Florent Daigni?re (NextGen$) wrote: > * Matthew Toseland <toad at amphibian.dyndns.org> [2007-02-11 00:50:31]: >> http://www.securityfocus.com/infocus/1843/3
Nasty - see also http://www.cs.ucr.edu/~tkarag/papers/BLINC.pdf > We are safe from that when using darknet ;) Right, we just look like someone holding ten simultaneous 72-hour Skype conversations. ;-) > According to the end of the article, they plan to use size of packets to > identify the p2p traffic as well ... We are immune to that too as we do > use random size padding, aren't we ? Only if everyone else uses random padding with the same statistical distribution... There seems to be two approaches we could take: 1) Standardising approach: try to persuade a wide range of P2P and VoIP projects to use the same encrypted UDP protocol. Lots of effort and unlikely to succeed, but if it works we can hide among a large amount of traffic, some of which will be politically awkward to block. 2) Guerrilla approach: keep writing new transport plugins and try to stay ahead of the filters. The problem is that you know when you've been filtered, but you don't know when you've been logged. Cheers, Michael
