On Tue, Mar 01, 2016 at 03:15:44AM -0500, grarpamp wrote: > On 3/1/16, Georgi Guninski <[email protected]> wrote: > > Is jitter/fill traffic full solution? > > Again, to what threat model? > >
The threat model is the entire world -- in real life do you care much what accident will "own" your life? If this is too broad for you, the threat model are state sponsored actors including NSA. > You mean like rooting a bunch of Linux nodes, 6+:1 ratio ... > > ... > Or compromising the repo or developers or 3rd party libraries... > > Or asking your friends AT&T et al to help... > > What's the threat? > Combination of many threats -- owning, timing, crypto, etc > > This is consistent with the fate of Lulzsec. > > According to the official story (which I don't believe), > > the first of them got caught because "he forgot to use > > tor when on irc..." > > Do they and their court docs officially say that? > Or just some blogger reading 4chan? Don't know about courts, here is a reference from thereg: http://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/ > Police locked onto Hector Xavier Monsegur, an unemployed 28-year-old > from New York – allegedly LulzSec hacktivist supremo Sabu – after he > apparently made the mistake of logging into an IRC chat server without > using the Tor anonymisation service (^1)
