[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Commercial tor offering?

On Friday 05 December 2008 01:31:04 Arrakis wrote:
> Phobos,
>  XeroBank's network doesn't use Tor. Common misnomer. But we did stay at
> a holiday inn express:
>  XeroBank uses IPSec cascades and is distinguished by have additional
> anonymity features tor doesn't employ such as mixing, crowding
> optimization, channel multiplexing, traffic padding,
> fingerprint/watermark dropping, timing-attack resistance; and properties
> tor doesn't have such as immunity to sybil attacks and exit node traffic
> injection. :)
>  http://xerobank.com/docs/onyx_whitepaper.pdf

Hi Steve,

At first glance your statement above could be taken to suggest that Onyx 
provides provably better anonymity than Tor. A second reading suggests 
that you are merely claiming Onyx deploys additional techniques that are 
regularly investigated for their anonymity properties, while at the same 
time overcoming certain attacks that Tor is still susceptible to.

Would you agree that:

- Onyx has not been the subject of independent analysis thus far, so its 
anonymity properties are an open question.
- Some of the features you describe are not proven to provide better 
anonymity (e.g. traffic padding).
- Onyx's immunity to sybil attacks and exit node injection is not explicit 
in its design. This immunity depends on the behaviour of the network 


- Are there plans afoot to open Onyx to independent investigation without 
becoming a paying customer? Does the design of the Onyx network allow such 
- Isn't the use of a small number of privately, centrally owned servers to 
provide an anonymity network inherently problematic? Doesn't the anonymity 
of the client on such a network depend almost completely on the integrity 
of the network operator (i.e. xerobank)?

Apologies if some of my questions/assumptions above could be answered or 
contradicted by reading the whitepaper in full, but I'm sure they 
represent the sentiments of many readers on this list who are a little 
skeptical of what kind of beast Onyx actually is but aren't prepared to 
analyse it in any depth. This would certainly be a good opportunity for 
clearing such matters up with or-talk cynics such as myself.

> Steve
> phobos@xxxxxxxxxx wrote:
> > On Thu, Dec 04, 2008 at 11:54:51AM -0500, ognen@xxxxxxxxxxxxxxx wrote 
0.4K bytes in 12 lines about:
> > : I am sure someone had digested this before but what would be some
> > : issues with purchasing (say) twenty different boxes around the USA
> > : with good pipes and
> >
> > Indeed.  There are at least two commercial services that use Tor;
> > IronKey and Xerobank come to mind.  I've tried neither, nor seen their
> > Tor configuration.  So, others have had the same idea as you.

Attachment: signature.asc
Description: This is a digitally signed message part.