[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
- To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
- From: Mark McCarron <mark.mccarron@xxxxxxxxxx>
- Date: Fri, 27 Jun 2014 21:54:58 +0100
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Fri, 27 Jun 2014 16:57:23 -0400
- Importance: Normal
- In-reply-to: <20140627153801.0000732c@unknown>
- List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
- List-help: <mailto:email@example.com?subject=help>
- List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
- List-post: <mailto:firstname.lastname@example.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:email@example.com?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:firstname.lastname@example.org?subject=unsubscribe>
- References: <DUB121-W32E5B8525EB5756FB0DD73C8190@xxxxxxx>, <53AB3C75.4020105@xxxxxxx>, <DUB121-W401DDF2EB0B4F36357ADA2C8190@xxxxxxx>, <53AB742E.5000400@xxxxxxxxxx>, <DUB121-W1602424B2673FF14097129C8180@xxxxxxx>, <53ABAAFA.1040406@xxxxxxxxxx>, <CAJVRA1Tydi5nB544ggjZM2BvPXC=zGr_8AReO0qP_pxQ3me4UA@xxxxxxxxxxxxxx>, <CAD2Ti2_F_Zbt8uL5s=hNXaNapnof2KSOPZFVgN3B-qxp5JtQqA@xxxxxxxxxxxxxx>, <CAJVRA1QzUniu3cLgqLitZR7tp4TchrqD+Ak_Os0Hrm2Oe9aScw@xxxxxxxxxxxxxx>, <DUB121-W20A3812716DFD202050E82C81B0@xxxxxxx>, <20140627153801.0000732c@unknown>
- Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
- Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
We also need to consider that some unidentified flaws exist in the code, but I agree with you traffic analysis is certainly the major problem at present. Traffic obfuscation will not work against the NSA and it would cause problems with the network.
The only option is to offer hosting within the Tor network itself. Such hosting would need to be fragmented/distributed, or we could be exposing Tor providers to prosecution. That is, pages and backend access are delivered by composing them from multiple random nodes. It would probably best to start with Nginx or Apache and then modify it. That's a complex design, but robust and the traffic analysis would yield little-to-no actionable information.
Does anyone have any other ideas?
> Date: Fri, 27 Jun 2014 15:38:01 -0300
> From: juan.g71@xxxxxxxxx
> To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> Subject: Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
> On Fri, 27 Jun 2014 10:53:46 +0100
> Mark McCarron <mark.mccarron@xxxxxxxxxx> wrote:
> > Well, I think this is settling down into a proper discussion. Whilst
> > the hypothesis is untested, leveraging illegal activity, especially
> > reviled illegal activity, as a metric for the quality of anonymity
> > and security provided by Tor is a sound strategy.
> > As mentioned before, the 'canary' is dead and we need to understand
> > why.
> Easy. Tor, by design, is useless against
> governments that can do traffic analysis. For instance, the US
> Notice that this fact is mentioned in tor´s ´fine print´ so to
> speak. Once in a while some developer would mention that
> traffic correlation is trivial if you can watch traffic in and
> out of the network. And then, it seems as if everyone forgets
> that little fact.
> And so we have amusing tor lackeys like ¨coderman¨
> parroting propaganda that not even the tor developers
> themselves believe.
> So, how did the american gestapo get freedom hosting and silk
> road? Traffic analysis.
> Also, in case that great ´security´ ´experts´ such as
> coderman and other tor lackeys on this list havent been reading
> the mainstream media :
> It is now common knowledge that the nsa gives information to
> ´ordinary´ cops, and that ´ordinary´ cops then pretend
> they got the information doing ´police work´
> Given that this is a global phenomenon, then we need to examine
> > the factors that effect this group. The primary factor would be the
> > software itself. A secondary factor would be the law, but this is
> > not a consistent factor across the world.
> > What other consistent factors are there?
> > Regards,
> > Mark McCarron
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to