[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [OT] mitigating or defeating syntax analysis

On Fri, Apr 18, 2008 at 11:10:05AM +0200, Jan Reister wrote:
> Il 18/04/2008 10:12, Vlad "SATtva" Miller ha scritto:
> >One way is to use machine translators: translate your English text to
> >another language, and then back to English. 
> Typing habits are also patterns. Switch the keyboard layout, or use a 
> software keyboard with your mouse, or type with the little finger of 
> your left hand only.
> Tor works against traffic analysis, but whatever you do with Tor always 
> reveals something about you.

To be clear, this is both a recognition of where the hard problems are
and a design choice not just fatalism.

Onion routing has always been about separating anonymity of the channel
from anonymity of the data and providing the first but leaving the
second up to the needs of the application. 

Every iteration, including Tor, has stressed that just anonymizing the
channel is a hard enough job. So it has always been the primary focus
while doing things about anonymizing transmitted data is important
but not as immediately central.

In the days when proxies were relatively novel and controls for
cookies and active content in browsers were nonexistent or minimal,
we had both anonymizing and nonanonymizing http proxies. For all
anonymizing communication networks, data anonymity depends on channel
anonymity: if you are identified by the channel, it doesn't matter
that you anonymized the data. But usually the other direction is
independent. When Crowds came along it was a nice clear contrast
because their channel anonymity against the nodes carrying the traffic
depended on anonymizing the data.

On the specific topic of text patterns I would be curious to know if
there is any analysis on how well the jumping frog technique suggested
above works in practice. And to add one more reference to check out,
at the other extreme from what we've been talking about, cf.
"Natural Language Watermarking and Tamperproofing" by Atallah et
al. in Information Hiding 2002.