[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Subject: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 22 Feb 2016 14:42:51 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 22 Feb 2016 09:43:01 -0500
In-reply-to: <047.b589d1c80a79d4dcd3294111da9cdbd1@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.b589d1c80a79d4dcd3294111da9cdbd1@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |
------------------------------------------+--------------------------

Comment (by cypherpunks):

 CAPTCHAs are a fundamentally untenable solution to dealing with DDOS
 attacks. Algorithmic solutions will always catch up to evolving CAPTCHA
 methods. CloudFlare and other service providers should recognize that is
 the inevitable direction technology is going and abandon it now.

 An alternate solution is a client proof-of-work protocol. This puts a
 greater burden on attackers attempting to establish many connections than
 on users who only need one connection. Then once a TLS session is
 established, the server can determine from behavior of that client whether
 it's an attacker and drop the connection. We should try to standardize
 that and get it into TLS implementations so service providers have an easy
 configuration choice.

 https://tools.ietf.org/html/draft-nir-tls-puzzles-00

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:47>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
Next by Author: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
Previous by thread: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
Next by thread: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
Index(es):
- Author
- Thread