I disagree with the statement & the impact resulting design decisions have on privacy.
Some notes:
I really wish we wouldn't build p2p networks directly on top of IP addresses. We have better overlay tech.
CD: Finding that some content exists
SD: Knowing where to get it.
An old web example:
CD: Google Search
SD: The resulting Website
(In old web terms, I have a URI, I do DNS resolution to get an IP address and I initiate a HTTP connection and the server sends me the content)
Again: We've known that we can do private source discovery in p2p networks for literal decades.
Why in 2018 are we building new p2p networks that don't offer any reasonable privacy guarantees against mass surveillance capable adversaries?!
You can't distribute trust without consent.
You can't consent without meaningful privacy.
Privacy should be a foundational element in any p2p stack, not a challenge, or a footnote, or a "maybe we will get to this in the future".
Maybe developers think that anonymizing networks are slow and have limited bandwidth (partially true, but mostly a resource issue not a fundamental tech issue)
Surveillance and privacy are marginalized issues that impact different communities unevenly.
Solutions to these problems exist but may not be considered by those building the systems as high priority.
You might not intend that, but that is fundamentally the result.
Is it education about solutions? Is it programming libraries? Is it user stories? Is it design reviews? Something else?
It's part of my job at @OpenPriv to make this happen.
sarah@openprivacy.ca