On Fri, Nov 14, 2014 at 7:42 PM, Roger Dingledine <[email protected]> wrote: > On Fri, Nov 14, 2014 at 06:20:16PM -0500, grarpamp wrote: >> Professor Sambuddho Chakravarty, a former researcher at Columbia >> http://thestack.com/chakravarty-tor-traffic-analysis-141114 >> https://mice.cs.columbia.edu/getTechreport.php?techreportID=1545&format=pdf > > I put up a few pointers here for readers to get up to speed: > https://blog.torproject.org/blog/traffic-correlation-using-netflows > > There sure are a lot of things going on in Tor-land these days, but I > don't think this has much to do with any of the other recent stories. > Rather, some journalist thought this would be a great time to drop > another story. > > In summary, it's great to see more research on traffic confirmation > attacks, but a) traffic confirmation attacks are not a new area so don't > freak out without actually reading the papers, and b) this particular one, > while kind of neat, doesn't supercede all the previous papers.
'Tor Stinks', well yes, both in: - how hard it is to for adversaries to attack using certain methods - how poorly it defends against other methods of attack If your threat model is the former, use with confidence. If your threat model is the latter, stop using it. [Of course there's a broad middle area too.] I'd suggest it's entirely appropriate to freak out whenever any attack appears that forces you to transition from the former category [closer] to the latter. Particularly if it can be applied ex post facto, such as through analysis of recorded traffic. The piling on of similar papers may be redundant, but the message regarding particular threat models is not. Even with attacks with relatively high false positive rates that also have a much greater true positive rate, adversaries in places that don't have restrictions on such errormaking will simply round everyone up. In that sense, they are valid messages too. Speaking of what stinks and what can be used, where, and against what... Tor does a lot of research, it should put up a simple checklist matrix page for that... attacks and uses it's good for, and those it isn't. Link it to relevant sets of papers. And include in the matrix comparisons to other projects like Freenet, I2P, Retroshare, mailmixes, etc. The anonbib's of the various projects are good for developers, but users need to see a much simpler one page matrix on a wiki. No reason other projects can't contribute there as well. Giving and taking comparisons is part of doing it better. -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
