As long as we are talking about classical communication (and not quantum) it is impossible to prove that it isn't collecting at least ciphertext logs.

Consider a certified tamper-resistant operating system which cryptographically certifies the versions of software it operates, and prohibits uncertified processes from running. The certificate of authenticity verifying the software is made available to the clients which connect to the remote application. This cert specifies all of the program transforms which were required in order to produce the compiled software, and they specify the capabilities required for the transform.

It is certainly a very hard and complex problem but I wouldn’t necessarily go as far as “impossible”. Maybe you know something I don’t know, though.

> Consider a certified tamper-resistant operating system which cryptographically certifies the versions of software it operates, and prohibits uncertified processes from running.

If I own the hardware, I can decide how the software is executed, including containerizing your certification processes to make them feel warm and fuzzy and happy but in reality they are running inside a simulation.

If push comes to shove I could theoretically manufacture my own RAM sticks that copy everything and your OS wouldn't even know, but there's a 99% chance I could successfully pull it off at the kernel virtualization level.

Not really. Tor, I2P, and Monero manage this just fine. Building on these technologies should allow one to have privacy and anonymity without any exotic quantum technology.

Well they don't actually, Tor especially has enormous amounts of government nodes so they can trace and log exactly what and who. And all of those still rely on the IP network which always will allow logging without you ever knowing, it's just math really, the proof of not-logged is just impossible.

Interesting, do you have a source? All fully p2p networks are vulnerable to sybil attacks to some extent, but specifically a source that Tor actively has enough "government nodes" to de-anonymize everything.

These technologies give privacy and anonymity under normal conditions, but they do not prevent anyone from logging ciphertexts. If someone has logged ciphertext, and the government subponies someone to divulge their private key and subponies whoever has the ciphertext, those ciphertexts as good as plain text.

I mean, I don’t think anyone really expects that encrypted messages are necessarily secure in context of stolen private keys. I assume that a lot of encrypted traffic is either recorded at the ISP/backbone level or at least can be on demand.