[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor seems to have a huge security risk--please prove me wrong!

> believe that the "global external passive adversary" does exist
> though (via ... secret rooms that splice cables and copy off
> traffic in transit)

The historical existence and use of taps, whether for international/local
intrigue, criminal, research or black/white ops, with or without clear legal
authority, is well documented. Even moreso is the public product line
developed / purchased and capable of use by various GPA's... carnivore,
narus, sql, tcpdump, fiber toys, etc. As is the base interest in research
towards any potential application. It should be assumed that GPA's are
actively present, at minimum in highly active research mode. At most,
that remains to be seen.

>  try to bring their success
>  rates low enough that their incentive might switch to becoming a
>  "local internal adversary", where they have to actually run Tor nodes
>  to get enough information to perform their attacks.

Further, simply because there is not sufficient evidence to the contrary,
and because the history of cover ops and secrecy is equally documented...
it should be assumed that any sufficiently large number of anonymity
nodes are, in fact, not run by disinterested kids in their mom's basement.

Just because the IP says residential dsl/cable, some corp or colo
somewhere, or even signed by some seemingly well known internet
figure... as opposed to mapping back to any given adversary... does
not give the user reason to dismiss them.

The monetary cost of owning a kilonode or two is of trivial impact to an
agent capable of making productive use of such a set.

Agreed, writing off a known [or unknown hypothetical] strong adversary
is far better than disbelief in same or failing to see one at all.
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/