[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Question for those who say "Tor is pwned"
On Tue, 21 Jun 2016 00:19:39 -0400
Paul Syverson <paul.syverson@xxxxxxxxxxxx> wrote:
I
> "A Peel of Onion". Here's an excerpt:
>
>
> Mixes are also usually intended
> to resist an adversary that can observe all traffic everywhere and,
> in some threat models, to actively change traffic.
> Onion routing
> networks are generally completely broken against an adversary who
> observes both ends of a communication path.
> Thus, onion routing
> networks are designed to resist a local adversary, one that can only
> see a subset of the network and the traffic on it.
>
So, the bottom line yet again is :
1) tor and tor-like networks can only (and ideally) protect
users from 'local' adversaries
2) HOWEVER, all the marketing and outright lies surrounding tor
clearly pretend that tor provides "anonimity" without even
paying too much attention (if any) to the 'threat model'.
You might want to take a look at the *home page* of this
address https://torproject.org
>
> Right. I actually think calling the traffic and routing security Tor
> primarily provides "anonymity" is a bit misleading and gets people to
> confuse the primary security properties mix networks provide with the
> primary security properties that onion routing networks
> provide. Cf. more about this in my "Why I'm not an Entropist". But I
> accept that this usage is now ingrained and not subject to correcting
> even if the theory supports it.
And it's highly convenient for you, too!
>
> [snip]
> >
> >
> > I didn't say that. What I say is that you know the design is
> > limited and flawed and yet you promote it. Saying that there
> > isn't anything better is not a valid excuse.
>
> D'accord. I'll agree with you that this design is limited and flawed
> in that it is merely the best thing of its type available or that
> anyone, anywhere has thought of.
Wow. This level of arrogance is - almost - unbelievable.
> And I apologize and make no excuse
> for my inability to come up with something better than the secure
> system designs of the best minds in this area on the planet---minds
> which I readily state totally kick my ass.
>
> >
> > Furthermore, tor may be 'optimal' given certain assumptions
> > or objectives, but that doesn't mean it is the only solution for
> > all kind of users.
>
> Nobody said it was.
> Anything for real use always involves many
> compromises. The best we can do is be as explicit as we can about our
> choices, the reasons for making them, and the consequences we can
> discern. People can then make an informed decision to use our systems
> or not.
They won't make any informed decision with all the propaganda
the tor project manufactures.
There's something even more weird. Even when you personally
publish 'academic papers' which show the true colors of your
system(failure), the audience still believes that tor is great!
I have to admit you are masters at manipulating people. Then
again, the audiance has been thoroughly dumbed down by The
State Project.
>
> [snip]
> >
> >
> > Have padding, mixing and using fill-traffic all ruled out,
> > why?
>
> Too briefly: these add huge overhead to the network, break underlying
> protocols and/or hurt performance (which has been shown time-and-again
> to drive real users of real systems to insecure alternatives, hence
> hurting security overall), and none have been shown to provide strong
> security against an active adversary for low-latency (i.e., practical)
> systems.
I won't get into a more detailed discussion because I admitedly
haven't thought about the problem in more depth, but as far as
I can tell tor still uses a conceptually simple, and limited
design. The idea that such a design is 'optimal' doesn't strike
me as reasonable.
Furthermore, you might argue that 20 years ago protection
against a 'local' adversary was all that was needed. Which
today is obviously not the case.
Somehow you are not making that claim...
>
> I think there are some things we maybe could do with mixing and
> synchronization to raise the bar at least a little against a _passive_
> adversary. I have told many researchers my thoughts about this, but so
> far nobody has taken it up that I know of.
Go figure. Despite getting hundreds of millions in stolen
money, I mean, 'research grants', and being the most smartest
beings in the whole universe, they get nowhere...
> I would like to look into
> it myself, but I already have a many-years backlog of more important
> (more likely to make a real difference IMO) research questions to
> answer.
>
> Disengaging.
>
> aloha,
> Paul
>
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk