I've been reading about the token model and how it relates to anonymity and no logging. I'm not a tech expert or anything, just an average internet user who'd like to stay anonymous on the net. I have some questions and I don't intend to come across as combative.
As I understand it, you claim Cryptostorm provides the following:
1. You don't know who's on your network, meaning a person's identity (name, address, etc.), the token model prevents this.
2. You don't know specifically what traffic is going across the network, that is you can't tell if a packet is from YouTube, or a torrent, an FTP transfer, that sort of thing.
3. You don't know the source of the traffic, that is you cannot determine the originating ip, at least not with complete confidence.
4. You don't do any logging whatsoever of what's going through the network, as far as what token is connected, what traffic is associated with that token and what that traffic consists of. In fact the network is designed so that it's impossible to match packets to a token.
5. Your network is designed so that even if you wanted to, you could not kick someone off the network, by deactivating the token or some other means. Let's assume someone isn't so clumsy as to reveal something that would let you identify them and their use of the network.
To paraphrase the above, "We don't know what you're doing, when you're doing it, who you're doing it with, we don't want to know, and even if we wanted to know we wouldn't be able to find out". Please correct me on any of these points I may have wrong.
I'd like to post a hypothetical just so my understanding is clear. I'm not using Crypostorm, but if I were I wouldn't engage in the following behavior and don't support anyone doing so. The scenario that follows is just to hopefully illustrate how secure or not the Crypostorm network and model is.
A. Crypostorm receives a tip they believe 100% true that someone is going to use their network to destroy the world. It's known that this person is already using the network. Again let's assume this person or persons hasn't revealed themselves in some way. Let's say that the exact date this will happen is unknown, but it will be some number of days before the event. In the meantime this person is using the network to make preparations. Is it Crypostorm's position that the ONLY way to stop this person would be to take the network completely offline?
B. Same as above, but the person or persons hasn't yet signed up for the network. Could this person be stopped by Crypostorm without taking the network down?
It would be interesting to know if this person's traffic were unique in some way, would that change the outcome. I'll leave that to you to explain, if you choose to. I believe the scenario as presented will satisfy my curiosity.
C. Some entity takes control of the servers and wants to enable logging. Let's assume they only want to enable standard network/OpenVpn logs (I really have no specific idea what those are or how they're normally used), filters, whatever standard tools and practices are. Would they be able to determine users identities, traffic, etc. as outlined in points 1 -5?
Regards to all.