On Fri, Oct 04, 2013 at 05:43:32PM +0200, Griffin Boyce wrote: > There's been a really interesting document to come out of the Guardian > todhttp://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-documenay: > http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document > > Interestingly: > - NSA/GCHQ was fingerprinting using Flash > - They were wondering whether to flood the network with slow > connections in order to discourage users > - Cookie leakage > - Timing attacks > - Supposed bug in TorButton mid last year > > There are some questions in my mind as to the legitimacy of this > document -- particularly given that a slide is marked 2007, but > references 2012. (In particular, neither Torservers nor TorButton > existed in 2007). > > Thoughts? I think "flood the network with slow connections" is a mis-read; they seemed to be speaking of slow nodes that falsely advertise high bandwidth, an attack which won't work since we now cap unmeasured bandwidths to 20 kbit/sec IIRC. Their evident interest in this sort of thing suggests we should examine the bwauth system more closely to be sure the node can't distinguish a bwauth measurement from other connections, though - otherwise they could still manipulate the path selection weights like that. -- Andrea Shepard <andrea@xxxxxxxxxxxxxx> PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF DE79 A4FF BC34 F01D D536 PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5 DF7E 4191 13D9 D0CF BDA5
Attachment:
pgp6bkJFx8Nz9.pgp
Description: PGP signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk