[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Traffic shaping attack



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

coderman <coderman@xxxxxxxxx>:

>> Let's assume that the service is extremely popular, with over 6 terabytes
>> of traffic each day, and a gigabit port almost constantly saturated. Then,
>> we can observe a small handset of guards and still be able to spot at
>> least some users.
> 
> the problem with high traffic sites is a local confirmation attack.
> E.g. your colo line is really active! and on a short list of suspects
> above large traffic threshold.

Yes, it's true and it's another problem to deal with. I don't know what 
(if any) measures admin took to protect himself. Maybe the site is hosted 
in a jurisdiction where the site content is legal, who knows.

- -- 
Oskar Wendel, o.wendel@xxxxxxxxxxxxxxxxx
Pubkey: http://pgp.mit.edu/pks/lookup?op=get&search=0xB5E3846CD40F08E3
-----BEGIN PGP SIGNATURE-----

iQEcBAEBAgAGBQJW9qznAAoJELXjhGzUDwjjE/EH/RdcRsWcVaN0wh+j6g8JukrG
qyG/9RgCavWZh8Y0bHVpzymOmr19OecjpnzyjsfrCQN27pxFBInowat9r79+xIQc
j8EV7NpktRjuX+pRhfC8pBgFymGdrhE9gtQ1J/RA+r2JjEyLUDkolUHAHcAjwbVN
kHGZwtLhaC651t0XdhBzc5zSUeiqmEZX94q325KadNwr0zkpTS57RB77pd1sTl+H
IqZkNdcDhkr7wwqEQS1OFaSZxfcHsy55cnXSzIfcUawq2YDhJMrajfLJchz0kEgr
9GZoaNKh6koIlA8JXDbbsChMuEZEpUz0xG8hHQFgaVgd50w7EUECH1eQ2xTThsM=
=bjMx
-----END PGP SIGNATURE-----

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk