So, I’m not allowed to ask you for proof of your statement? And if its unrelated, then why did you post it? Its unrelated. Also, you’re saying you have an absence of evidence, ergo you have no evidence. Having no evidence does not qualify as evidence

Asking for evidence wasn’t the issue, believing that the truth relies solely upon a discussion providing such evidence is.

I think you are confusing having an option with something being mandatory.

You misunderstood. Some of your own statements say it matters and is used. Mandatory wasn’t mentioned nor implied.

And Tor nodes are not the same thing as VPN multi-hop.

I just realized you think that Tor is built using multi-hop.

I didn’t state they were the same. Tor uses “multiple hops” (you can find that string the the link I posted earlier). It is critical to the limiting of information seen by any single entity.

And again, if you connected your Firefox browser to Tor, we could still track you. You’d get cookied or localStorage() tracked. When you disconnect from Tor, that stuff is still present in your browser. Almost like the number of hops you take or the IP address used doesn’t seem to really matter, huh?

All that state can be removed. And the server might not be tracking that. Situations vary, adversaries vary. If you cannot imagine a scenario in which hops or IP address would matter, I would suggest doing some research.

Its a real life Dunning-Kruger effect! I’ve never encountered this. You are going to do something really stupid and end up in prison.

Personal swipes mark the end of this discussion. I would suggest you to leave those out next time as It detracts focus from constructive learning.

This will be my last reply. You can also reply if you want (but I won’t see it).

Evidence, or it isn’t true.

Unrelated, but absence of evidence is not evidence of absence.

Anyways, your own statement:

Adtech relies on the OpenRTB 2.5/2.6 spec for tracking, you would have removed 1 identifier out of a hundred (one that isn’t really used anyway given SSAI is so popular).

Removing an identifier that is used. (1/100 = matters, “isn’t really used” != unused). This contradicts your other statements:

Yeah, multi-hop is pointless for tracking.

…IP addresses and multi-hop don’t matter…

Broad statements that don’t take into consideration the threat model of other users. Servers you connect to might not be using source IP in any way to track. You might be leaking so many other identifiers, that its completely useless to worry about multi-hop. But this is not true for everyone in every situation.

If its worth anything to you, the Tor Project seems to think multi-hop and IP addresses matter for protecting against tracking.

I’m unsure what evidence you are referring to.

I’m unsure what evidence you are referring to.

What specifically about multi-hop makes you think it improves your security?

I haven’t mentioned security.

1. You giving some marketing crap you read from a VPN provider site on their multi-hop service.

I’m sorry, but that isn’t correct.

You almost had the rest of the sentence there:

That doesn’t change the contradiction.

Yeah, multi-hop is pointless for tracking.

The logic to it is crazy too. People think VPNs make them anonymous (they don’t), but they also think multi-hop makes them MORE anonymous.

Whether multi-hop matters to tracking is far and away a different discussion than whether multi-hop “makes you anonymous”.

I too disagree with the original comment, but also believe the pendulum swung too far the other direction in your replies.

Situations differ. Threat models differ. More hops can, from direct personal experience, make the difference in tracking. Your claim of “…multi-hop is pointless for tracking.” has too broad of a scope to be correct.

Remember to read the rest of that sentence:

It doesn’t change the contradiction.

I might have been experiencing this issue for the longest time. System fully locks up and is completely unresponsive. Happened on every distro I used.

Last distro I had it on was Artix Linux. Then I tried Alpine and I don’t think I’ve had it happen since.

…specifics about WHY IP addresses and multi-hop don’t matter.

…you would have removed 1 identifier…

So it can matter.

VPNs don’t prevent tracking, they just make sure the tracking is done through a secure tunnel.

The extra hop adds a significant barrier for the website in knowing the actual source IP. The fake source IP is likely used by many other users, and the user you are trying to track can easily rotate VPN IPs.

Its one less identifier for them to use.

…saying what newsom or allred said.

I don’t know about allred, but if this is the Gavin Newsom statement you’re referring to:

I think it’s an issue of fairness, I completely agree with you on that. It is an issue of fairness — it’s deeply unfair…

Then I don’t understand how it goes from that to:

…cheering on as trans people are murdered in camps…

5. Remote didn’t work as well for the company.
6. Remote didn’t work as well for any number of people at that company.

3. Tradition.
4. Belief that work-from-home is less efficient.

…that proved that the algorithms/protocols work.

You can use a perfect algorithm and still be insecure because the implementation was bad. You are trusting the SimpleX Chat devs to a degree.

I wouldn’t trust encryption made by anti-vaxer more than…

Important to note: SimpleX Chat has gone through two security audits.

The SimpleX Chat is AGPL. If the founder is problematic, one can fork it and avoid reinventing what has already been made.

It is forkable if necessary. I do think SimpleX is a great piece of software that shouldn’t be reinvented because of the founder.

There was this recent attack to XZ utils, which shows that more attention is needed on the code being merged and compiled.

XZ was made possible largely because there was unaudited binary data. One part as test data in the repo, and the other part within the pre-built releases. Bootstrapping everything from source would have required that these binaries had an auditable source, thus allowing public eyes to review the code and likely stopping the attack. Granted, reproducibility almost certainly would have too, unless the malware wasn’t directly present in the code.

Pulled from here:

Every unauditable binary also leaves us vulnerable to compiler backdoors as described by Ken Thompson in the 1984 paper Reflections on Trusting Trust and beautifully explained by Carl Dong in his Bitcoin Build System Security talk.

It is therefore equally important that we continue towards our final goal: A Full Source bootstrap; removing all unauditable binary seeds.

Sure you might have the code that was input into GCC to create the binary, and sure the code can be absolutely safe, and you can even compile it yourself to see that you arrive at the same bit-for-bit binary as the official release binary. But was GCC safe? Did some other compilation dependency infect the compiled binary? Bootstrapping from an auditable seed can answer this question.