Hi all, On Thu, Apr 26, 2012 at 12:44 AM, Jacob Appelbaum <ja...@appelbaum.net>wrote:
> Practically, I also think that mixmaster is an example of "great on > paper" and soon we'll see how it works out in the real world. Now that > the FBI is taking nodes left (in New York last week) and right (in > Austria this week) - we'll note that some of these anonymity properties > are coming up for a serious test. For example, if you don't compose Tor > and Mixmaster together, what happens when you're the only person to ever > connect to Mixmaster? I think the answer is that you're a suspect, > cryptographic evidence be damned. Note (the arrested and alleged Stratfor hacker) Jeremy Hammond's complaint ( http://www.wired.com/images_blogs/threatlevel/2012/03/Hammond-Jeremy-Complaint.pdf) says an "FBI TOR network expert analyzed the data from the Pen/Trap and was able to determine that a significant portion of the traffic from [Hammond and others'] CHICAGO RESIDENCE to the Internet was TOR-related traffic." It goes on to say "[Hammond's] Apple MAC address was the only MAC address at the CHICAGO RESIDENCE that was connecting to known TOR network IP addresses. The defendant [...] has discussed with [the informant Sabu] that he used the TOR network" and elsewhere defines Tor as "a system designed to enable users to access the Internet anonymously [...]" Because the FBI connected the only Tor use the Pen/Trap picked up with Hammond's specific MAC address, and because as Jacob pointed out elsewhere in this thread "members of police forces around the world use Tor, as does the Internet Watch Foundation," the Hammond complaint does not per se indicate that the FBI finds Tor use in itself suspicious. (Nor am I trying to knock Tor; I myself use it.) But -- the FBI has a Tor network expert? I wonder what the expert's job duties are, how many Tor experts they have, and what implications there might be of the FBI having a Tor expert(s). Anyone know? There is also the issue of ISPs throttling or potentially throttling Tor traffic, which is a form of suspicion. This is a tangent, but I wonder why Hammond didn't routinely spoof his MAC address. I guess it wouldn't have mattered, though. :-Douglas
_______________________________________________ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
