[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] What the NSA cares about getting and defenses



Prompted by the Ars Technica reporting on QUANTUM, I took a look at the
slide and read the text, as well as compared to the MULLINIZE document
describing NAT breaking. My conclusion is that the NSA obtains significant
amounts of information from user activity in between closing browsers, and
that current Tor Browser Bundle remains vulnerable to this attack.

QUANTUM appears to rely on inserting fake references to third party assets
and manipulating cookies in the requests made by the browser in response. I
propose that we block third party cookies unless over HTTPS to mitigate
this problem, and try to encourage users to use more frequent new
identities.

MULLINIZE achieves the reliable tracking of individual users behind a NAT
through similar tricks. It is clear that the NSA views this information as
valuable, even without real-world addresses to tie to it. Linkability
across pages is difficult: breaking sessions is a major cost of the obvious
no cookies approach to preventing this sort of attack.

Sincerely,
Watson
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk