[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Matryoshka: Are TOR holes intentional?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
From: benjamin barber <barberb@xxxxxxxxxxx>
Date: Wed, 17 Jun 2015 23:36:53 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 18 Jun 2015 02:37:05 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=TybOnnPwGc8EyAnLeM9ik9FxCpMlOwwZFJcmYTaXAZg=; b=LyfAP/5ez51LpzIZuBUjc8xtUWLfm+4JySX/8hZhS26R193eBhsbu3doo9UPz9Bf5I 2b7AvRcR4yK9zlLhlwnshiJKtbHXJmI6Te2kwq/Wco7dMihKZHzBSWXATqZusns2vz+8 W0QeBPonghsU7c+mnf9GGUpsS4mohJt3+XBOrtZJKHrE8phVaWPQRaAda3l2Gng1sBJC oTEXubrdaPoyUQ3segrRvIuaXDSXhECH+YmdrUEoD62pyo5y/LLE01NW6oZFfpipIb/M d9t/Pa1P2CIbNfOGlHgHisDAApoi/lAk5VMVlfzZh6LLEjdoacbWEPlyRdGF7c/87Raj Hq3g==
In-reply-to: <CAMTdTS94DVNt6LsiujHJbUSzRPBbXYzi_Kkk+spCsM0Q12pHWw@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAD2Ti2-xVw_W2YDqkdQHmcHyKBDQjfT5jvc-8m3EAU8UkqxrUA@xxxxxxxxxxxxxx> <20150618045108.GE7957@xxxxxxxxxxxxxx> <CAMTdTS-0j1Efpfg=2aMynD-rvQyu9nQjmRcRF-Ziq=ZV4q97Jw@xxxxxxxxxxxxxx> <CAMTdTS94DVNt6LsiujHJbUSzRPBbXYzi_Kkk+spCsM0Q12pHWw@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

His project was started in july of 2006, which he seems to have been
spearheading in a family business, to supply dark net services to christian
fundamentalists.

http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=4105#ShofarNexus

The guy ran for congress back before the turn of the millennium, so I dont
know if he is brilliant and misunderstood, or if he is a con artist playing
a part.


On Wed, Jun 17, 2015 at 10:59 PM, benjamin barber <barberb@xxxxxxxxxxx>
wrote:

> http://shofarnexus.com/Download
>
> On Wed, Jun 17, 2015 at 10:43 PM, benjamin barber <barberb@xxxxxxxxxxx>
> wrote:
>
>> I didn't have a problem finding Matryoshka networks but not software
>> called "Matryoshka", just as were not using running "onion software",
>> some different software use the Matryoshka network method to communicate.
>>
>>
>> On Wed, Jun 17, 2015 at 9:51 PM, Roger Dingledine <arma@xxxxxxx> wrote:
>>
>>> On Thu, Jun 18, 2015 at 12:02:45AM -0400, grarpamp wrote:
>>> >  We also need to take a serious look at TOR, and
>>> > without emotional bias, consider if a serious flaw was designed in.
>>>
>>> "Traffic analysis is the first hole plugged by Matryoshka, but ignored
>>> by TOR."
>>>
>>> I couldn't figure out how to actually fetch this "Matryoshka" software,
>>> but it sure looks like another case of somebody not understanding the
>>> research field, and thinking that solving the traffic confirmation
>>> attack is easy, without actually thinking through the engineering side,
>>> the scaling side, or the statistics side.
>>>
>>> For background see e.g.
>>> http://freehaven.net/anonbib/#danezis:pet2004
>>>
>>> It makes sense that if you think solving the problem is easy, you
>>> wonder why Tor hasn't solved it.
>>>
>>> But even full scale padding, ignoring the practical side of how to get a
>>> Tor network that can afford to waste so much bandwidth, doesn't provide
>>> protection in the face of active attacks where you induce a gap on one
>>> side and then observe the gap on the other side. And it might even be
>>> the case that these gaps happen naturally by themselves, due to network
>>> congestion and so on, so maybe passive observers will be winners even
>>> against a design that does full padding.
>>>
>>> Also, to make it really work in practice, all users are going to need
>>> to pad not just while fetching their web page or iso or whatever, but
>>> sufficiently before and after that too, else an attacker can match up
>>> start times and end times:
>>> http://freehaven.net/anonbib/#murdoch-pet2007
>>>
>>> This is a great area for further research:
>>> http://freehaven.net/anonbib/#ShWa-Timing06
>>> http://freehaven.net/anonbib/#active-pet2010
>>>
>>> tl;dr the whole premise of this person's blog post is flawed, since
>>> their design likely does not work as they think it does.
>>>
>>> --Roger
>>>
>>> --
>>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>>> To unsubscribe or change other settings go to
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>>
>>
>>
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: grarpamp
- Re: [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: Roger Dingledine
- Re: [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: benjamin barber
- Re: [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: benjamin barber

Prev by Author: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Next by Author: [tor-talk] Hidden service honeypot
Previous by thread: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Next by thread: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Index(es):
- Author
- Thread