On Fri, Jul 30, 2010 at 12:32:43PM -0700, Seth David Schoen wrote:
The simplest threat scenario for Tor users would be when an
attacker in a position to observe a particular user's traffic,
but not any exit node traffic, hypothesizes that the user is
likely to visit a particular site and
Steven J. Murdoch writes:
Yes, this has been a known risk with all currently deployed
low-latency anonymity systems. One recent paper which looked at the
problem was discussed here:
Thanks for these references.
--
Seth Schoen
Senior Staff Technologist sch...@eff.org
On Sun, Aug 1, 2010 at 8:02 PM, Gregory Maxwell gmaxw...@gmail.com wrote:
...
The overhead of padding schemes that I've seen, either end to end
type, or hop-based for free routed networks as presented above, are
simply too large to be practical.
perhaps DLP with SFQ and datagram transport.
On Sun, 1 Aug 2010 23:02:53 -0400
Gregory Maxwell gmaxw...@gmail.com wrote:
On Sun, Aug 1, 2010 at 9:07 PM, Steven J. Murdoch
tortalk+steven.murd...@cl.cam.ac.uk wrote:
[snip]
To fix this attack, systems can add dummy traffic (padding), delay
packets, and/or drop packets. Tor adds a bit of
On Fri, Jul 30, 2010 at 12:32 PM, Seth David Schoen sch...@eff.org wrote:
...
The researchers suggest that web application developers should use
padding to make different activities on their sites less
distinguishable. That sounds pretty optimistic to me. I've heard
other privacy
While trying to find more information about the Hansen and Sokol
talk at BlackHat, I found that Hansen had recommended this recent
paper
http://www.informatics.indiana.edu/xw7/WebAppSideChannel-final.pdf
which describes practical traffic analysis of particular sites
that use HTTPS (just by
6 matches
Mail list logo
