[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor and HTTPS graphic



On Tue, Mar 6, 2012 at 23:04, Paul Syverson <syverson@xxxxxxxxxxxxxxxx> wrote:
> The suggestion was that people _stop_ working on
> defeating the GPA, which is unrealistic as both too strong (global)
> and too weak (passive).

While this may be true in the theoretical sense, it doesn't mean that
one can't make correlation attacks less practical. I find it hard to
believe that right now NSA, for instance, has Tor traffic analysis
tightly integrated into its worldwide communications sniffing
framework, simply because it's too much of a logistic problem, and
anonymous networks are unlikely to be sufficiently high-profile
targets so as to warrant expending the resources to deal with the
logistics (yet). But I think that it is entirely believable that NSA
has a dedicated project (even if only for research purposes) where the
traffic from all known relays (a relatively stable pool of ~3000
nodes?) is sniffed and analyzed — that would be relatively simple to
setup and maintain, given the unlimited interception capabilities. And
you can combat the latter — by extending and popularizing the entry
bridges concept, implementing exit bridges, making all clients relays
by default (even if that won't contribute significant bandwidth), etc.

-- 
Maxim Kammerer
Liberté Linux (discussion / support: http://dee.su/liberte-contribute)
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk