Re: [declan@well.com: [Politech] E.U. Parliament votes to force "data retention" on telecom, Net firms [priv]]

["Jeffrey F. Bloss" <jbloss@xxxxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 14 December 2005 08:00 pm, nile wrote:
> Correct me if I'm mistaken, but I believe the laws do not require
> holding onto the content of the call/data, just the routing information
> or phone numbers. If so, it's interesting to note that that's exactly
> what Tor is for - defeating _traffic_ analysis.

It seems to me that traffic analysis is the one major thing Tor is susceptible 
to. Being a real time, the Tor network can be compromised by someone who has 
the ability to colate ingress and egress traffic, and this legislation gives 
the "EU" the ability to sit back and examine an entire regional network at 
its leisure. I also heard a rumor that jurisdictions like Cuba and Hong Kong 
might be affected, because they use British Net Service Providers.

An over simplified and purely theoretical scenario...

Some French whistleblower guy name "Joe" publishes information about the 
nefarious activity of XYZ Inc on a blog in the Netherlands. Lets say he posts 
to it with a bit of regularity for a couple months.

With this new logging in place XYZ might be able to force law enforcement to 
perform a simple query of the data to discover exactly who is posting the 
information. It's a simple (?) matter of searching for connection times to 
the blog, and comparing them to times that "Joe" makes connections to a Tor 
node. If Joe builds a new circuit at 2PM and the blog is updated at 2:00:01 
PM, and this relationship can be demonstrated for some period of time, it's 
pretty clear that it won't take 6 months of data to prove beyond any 
reasonable doubt Joe is the blog owner.

Prior to this "broad" loggin being in place it would have been necessary for 
Johnny Law to have some prior knowledge. They'd have to suspect Joe, and then 
invest the time and resources in logging both Joe and the blog site. Now, 
they can simply sift through the already collected data looking for people 
who use Tor connections at the same time the blog is accessed.

Apply this logic to the "Music Industry" and its dog with a favorite bone 
tenacity for outing 9 year old kids who download MP3's they already have on 
CD and... :*(

- -- 
Hand crafted on December 15, 2005 at 00:52:29 -0500

Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
                                  -Groucho Marx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDoQsoRHqalLqKnCkRAh7FAJ4xWtYpc0ynVYLfzukbFVdvZXcEGQCeJIRV
wFQxwTkX4FS916sPL4Sw7hs=
=7Aer
-----END PGP SIGNATURE-----