On Thu, Dec 15, 2005 at 02:35:06AM -0500, Roger Dingledine wrote: > But even so, once we have a sense of what sorts of attacks are likely, > we can also start looking at some specialized padding techniques for > Tor users to blend together better without paying too high a price in > overhead. The goal is not to beat arbitrary statistical attacks, but > to increase false positives (and maybe false negatives) with respect to > specific attacks. Roger, the current Tor experience is already terrible as it is. It would be far more urgent to implement quality metrics (throttle abusers and favor people who donate lots of bandwidth), and only then to limit the entry barreers (Tor plugin for browsers, simple one-click installation, NAT penetration, whatever) to draw in more users. Injecting chaff will only drive the network into unusability for interactive use, so only abusers with robots are left. Please don't go there. The current directive (which is not yet even binding law, until passed locally) asks for logs -- on the side of commercial providers. So your ISP sniffs Tor traffic (it's a lot of traffic), and sends the logs to fur-browed knuckledraggers somewhere. What are they going to with it? They're not TLAs. TLAs may very well consider Tor broken (in fact, I've heard such hints through the grapevine), do I care very much? Not really, it's not my threat model. I just want to maintain some privacy online, and not be subjected to profiling and censorship. -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
Attachment:
signature.asc
Description: Digital signature