On Tue, 26 Jan 2016 18:49:53 -0500
grarpamp <[email protected]> wrote:
>> virtually all the world's infrastructure is 'compromised'?
> The USA and Soviets have decades experience tapping cables
> around the globe in a cold war sense.
I think the paper is mostly referring to what governments
laughably call 'lawful' interception?
> > Also, is there a more concrete analysis of what can be
> > achieved by monitoring traffic on those cables?
>
> Did you just push a bunch of packets over time into your ISP and
> have google send replies back? Well, they can see both ends, so
> they saw that traffic pattern in and out, and back in and out, so
> they know who's talking to who and when.
I know... Notice that I'm further asking "how easy it is...to
find users...servers"
But yes, my question was ambiguous. By "what can be achieved"
I'm asking : how effective the traffic analysis
techniques are?
> In addition to simple taps, they can also deploy passive or
> active nodes
True of course, so 'easy' becomes even easier...
>
> Tor and other networks are good at hiding endpoints (users, servers)
> from each other,
Something any ordinary proxy can do most of the time. Even
ISPs/the 'interweb' by their own nature hide 'ordinary' users
from each other.
>
> However when it comes to such global (and regionally lucky) passive
> adversaries, and adversaries operating the networks themselves, I
> seriously doubt anyone can say with a straight face that these
> networks protect against network analysis... who is talking to
> who and when.
In other words, tor is a failure. Unless of course we correctly
see it as a tool for the US military.
> It would be harder for that analysis to succeed against networks
> that filled between all the nodes with fill traffic
Yeah. Even a 10 seconds visit to wikipedia sheds light on
that...
https://en.wikipedia.org/wiki/Traffic_analysis#Countermeasures
" When no actual messages are being sent, the channel can be
masked by sending dummy traffic"
> Mindset, OMG bandwidth, probably
> buzzkills most research before it gets started.
That seems somewhat odd given the tens of thousands of millions
of stolen money 'allocated' to 'research' every year.
>
> Here's some recent mostly tor specific threads if anyone's interested,
> plus whatever else has come up whenever I've mentioned this.
>
> https://lists.torproject.org/pipermail/tor-dev/2016-January/010257.html
> https://lists.torproject.org/pipermail/tor-dev/2016-January/010290.html
Thanks.
> Users often have better knowledge of the laws, operations and
> general feel in their countries
That may be so. In that case we are not talking about
'beliefs' but about actual knowledge.
> and locales and areas of expertise
> than a handful of distant project maintainers largely based
> in one geopolitical exposure might have. You can download
> science, but you need more than that to win a street fight.
--
tor-talk mailing list - [email protected]
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
