[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor and HTTPS graphic



On Wed, Mar 7, 2012 at 12:20 AM, Seth David Schoen <schoen@xxxxxxx> wrote:
> andrew@xxxxxxxxxxxxx writes:
>
> I was concerned that the graphic should not make people think that
> _no one_ can ever associate them with their browsing when they use
> Tor.  I've been taught to think of the GPA threat (and other traffic
> correlation threats) as real, so I thought people should have some
> indication of those threats.

Now bear in mind that I'm just a Raccoon, but some time ago I scrawled
a proof out that showed that the correlation accuracy of a "dragnet
GPA" goes down in proportion to the square of the number of concurrent
users using an anonymization service:
http://archives.seul.org/or/dev/Sep-2008/msg00016.html

The belief that you can test a correlation system independent of a
population size is called the Base Rate Fallacy, and I believe much of
the PETS timing attack literature suffers from it. In that post I
demonstrated the effect the Fallacy has on dragnet correlation. I also
gave some example calculations for how accuracy changes from different
points of network surveillance with respect to population size and
correlation accuracy.

With end-to-end encryption and proper Tor cell size choice, the NSAs
odds of watching everyone all the time (Example 1 in my post) and
getting the correlation right are low and do clearly drop as more
people use Tor.

Therefore, I think the most accurate representation would be to put a
question mark next to the data link between the two NSA dudes in your
graphic, because they aren't exactly sharing perfectly; they are
consulting each other, correlating observed traffic patterns with some
error rate, and rolling the dice. A question mark captures this well.

Putting "Capabilities Uncertain" underneath the question mark or as a
footnote might be even better, if we already have newspaper articles
citing the graphic as proof Tor is broken...


P.S. To the list administrators, it looks like the new archives have
truncated my proof at the new archive:
https://lists.torproject.org/pipermail/tor-dev/2008-September/002493.html
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk