[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
From: coderman <coderman@xxxxxxxxx>
Date: Sun, 29 Jun 2014 23:15:52 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 30 Jun 2014 02:26:32 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=6kd3JKqneI59Wp5qYD9jMUOL7y3uFVrbi1v4VH+bzgc=; b=eF6ehmN0JdHK8M+n1gZxPhanjvYKLjtyVALiZKJUIz+A1vM3SZ1oR10gh53LfwWqA7 9+hpi3O2qzjhuRwYw6KNvLd8Gg8F/qRDIaQxYUgHqf+eOPpQFHqpFr5cAWnjSTL8Y9Wx NRnD/w0bHg6GgcO3VXoUndb0hVr44NDPVWo65HgEVyo+cDnvxGc8+oHN2GeWZJRcGjEc qB+RYiPxvu2K0f82xm+dkoc3xxNHwh+q5Qv23frQ3XT+3GyMFaqBSUH2aVTn1WBP75S0 V9THkTKXigvpd85Nk3bQgetbt46EtPP45djinpx4SeyK63+M12hucM0aY+qHOJ4D+gi1 w7Bw==
In-reply-to: <DUB121-W43F2345CAFFFDA68EFB8A5C8050@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAJVRA1Tydi5nB544ggjZM2BvPXC=zGr_8AReO0qP_pxQ3me4UA@xxxxxxxxxxxxxx> <CAD2Ti2_F_Zbt8uL5s=hNXaNapnof2KSOPZFVgN3B-qxp5JtQqA@xxxxxxxxxxxxxx> <CAJVRA1QzUniu3cLgqLitZR7tp4TchrqD+Ak_Os0Hrm2Oe9aScw@xxxxxxxxxxxxxx> <DUB121-W20A3812716DFD202050E82C81B0@xxxxxxx> <20140627153801.0000732c@unknown> <CAJVRA1SWot6NxuTQp+KTYRz-f2HWy0S+N=CHRQ2aWgeX1j_5Lg@xxxxxxxxxxxxxx> <20140628111900.00000808@unknown> <DUB121-W272A32F9E91A912C390F4FC81A0@xxxxxxx> <CAOsGNSRgZfy7Z5UgNeDR5pR1E4n2zkB2U9=2w8uQhUfw+C_Raw@xxxxxxxxxxxxxx> <DUB121-W1569A0B26038589393C77C8050@xxxxxxx> <20140629123120.GG7408@xxxxxxxxxxxxxx> <20140629182427.00004bd3@unknown> <CAJVRA1Rmky8cgEvdViQAAcJ1kFUzjQhCHqgsgP19c33-hbDWkQ@xxxxxxxxxxxxxx> <DUB121-W43F2345CAFFFDA68EFB8A5C8050@xxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Sun, Jun 29, 2014 at 4:53 PM, Mark McCarron <mark.mccarron@xxxxxxxxxx> wrote:
> ...
> We already know from the Snowden releases that the physical infrastructure for this is in place.  That it spans at least 33 nations covering all major fiber links.  Within the US, all traffic is copied verbatim at major exchanges.  In other nations, metadata can be shared to complete the picture.

this is just one part of a series of costs; how much raw DPI capacity
(it is finite)? how much memory/storage for backtrace to some hours
window? 30day window? how much engineering time (earth human hours) to
implement the collection, classification, and analysis of all flows in
daily time? in near-real-time (<60sec)? how is accuracy beyond doubt
identified? how much does additional accuracy in shorter time cost?

> We know that the physical infrastructure and regulatory frameworks are there, thus that must be going somewhere and as its metadata, that implies traffic analysis.
>
> So, its a patchwork model and the costs are spread across many nations and information sharing to isolate sites is policy driven.

you trivialize too much; over and under estimate.  justify the costs
you quantify in detail - what you throw around above betrays a lack of
understanding of the constraints of collection at global scale.

as i keep restating another way, no matter how many times you call it a cop out:
  if global traffic analysis against Tor is expensive, the ability to
pwn every endpoint with rare exception so cared about, using Tor or
not, is cheaper - your reasonable adversary will do that!
 ... more value for less money.

(this is perhaps one of the more interesting details to emerge across
the Snowden leaks - the technical constraints and evolution of the
offensive platform (TAO) and the scale (SSO/GAO) of the technical
processes (QUANTUM*/TURB*|TURM*) applied and where the most resources
are applied year over year.)

last but not least, please note that i am in Paris for the drinking
chocolate.  ;)
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: grarpamp

References:
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: coderman
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: grarpamp
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: coderman
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: Mark McCarron
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: Juan
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: coderman
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: Juan
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: Mark McCarron
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: Zenaan Harkness
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: Mark McCarron
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: Roger Dingledine
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: Juan
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: coderman
- Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
  - From: Mark McCarron

Prev by Author: Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
Next by Author: Re: [tor-talk] High-latency hidden services (was: Re: Secure Hidden Service (was: Re: ... Illegal Activity As A Metric ...))
Previous by thread: Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
Next by thread: Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity
Index(es):
- Author
- Thread