making transactions basically. Is a tremendous missconception the idea that “speculation” is a bad. Thanks good people speculate all the time, like what youre doing with this post “speculating” or thinking about posible outcomes of a re-implementation of i2p, the acurate your speculation is, higher the chamce of success of the project

Financial incentives are probably the most powerfull incentives to coordinate people who doesnt know each other and (probably didn’t ever like each other) Is not an odeological position, it just a fact.

In your favor you do have a point if you are worried about centralization, that was basically what happend to bitcoin though there are ways to prevent that and at the same time have have the powerfulls incentives for people to participate in the network and share their resources, given the fast loosing of privacy online it doesnt look like a good idea ignore solutions on an ideological basis. Probably the best path fordware is woth more iterations, tryal and error, the more projects out there with different and creative approaches, the better. Sooner or later something will stick

@Echedenyan
2
edit-2
8d

“incentives” noun and “speculation” family of nouns are the most repeated related with the topic of this text

other related words like “crypto”, “financial”, “profit”, “money” and “bitcoin” are named substantially with or without repetition through the text in every.

My conclusion with a little search of what I remember as bachillerato’s student: this post tries to transmit a capitalist idea.

I’ve noticed that the entire c/privacy is anti-crypto. I’m not saying you can’t have your own opinion, but downvoting someone simply because you don’t agree is stupid.

Cryptography is awesome, what isn’t is cryptocurrency.

Financial incentives are probably the most powerfull incentives to coordinate people who doesnt know each other and (probably didn’t ever like each other) Is not an odeological position, it just a fact.

Given that this is a fact, does it automatically mean that it gives the best outcome?

I even addressed this in my post, that I think they might succeed an become bigger than tor but not run by a proper non-profit etc.

I guess as long as the cryptography is good nothing that bad should happen, I and others aren’t forced to use it ^^.

Maybe we’ll fork it without the coin as incentive for people running the routers…

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 39 users / day
  • 74 users / week
  • 203 users / month
  • 541 users / 6 months
  • 2740 subscribers
  • 1206 Posts
  • 5635 Comments
  • Modlog