[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor Project 2008 Tax Return Now Online



Jonathan D. Proulx wrote:
While I do think it's good to see the funding there are two points that
are important to remember.

1) this is a freesoftware project the code is there for all to see,
hopefully clueful people other than the US Government are reading it.

Unfortunately, whilst there are clueful people watching the software, no one has yet decided to publically produce and share a modified version of this code which protects from a Global Adversary who is analyzing the traffic (real time or.not).

I await that day, but believe it will not be soon, because it would be foolish to take on such a task, only to have the Tor project themselves then radically change the code and so as to make the unofficial modification obsolete.

2) no matter who's funding it the US gov't could read the code (see
above) and would continue to (potentially) have a near global view of
internet traffic.

Well its obvious that who funds it get to make the decision as to what anonymity "protection" gets put in. So if you were the Global Traffic Analysis Adversary then you would distract, delay, deny and defend lack of protection from your analysis. If you also funded the project then that would make that task easier.

So whilst there is no protection in Tor (by official policy) from the Global Traffic Analysis Adversary (aka US -GOV) then you can expect to unmasked for every usage you make of Tor. Unless of course, you were the US -GOV in which case you can add that protection into your Tor nodes and Tor clients.

For instance if I were US - GOV (i.e. it was my job to spy on your traffic) I would, at the very least,

1. Set up global INTEL network of private and institutional Tor servers.

These servers would be .edu, .gov, .net (running at legit ISP's), as well as from the homes of hundreds of operatives (police, CIA, FBI, NSA, Homeland Security), .mil (e.g. force bases overseas) and other .gov officials (embassy staff, trade orgs, propaganda orgs like Voice of America offices) globally.

2. On those INTEL servers, a modified Tor software would be run with modifications to create a supersecure subset of Tor.

These servers would either be self identifying (as the supersecure servers - SS) or receive a list of ips from a central server.

I'd give some of these SS servers name like anarchist, whacko, anarchist or anti-gov/big brov but their ip's would appear to be from telco's, R&D/Ops contractors..

3. Relatively minor modifications to the Tor code would add this extra protection and priority for the officially supersecure traffic. e.g.

i/ Higher/extra layer encription.
ii/Protection from Traffic analysis - extra long random length circuits (n = 3..6 variable), chaff traffic (70-90% variable chaff), multiplexed traffic (mixed circuit streams - TOP SECRET) and multiple route traffic (split circuit streams - EXTREME TOP SECRET).
iii/Traffic delivery Guarantees

4. Non-supersecure (normal) traffic would be labeled to separate its treatment (as well as logged with the identity ip of the originating Tor user. Potentially then the circuit builders Tor user ip could be sent on secretly, in another layer, to as far as it will go in this SSS Intel network)

5. Potentially, normal Tor traffic could be deliberately sent, by these SS servers, in specific traffic analysis timed sequences to make easier to pick it up when it exits the SSS Intel network by traffic analysis systems . A sort of traffic "signature" to be followed to the source.

To a large extent freesoftware defends agains the worst abuses funders
can demand (1), but I wouldn't fully trust TOR against China either (2)
No comment
-Jon
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/


***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/