-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 9/29/2013 10:35 PM, Christian Huitema wrote: > Traffic analysis proceeds through the collection of "meta data" > such as ip headers, e-mail headers, and other forms of signaling, > e.g. SIP headers. DNS traffic analysis also falls in that category. > Such data is easy to harvest by monitoring big conduits such as > backbone links or submarine cables. In some countries, the data is > collected by forcing traffic through a single exchange or through > some form of "national firewall." > > The current internet protocols and applications pay very little > attention to traffic analysis. We should obviously take the easy > steps, encrypt the DNS, e-mail and SIP connections. But when it > comes to IP header analysis, we have pretty few solutions. VPN, of > course, but that requires configuration. Could we change that? > I feel in general, that while we can go a long way towards making content encryption easier and more robust, and simple to use for non tech savvy users (ie, your parents, aunts, uncles, etc...), *the* single largest issue is traffic analysis of message headers. While there are legit concerns by people to troubleshoot and to identify sources of spam and bulk mail, it's just entirely too easy to build up graphs of communication patterns and who is contacting who and when they are doing it. VPN's are a possibility, but as you say, require careful configuration and setup to prevent leakage of identifying information. Tech that purports to secure or privatize your communication but that actually leaks - or worse, can be coerced into revealing your traffic, is worse than no tech at all. Mix networks, anonymous remailers, and alternative / out of band systems start looking worthy of a lot more study. Dave Nix BM-2D9jC7gYDpnfprbSXuTCGr6a2DsCAXssAc (bitmessage) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (MingW32) iQEcBAEBAgAGBQJSSRXqAAoJEDMbeBxcUNAeO+4H/RAb77DIE4bmk5HdOCstJr5L mKN+dfrwh6DIdxYny7iHqkIIGdupsIVTG6NnwjQ/BzyYvZO4cJT5ooxO2gM1SR1P +gRa6S18sqxNWthkQi2vmCT31aMU0PeP20I5G/MWg0fdvSFL0oJKqA47oD2QE8QZ zSBxdeHJ1h/kint8MGVL6AwzjMWHdJIBaD3KbsFvmYmMk36arLHBzB8cXPNeC/yc Sjbnmta+rq7b094CQR/dZcx5cpe/k+/shdnwHklXaxR+lsOilIqTOTe/Nkl2QBIZ POoCOv3DqKxhT2Jn+isVlj8cdOdlVoKNx8RviaPogjmVWbNmshjQeD55Aviu1G0= =ozsk -----END PGP SIGNATURE----- _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
