[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Network Analysis of Overlay Networks, Capabilities, Fill Traffic [was: VPN less safe?]

On Tue, 26 Jan 2016 18:49:53 -0500
grarpamp <grarpamp@xxxxxxxxx> wrote:

>> virtually all the world's infrastructure is 'compromised'?  

> The USA and Soviets have decades experience tapping cables
> around the globe in a cold war sense.

	I think the paper is mostly referring to what governments
	laughably call 'lawful' interception? 

> >         Also, is there a more concrete analysis of what can be
> >         achieved by monitoring traffic on those cables?
> Did you just push a bunch of packets over time into your ISP and
> have google send replies back? Well, they can see both ends, so
> they saw that traffic pattern in and out, and back in and out, so
> they know who's talking to who and when.

	I know... Notice that I'm further asking "how easy it is...to
	find users...servers" 

	But yes, my question was ambiguous. By "what can be achieved"
	 I'm asking  : how effective the traffic analysis
	 techniques are? 

> In addition to simple taps, they can also deploy passive or
> active nodes 

	True of course, so 'easy' becomes even easier...

> Tor and other networks are good at hiding endpoints (users, servers)
> from each other,

	Something any ordinary proxy can do most of the time. Even
	ISPs/the 'interweb' by their own nature hide 'ordinary' users
	from each other.

> However when it comes to such global (and regionally lucky) passive
> adversaries, and adversaries operating the networks themselves, I
> seriously doubt anyone can say with a straight face that these
> networks protect against network analysis... who is talking to
> who and when.

	In other words, tor is a failure. Unless of course we correctly
	see it as a tool for the US military.

> It would be harder for that analysis to succeed against networks
> that filled between all the nodes with fill traffic 

	Yeah. Even a 10 seconds visit to wikipedia sheds light on


	" When no actual messages are being sent, the channel can be
	masked by sending dummy traffic" 

> Mindset, OMG bandwidth, probably
> buzzkills most research before it gets started.

	That seems somewhat odd given the tens of thousands of millions
	of stolen money 'allocated' to 'research' every year.

> Here's some recent mostly tor specific threads if anyone's interested,
> plus whatever else has come up whenever I've mentioned this.
> https://lists.torproject.org/pipermail/tor-dev/2016-January/010257.html
> https://lists.torproject.org/pipermail/tor-dev/2016-January/010290.html


> Users often have better knowledge of the laws, operations and
> general feel in their countries 

	That may be so. In that case we are not talking about
	'beliefs' but about actual knowledge.

> and locales and areas of expertise
> than a handful of distant project maintainers largely based
> in one geopolitical exposure might have. You can download
> science, but you need more than that to win a street fight.

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to