[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r8944: early comments from sjmurdoch (tor/trunk/doc/design-paper)

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] r8944: early comments from sjmurdoch (tor/trunk/doc/design-paper)
From: arma@xxxxxxxx
Date: Mon, 13 Nov 2006 02:17:33 -0500 (EST)
Delivered-to: archiver@seul.org
Delivered-to: or-cvs-outgoing@seul.org
Delivered-to: or-cvs@seul.org
Delivery-date: Mon, 13 Nov 2006 02:17:40 -0500
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: arma
Date: 2006-11-13 02:17:31 -0500 (Mon, 13 Nov 2006)
New Revision: 8944

Modified:
   tor/trunk/doc/design-paper/blocking.pdf
   tor/trunk/doc/design-paper/blocking.tex
Log:
early comments from sjmurdoch


Modified: tor/trunk/doc/design-paper/blocking.pdf
===================================================================
(Binary files differ)

Modified: tor/trunk/doc/design-paper/blocking.tex
===================================================================
--- tor/trunk/doc/design-paper/blocking.tex	2006-11-13 03:55:35 UTC (rev 8943)
+++ tor/trunk/doc/design-paper/blocking.tex	2006-11-13 07:17:31 UTC (rev 8944)
@@ -143,9 +143,9 @@
   protests).
 \item As a second-order effect, censors aim to chill citizens' behavior by
   creating an impression that their online activities are monitored.
-\item Usually, censors make a token attempt to block a few sites for
+\item In some cases, censors make a token attempt to block a few sites for
   obscenity, blasphemy, and so on, but their efforts here are mainly for
-  show.
+  show. In other cases, they really do try hard to block such content.
 \item Complete blocking (where nobody at all can ever download censored
   content) is not a
   goal. Attackers typically recognize that perfect censorship is not only
@@ -215,10 +215,19 @@
 of network development, once the system has reached a certain level of
 success and visibility.
 
-We do not assume that government-level attackers are always uniform across
-the country. For example, there is no single centralized place in China
-that coordinates its specific censorship decisions and steps.
+We do not assume that government-level attackers are always uniform
+across the country. For example, users of different ISPs in China
+experience different censorship policies and mechanisms.
+%there is no single centralized place in China
+%that coordinates its specific censorship decisions and steps.
 
+We assume that the attacker may be able to use political and economic
+resources to secure the cooperation of extraterritorial or multinational
+corporations and entities in investigating information sources.
+For example, the censors can threaten the service providers of
+troublesome blogs with economic reprisals if they do not reveal the
+authors' identities.
+
 We assume that our users have control over their hardware and
 software---they don't have any spyware installed, there are no
 cameras watching their screens, etc. Unfortunately, in many situations
@@ -228,14 +237,7 @@
 Section~\ref{subsec:cafes-and-livecds} for more discussion of what little
 we can do about this issue.
 
-We assume that the attacker may be able to use political and economic
-resources to secure the cooperation of extraterritorial or multinational
-corporations and entities in investigating information sources.  For example,
-the censors can threaten the service providers of troublesome blogs
-with economic
-reprisals if they do not reveal the authors' identities.
-
-We assume that the user will be able to fetch a genuine
+Similarly, we assume that the user will be able to fetch a genuine
 version of Tor, rather than one supplied by the adversary; see
 Section~\ref{subsec:trust-chain} for discussion on helping the user
 confirm that he has a genuine version and that he can connect to the
@@ -244,10 +246,10 @@
 \section{Adapting the current Tor design to anti-censorship}
 \label{sec:current-tor}
 
-Tor is popular and sees a lot of use. It's the largest anonymity
-network of its kind.
-Tor has attracted more than 800 volunteer-operated routers from around the
-world.  Tor protects users by routing their traffic through a multiply
+Tor is popular and sees a lot of use---it's the largest anonymity
+network of its kind, and has
+attracted more than 800 volunteer-operated routers from around the
+world.  Tor protects each user by routing their traffic through a multiply
 encrypted ``circuit'' built of a few randomly selected servers, each of which
 can remove only a single layer of encryption.  Each server sees only the step
 before it and the step after it in the circuit, and so no single server can
@@ -350,7 +352,7 @@
 users contributes to sustainability as above: Tor is used by
 ordinary citizens, activists, corporations, law enforcement, and
 even government and military users,
-%\footnote{http://tor.eff.org/overview}
+%\footnote{\url{http://tor.eff.org/overview}}
 and they can
 only achieve their security goals by blending together in the same
 network~\cite{econymics,usability:weis2006}. This user base also provides
@@ -594,7 +596,15 @@
 encryption were used, it would still be expensive to scan all voice
 traffic for sensitive words.  Also, most current keyloggers are unable to
 store voice traffic.  Nevertheless, Skype can still be blocked, especially at
-its central directory service.
+its central login server.
+%*sjmurdoch* "we consider the login server to be the only central component in
+%the Skype p2p network."
+%*sjmurdoch* http://www1.cs.columbia.edu/~salman/publications/skype1_4.pdf
+%-> *sjmurdoch* ok. what is the login server's role?
+%-> *sjmurdoch* and do you need to reach it directly to use skype?
+%*sjmurdoch* It checks the username and password
+%*sjmurdoch* It is necessary in the current implementation, but I don't know if
+%it is a fundemental limitation of the architecture
 
 \subsection{Tor itself}
 
@@ -1372,7 +1382,7 @@
 step in a circuit) help protect against certain attacks
 where the attacker runs a few Tor servers and waits for
 the user to choose these servers as the beginning and end of her
-circuit\footnote{http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ\#EntryGuards}.
+circuit\footnote{\url{http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ\#EntryGuards}}.
 If the blocked user doesn't use the bridge's entry guards, then the bridge
 doesn't gain as much cover benefit. On the other hand, what design changes
 are needed for the blocked user to use the bridge's entry guards without
@@ -1587,7 +1597,8 @@
 pass their self-reachability tests---the software and installers need
 more work on usability first, but we're making progress.
 
-In the mean time, we can make a snazzy network graph with Vidalia that
+In the mean time, we can make a snazzy network graph with
+Vidalia\footnote{\url{http://vidalia-project.net/}} that
 emphasizes the connections the bridge user is currently relaying.
 %(Minor
 %anonymity implications, but hey.) (In many cases there won't be much

Prev by Author: [or-cvs] r8943: compress so the last page isn't mostly whitespace (tor/trunk/doc/design-paper)
Next by Author: [or-cvs] r8962: commit some new package names i found in my sandbox (website/trunk/include)
Previous by thread: [or-cvs] r8943: compress so the last page isn't mostly whitespace (tor/trunk/doc/design-paper)
Next by thread: [or-cvs] r8945: Patch from tup based on patch from Zajcev Evgeny: Make Trans (in tor/trunk: . src/or)
Index(es):
- Author
- Thread