[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Re[2]: Can governments block tor?

David Benfell writes:

> I'm seeing this as a nightmare.  If it isn't possible to disguise the
> fact you're using or serving tor--and last time I did a tcpdump on my
> outside interface, it stuck out like a sore thumb--doesn't that
> undermine its usefulness?  (And I assume you mean SSL could be used to
> encrypt content, not the destination of a tor server.)

Different people have different threat models.  Tor fits well into the
threat model of people in places where privacy-enhancing technologies
are legal to use.  It currently isn't as much help to people who could
get in trouble just for using these technologies.

It doesn't seem that anyone has solved the problem of how to make a
publicly-deployable privacy technology whose users can't be identified
as privacy-enhancing technology users by an eavesdropping adversary*.
So we might say that there are potentially a lot of people whose threat
models haven't been addressed well by the state of the art.

* Whether this is true depends on what counts.  If people are allowed to
  use SSL or VPNs, are allowed to send what could be cover traffic over
  them, are allowed to use them for a long time starting fairly abruptly,
  and have access to means of publicity about proxy locations and access
  methods that the adversary might not hear about, they might have a
  chance.  I think that's a lot of conditions.

Seth Schoen
Staff Technologist                                schoen@xxxxxxx
Electronic Frontier Foundation                    http://www.eff.org/
454 Shotwell Street, San Francisco, CA  94110     1 415 436 9333 x107