[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] New Astoria Tor client is said to be better than plain Tor



Hey Sophie,

On Sun, May 24, 2015 at 8:35 AM, Sophie Hassfurther <
sophie@xxxxxxxxxxxxxxxxxxxxx> wrote:

> Hi Rishab,
>
> Rishab Nithyanand:
> > I would like to stress that most of the news articles I've come across
> have
> > some incorrect claims. It is sad that none of them got in touch with us
> > before publishing their stories.
> I had the same impression. I do not know the author, but I read your
> paper and checked it back with the article [1]. It made me think that
> the latter is quite inaccurate. Even when journalists are well meaning,
> they sometimes tend to over-simplify in an effort to put things in terms
> that people will understand.
>
> The most striking part of the article for me was this:
>
> "A full 58 percent of Tor circuits are vulnerable to network-level
> attackers, such as the NSA or Britainâs Government Communications
> Headquarters (GCHQ), when they access popular websites, according to new
> research from American and Israeli academics. Chinese users are the most
> vulnerable of all to these kinds of attacks, with researchers finding
> 85.7 percent of all Tor circuits from the country to be vulnerable.
>
> Even though Tor is designed to provide complete anonymity to its users,
> the NSAâs position means they can potentially see and measure both
> traffic entering the Tor network and the traffic that comes out. When an
> intelligence agency can see both, simple statistics help an autonomous
> system at their control match the data up in a timing attack and
> discover the identity of the sender.
>
> Anonymity over."
>
> The author makes it sound as if all Tor traffic was vulnerable to
> attacks by the infamous agencies in two out of three times. And looking
> into my magic crystal ball, I know which media will quote that exact
> fallacy as a fact and exploit it.
>
> I read your paper, but I am not sure I comprehended it. From how I
> understand it, this section of the Dailydot article should read
> something like:
>
> A full 58 percent of the *times* Tor creates a circuit, it creates it in
> such a way that, *if* a potential adversary, such as the NSA or
> Britainâs Government Communications Headquarters (GCHQ), operates the
> relays chosen in an autonomous system, they could deanonymize users who
> access popular websites, according to new research from American and
> Israeli academics. Chinese users are the most vulnerable of all to these
> kinds of attacks, with researchers finding 85.7 percent of all Tor
> circuits from the country to be vulnerable.
>
> Then he goes on about what intelligence agencies can do, not taking into
> account, that they would have to operate a huge part of Tor to achieve
> the 58 or 85.7 percent he quotes earlier. This is critical, as it
> becomes more and more difficult to own a large part of this network, due
> to its decentralized nature and due to the fact that Tor grows.
>
> Am I mistaken?
>

That is the biggest problem I have with that article!

58.7% of the time there was *some* AS that could do a correlation attack.
Unless
the NSA or whatever 3 letter agency controlled *all* of those ASes (quite a
large
number that I don't have right now), they wouldn't be able to attack all of
those
circuits.

The author of the article basically attributes the sum of all the threats
from all
potential attackers to a single attacker (the NSA).


>
> This is a very complex matter, but *if* I understood the paper
> correctly, I think it is quite a hip research, and interesting
> conclusions are drawn.
>
>
Thanks!


> Cheers
> Sophie
>
> [1] https://www.dailydot.com/politics/tor-astoria-timing-attack-client/
>
> --
> Mag. Sophie Hassfurther
> www.sophiehassfurther.com
> PGP fingerprint:
> F13B 77D4 3641 1420 0F41 B62D 162F 2CE2 98FD 61AB
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk