[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] "Remation" -- joint GCHQ/NSA meeting on Tor



On Fri, Oct 04, 2013 at 05:43:32PM +0200, Griffin Boyce wrote:
>   There's been a really interesting document to come out of the Guardian
> todhttp://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-documenay:
> http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
> 
> Interestingly:
>   - NSA/GCHQ was fingerprinting using Flash
>   - They were wondering whether to flood the network with slow
> connections in order to discourage users
>   - Cookie leakage
>   - Timing attacks
>   - Supposed bug in TorButton mid last year
> 
> There are some questions in my mind as to the legitimacy of this
> document -- particularly given that a slide is marked 2007, but
> references 2012. (In particular, neither Torservers nor TorButton
> existed in 2007).
> 
> Thoughts?

I think "flood the network with slow connections" is a mis-read; they
seemed to be speaking of slow nodes that falsely advertise high bandwidth,
an attack which won't work since we now cap unmeasured bandwidths to
20 kbit/sec IIRC.

Their evident interest in this sort of thing suggests we should examine
the bwauth system more closely to be sure the node can't distinguish a
bwauth measurement from other connections, though - otherwise they could
still manipulate the path selection weights like that.

-- 
Andrea Shepard
<andrea@xxxxxxxxxxxxxx>
PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF  DE79 A4FF BC34 F01D D536
PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5  DF7E 4191 13D9 D0CF BDA5

Attachment: pgp6bkJFx8Nz9.pgp
Description: PGP signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk