> believe that the "global external passive adversary" does exist > though (via ... secret rooms that splice cables and copy off > traffic in transit)
The historical existence and use of taps, whether for international/local intrigue, criminal, research or black/white ops, with or without clear legal authority, is well documented. Even moreso is the public product line developed / purchased and capable of use by various GPA's... carnivore, narus, sql, tcpdump, fiber toys, etc. As is the base interest in research towards any potential application. It should be assumed that GPA's are actively present, at minimum in highly active research mode. At most, that remains to be seen. > try to bring their success > rates low enough that their incentive might switch to becoming a > "local internal adversary", where they have to actually run Tor nodes > to get enough information to perform their attacks. Further, simply because there is not sufficient evidence to the contrary, and because the history of cover ops and secrecy is equally documented... it should be assumed that any sufficiently large number of anonymity nodes are, in fact, not run by disinterested kids in their mom's basement. Just because the IP says residential dsl/cable, some corp or colo somewhere, or even signed by some seemingly well known internet figure... as opposed to mapping back to any given adversary... does not give the user reason to dismiss them. The monetary cost of owning a kilonode or two is of trivial impact to an agent capable of making productive use of such a set. Agreed, writing off a known [or unknown hypothetical] strong adversary is far better than disbelief in same or failing to see one at all. *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/