On Tue, Aug 19, 2014 at 8:14 PM, Peter Todd <pete@petertodd.org> wrote:

>
> Don't let perfect be the enemy of good.
>

I'm not. I don't think this proposal is even good.


> You realize that by your own definition even the NSA is mostly a "weak
> passive attacker" They do *not* have the ability to attack more than a
> small, targeted, subset of connection for both technical and political
> reasons. For starters, MITM attacks are easily detected - "Bitcoin network
> attacked by unknown agents! Has your ISP been compromised?" would make for
> great headlines and would soon see the problem fixed both technically and
> politically.
>
>
Again, the NSA might get an absolutely trivial amount of data from
monitoring connections on the Bitcoin network. A bit of publicity is *not*
worth drastically increasing the software complexity of the client.


> In any case, my suggestion of enabling hidden service support by default
> adds both encryption and reasonably good authentication.


Enabling hidden service support by default would introduce an insanely huge
attack surface.

And you're conflating two different things; using Tor is valuable to
Bitcoin because it would provide some anonymity. The encryption aspect is
pretty much useless for us.