Comments (11)
It wouldn't. And it wouldn't be what Tor was designed for. It was designed for people in ************s like China, or people that have to fear a political prosecution for their statements. Not because people's feelings are hurt because one server knows a phone's IP that doesn't get logged long-term.
from cwa-documentation.
Please, there's already 200+ comments about this in #13 that don't lead anywhere. Opening new issues for the same thing doesn't help at all, it just makes the discussions repeat even more than they already do.
No, the traffic is not routed through Tor. No, the server knowing client IPs is not a security issue.
from cwa-documentation.
We don't want to add 40M clients to the TOR network. No one knows if the network would withstand that. Also the load on the mobile networks would increase significantly.
from cwa-documentation.
It was designed for people in ************s like China, or people that have to fear a political prosecution for their statements.
It was also designed to protect journalists in those ************s. Or whistleblowers.
The more „regular” people hop onto the network, the better those people get protected. (Because the noise increases)
No one knows if the network would withstand that.
The state could host exit nodes. I'm sure, Deutsche Telekom has infrastructure for doing so.
Also the load on the mobile networks would increase significantly.
You're already zero-rating videos of certain service providers. That could be another exemption.
(I'd prefer net neutrality, personally)
from cwa-documentation.
It was designed for people in ************s like China, or people that have to fear a political prosecution for their statements.
It was also designed to protect journalists in those ************s. Or whistleblowers.
The more „regular” people hop onto the network, the better those people get protected. (Because the noise increases)
Tor was designed by the NSA for the american government, only afterwards "given away" as opensource project.
This fact does not get mentioned a lot of time, but seems quite important...
I dont see a reason to blindly trust Tor.
It has already been broken before.
from cwa-documentation.
It has already been broken before.
So does iOS and Android. Nevertheless those are used, too.
You rarely hear of TOR hacks, though.
from cwa-documentation.
I think this is unnecessary since you "trust" Apple and/or Google if you use a smartphone to use this app.
from cwa-documentation.
Yes, you do have the choice to trust Apple or Google. Yet you have no choice but to place trust in telekom with the backend.
from cwa-documentation.
@Leseratte10 those are different things in #13 voices concerns with manipulating data stored on the device whereas this ticket voices concerns with metadata stored on the server.
from cwa-documentation.
@Leseratte10 those are different things in #13 voices concerns with manipulating data stored on the device whereas this ticket voices concerns with metadata stored on the server.
Such issues are also discussed there. At a certain point you will have to trust every backend, at least to a certain extent. However, you will be able to see which data is sent to the server, as the backend will be open source. As @Leseratte10 already pointed out, this will most probably be the IP address only (and the maintainers already confirmed that the IP will be deleted after a short period of time).
from cwa-documentation.
It has already been broken before.
So does iOS and Android. Nevertheless those are used, too.You rarely hear of TOR hacks, though.
All it takes is one entrypoint ;)
The people that initially made Tor are likely also the best to know their weaknesses.
They have no incentive to report to the public when they find vulnerabilities.
And we know they did so in the past (hiding vulnerabilities), seems reasonable to think they continue being the same way.
from cwa-documentation.
Related Issues (20)
- "Information about QR codes" screen still mentions DCC ticketing HOT 3
- App includes note that health authority will ask for list of contacts HOT 19
- CWA Open-Source-Team Support in September HOT 1
- App can't consider cases where no certificate of recovery can be issued because of the 180 days limit HOT 7
- Note of booster vaccination shown for kids HOT 2
- Questions on definition on in-app statistic terms HOT 11
- Question on "Days Since Onset of Symptoms" paragraph in CWA solution architecture document HOT 2
- my certificate does not validate for France HOT 18
- "Check Validity for Travel" fails for many EU countries with lifted restrictions HOT 7
- Maintenance Costs HOT 12
- Is there a "quarantine" period for uploaded DKs? HOT 3
- Will there be a minimum days of install threshold before a warning can be issued (version 3.0)? HOT 11
- Entry into Japan / App restricts cert renewal to newest cert only HOT 9
- Linked TCN Coalition website shows now gambling/online casino? content HOT 5
- Transnational Exposure Logging states Germany (still) participates HOT 8
- The CWA development ends on May 31, 2023. You still can warn other users until April 30, 2023.
- Why did the app show that only two people warned on Sunday (09.04.23)? HOT 5
- Certificate & Journal info text refer to features unavailable in hibernation state HOT 3
- Contact journal refers to unavailable functionality in hibernation state HOT 1
- Onboarding Screen not Adapted to EOL HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cwa-documentation.