Token-based authentication is something we've designed to qualitatively improve the real-world security of network members. Simply put, it's structured such that the network has no need to know anything about our members. Instead, a token serves as the sole method to gain access to the network. We have no "customer database," no "subscribers," no billing information, and no personal information regarding network members. A "member" is by definition someone who has token-based access to the network. That's all.
Now, for this component of our security model to scale and truly grow roots, it's best for other, outside entities to handle the actual sales of tokens to network members. It's clear why this is so: if we're selling tokens, ourselves, then (in theory) we could keep a record of who bought what token. With that (again, in theory), we could track what a person is doing whilst connected to the network. That's bad.
- (Yes, we know, the 'solution' to this problem currently in vogue with the "VPN industry" is to blather on about "no-logging" policies... at the same time that "VPN companies" routinely and publicly acknowledge that they cooperate with police, spies, and pretty much anyone who demands network access so they can snoop on individual people using the network; our team was the first to announce a "no logging" policy - in 2008 - so we're quite aware of the thinking behind it. However, simply put, no-logging polices are impossible to independently verify. This is a point at once obvious and profoundly disturbing. Our network-based model is a partial solution to this structural problem.)
In contrast, when an individual network member purchases their tokens through a third party - a reseller - then there's no way for us at cryptostorm to know who is making use of that token.... unless the reseller is secretly collaborating with us to track token purchases by person. But, if there's enough truly independent resellers, this problem can be resolved through a trust-based market mechanism: trusted resellers can publicly assert their independence from cryptostorm and, based on their existing reputations, earn more token sales as a result.
- (we're also actively encouraging the development of "token tumbling" services that use formal cryptographic tools to ensure tokens are truly decoupled from any identity based on original purchase - more on that, soon...)
As a direct result, we're keen to support token resellers as an integral part of our security model. The reselling process is quite simple. At a discounted price, we provide newly-minted tokens in bulk to those who wish to purchase them for resale. That's it. Those resellers can then do with them as they fit: sell them, we'd assume, but that's not actually up to us.
- (please recall that newly-minted tokens don't begin "eroding" towards their expiration date until they've been used the first time to authenticate into the cryptostorm network; so, if they sit on the virtual shelf for a while until being resold and used the first time, it's no problem - they don't go stale)
We're still fleshing out the mechanics of our token resales process. However, for folks (or project teams) who'd like to get a jump on things, we're happy to get going now. Please understand that this is an evolving mechanism, and it's likely to be somewhat fluid in these early months. Things like discounts based on volume, prepaid allowances, secure bulk token distribution channels and so on will develop as a result of these early steps in the process.
Our resales team can be contacted at: [email protected] - they'll work with you to create the most elegant way to get things going.
- - -
Enabling truly anonymous access to a production class, commercially-provisioned, professionally-managed, highly-scaleable darknet infrastructure is one of the missing pieces in our successful collective response to massive, dragnet surveillance by the NSA and others. Tor does a great job of providing anonymous access to network resources - but at the cost of scalability and performance, since all network resources must be donated and with a no-cost-for-use model, the more capacity that's added, the more demand that'll swamp that capacity. Tor's an excellent, well-designed tool and an essential piece of the privacy puzzle... but it's not the entire puzzle, all by itself - and it will never be able to be that, by design.
Conversely, "VPN companies" are making a small group of unscrupulous individuals a fair bit of cash by promising "privacy" whilst simultaneously betraying their customers to whoever pressures them sufficiently (also: Torguard, of course). Equally bad, nearly all make catastrophically fundamental errors in cryptographic engineering - so bad that the "encryption" they promise is basically useless as real protection: "security theatre," in Bruce Schneier's memorable turn of phrase. The benefit customers receive is that the connectivity these fly-by-night companies provide, for the most part, isn't horrifically slow.
This is a bad trade, either way. It's also an unnecessary trade. The trick is to enable genuinely anonymous access and commercial-class, scalable network infrastructure (plus, of course, crypto implementation that doesn't suck).
That's what token-based authentication is all about.
- - -
We're looking forward to working with resellers of all types, from small groups of activists sharing tokens to more sophisticated, formal, wide-reach efforts. In truth, we don't know how all this will develop over time - it's new, and it's never been done before. We'll learn as we go, and do our best to ensure the benefits of token-based auth are available to anyone who needs them.
- ~ cryptostorm_ops
ps: no, not this kind of "token"